A new ticket has been created at

    https://www.sqlite.org/src/info/1ec41379c9c1e400

On 9/20/16, Scott Hess <sh...@google.com> wrote:
> sqlite3MulInt64() in util.c appears to try to detect integer overflow
> by dividing the inputs by 2^32.  If both inputs are 0 when divided by
> 2^32, it does the 64-bit multiplication and moves on.
>
> In the case of something like |SELECT 3452005775*3452005775|, both
> inputs are greater than 2^31 but less than 2^32, but the result is
> greater than 2^63, so it ends up as a large negative number (ie,
> overflow, which is undefined for signed integers in C).  The smallest
> number this overflow happens to is sqrt(2^63)+1, which is 3037000500.
> Obviously there's a range of values where this can happen.
>
> No patch suggested, though I wouldn't be surprised if my brain makes a
> suggestion after things simmer for an hour or so.  If either value
> needs less than 31 bits, it can't happen, but there's not a simple bit
> pattern to check, AFAICT.
>
> -scott
> _______________________________________________
> sqlite-users mailing list
> sqlite-users@mailinglists.sqlite.org
> http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
>


-- 
D. Richard Hipp
d...@sqlite.org
_______________________________________________
sqlite-users mailing list
sqlite-users@mailinglists.sqlite.org
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

Reply via email to