commit c8d735aed30be0d41689a08dd273330a3cd63ec8
author dan <dan@noemail.net> Tue Aug 17 19:34:13 2010 +0000
committer dan <dan@noemail.net> Tue Aug 17 19:34:13 2010 +0000
tree 668dfb92d98175abab4a0c02d744a203db68ab6e
parent 0028486b7346479504b43a5bd5cd0b4e3d4bd907

Return an error when parsing "?NNN" if NNN is so large it cannot be stored as a 32-bit int.

FossilOrigin-Name: fc9014be0f00d046e7ba830a644f9ce93eca5db8

src/expr.c

diff --git a/src/expr.c b/src/expr.c
index 153751f..fd21eb5 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -554,13 +554,14 @@
   }else if( z[0]=='?' ){
     /* Wildcard of the form "?nnn".  Convert "nnn" to an integer and
     ** use it as the variable number */
-    int i = atoi((char*)&z[1]);
+    i64 i;
+    int bOk = sqlite3Atoi64(&z[1], &i);
     pExpr->iColumn = (ynVar)i;
     testcase( i==0 );
     testcase( i==1 );
     testcase( i==db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER]-1 );
     testcase( i==db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER] );
-    if( i<1 || i>db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER] ){
+    if( bOk==0 || i<1 || i>db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER] ){
       sqlite3ErrorMsg(pParse, "variable number must be between ?1 and ?%d",
           db->aLimit[SQLITE_LIMIT_VARIABLE_NUMBER]);
     }