From 6e9da08c5a1e4858e14fee4c2198a1757b8dc0fd Mon Sep 17 00:00:00 2001
From: zwtmichael <zhuwentao5@huawei.com>
Date: Mon, 29 Aug 2022 16:45:06 +0800
Subject: [PATCH 1/2] update to 3.37.2

Signed-off-by: zwtmichael <zhuwentao5@huawei.com>
(cherry picked from commit 7d7e9e3d73f54dd2ebc29fc32cfed851b3218736)
---
 sqlite.spec | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sqlite.spec b/sqlite.spec
index 5f91b56..23848ba 100644
--- a/sqlite.spec
+++ b/sqlite.spec
@@ -135,6 +135,9 @@ make test
 %{_mandir}/man*/*
 
 %changelog
+* Mon Sep 5 2022 zhuwentao <zhuwentao5@huawei.com> - 3.37.2-2
+- fix integer overflow on multi-gigabyte string
+
 * Mon Aug 29 2022 zhuwentao <zhuwentao5@huawei.com> - 3.37.2-1
 - update to 3.37.2
 
-- 
Gitee


From 717c579d1fa1755e6f8a01105d167ffbb24f4156 Mon Sep 17 00:00:00 2001
From: zwtmichael <zhuwentao5@huawei.com>
Date: Mon, 5 Sep 2022 15:37:14 +0800
Subject: [PATCH 2/2] fix integer overflow on multi-gigabyte string

Signed-off-by: zwtmichael <zhuwentao5@huawei.com>
(cherry picked from commit 76b8dd730a269929f16cec6c81da7fbe271dbbb3)
---
 ...-integer-overflow-on-gigabyte-string.patch | 28 +++++++++++++++++++
 sqlite.spec                                   |  6 ++--
 2 files changed, 32 insertions(+), 2 deletions(-)
 create mode 100644 0005-fix-integer-overflow-on-gigabyte-string.patch

diff --git a/0005-fix-integer-overflow-on-gigabyte-string.patch b/0005-fix-integer-overflow-on-gigabyte-string.patch
new file mode 100644
index 0000000..4163eb6
--- /dev/null
+++ b/0005-fix-integer-overflow-on-gigabyte-string.patch
@@ -0,0 +1,28 @@
+From 72210cf3c782ff30867d5c78e13900be9904ba76 Mon Sep 17 00:00:00 2001
+From: zwtmichael <zhuwentao5@huawei.com>
+Date: Mon, 5 Sep 2022 16:49:05 +0800
+Subject: [PATCH] fix integer overflow on gigabyte string
+
+Signed-off-by: zwtmichael <zhuwentao5@huawei.com>
+---
+ src/printf.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/printf.c b/src/printf.c
+index e635184..fb3689e 100644
+--- a/src/printf.c
++++ b/src/printf.c
+@@ -803,8 +803,8 @@ void sqlite3_str_vappendf(
+       case etSQLESCAPE:           /* %q: Escape ' characters */
+       case etSQLESCAPE2:          /* %Q: Escape ' and enclose in '...' */
+       case etSQLESCAPE3: {        /* %w: Escape " characters */
+-        int i, j, k, n, isnull;
+-        int needQuote;
++        i64 i, j, k, n;
++        int needQuote, isnull;
+         char ch;
+         char q = ((xtype==etSQLESCAPE3)?'"':'\'');   /* Quote character */
+         char *escarg;
+-- 
+2.25.1
+
diff --git a/sqlite.spec b/sqlite.spec
index 23848ba..6ff94b3 100644
--- a/sqlite.spec
+++ b/sqlite.spec
@@ -6,7 +6,7 @@
 
 Name:    sqlite
 Version: 3.37.2
-Release: 1
+Release: 2
 Summary: Embeded SQL database
 License: Public Domain
 URL:     http://www.sqlite.org/
@@ -19,6 +19,7 @@ Patch1: 0001-sqlite-no-malloc-usable-size.patch
 Patch2: 0002-remove-fail-testcase-in-no-free-fd-situation.patch
 Patch3: 0003-CVE-2022-35737.patch
 Patch4: 0004-fix-memory-problem-in-the-rtree-test-suite.patch
+Patch5: 0005-fix-integer-overflow-on-gigabyte-string.patch
 
 BuildRequires: gcc autoconf tcl tcl-devel
 BuildRequires: ncurses-devel readline-devel glibc-devel
@@ -65,6 +66,7 @@ This contains man files and HTML files for the using of sqlite.
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
 
 rm -f %{name}-doc-%{extver}/sqlite.css~ || :
 
@@ -136,7 +138,7 @@ make test
 
 %changelog
 * Mon Sep 5 2022 zhuwentao <zhuwentao5@huawei.com> - 3.37.2-2
-- fix integer overflow on multi-gigabyte string
+- fix integer overflow on gigabyte string
 
 * Mon Aug 29 2022 zhuwentao <zhuwentao5@huawei.com> - 3.37.2-1
 - update to 3.37.2
-- 
Gitee