A new ticket has been created at
On 9/20/16, Scott Hess <sh...@google.com> wrote:
> sqlite3MulInt64() in util.c appears to try to detect integer overflow
> by dividing the inputs by 2^32. If both inputs are 0 when divided by
> 2^32, it does the 64-bit multiplication and moves on.
> In the case of something like |SELECT 3452005775*3452005775|, both
> inputs are greater than 2^31 but less than 2^32, but the result is
> greater than 2^63, so it ends up as a large negative number (ie,
> overflow, which is undefined for signed integers in C). The smallest
> number this overflow happens to is sqrt(2^63)+1, which is 3037000500.
> Obviously there's a range of values where this can happen.
> No patch suggested, though I wouldn't be surprised if my brain makes a
> suggestion after things simmer for an hour or so. If either value
> needs less than 31 bits, it can't happen, but there's not a simple bit
> pattern to check, AFAICT.
> sqlite-users mailing list
D. Richard Hipp
sqlite-users mailing list