From 1ac837c4d0ee0e54d5943153c8a455a2cd95f63d Mon Sep 17 00:00:00 2001
From: Miro Stauder <miro@proxysql.com>
Date: Mon, 13 Feb 2023 15:51:57 +0100
Subject: [PATCH 1/5] Update codeql.yml

---
 .github/workflows/codeql.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c2a80663a..e8ff82c74 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -52,7 +52,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -63,7 +63,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     #- name: Autobuild
-    #  uses: github/codeql-action/autobuild@v1
+    #  uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -78,7 +78,7 @@ jobs:
 
     - if: matrix.language == 'python' || matrix.language == 'java' 
       name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     - if: matrix.language == 'cpp' 
       name: Build C++
@@ -86,4 +86,4 @@ jobs:
         make
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2

From 4f0b7342b19fb307b4d3b30ab252514f1849bd5b Mon Sep 17 00:00:00 2001
From: Miro Stauder <miro@proxysql.com>
Date: Mon, 13 Feb 2023 16:14:50 +0100
Subject: [PATCH 2/5] Update codeql.yml

---
 .github/workflows/codeql.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index e8ff82c74..7cf47901d 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -42,7 +42,7 @@ jobs:
       run: sudo apt-get update
 
     - name: Install build tools
-      run: sudo apt-get -y install make automake git wget gcc g++ libtool equivs python python3
+      run: sudo apt-get -y install make automake git wget gcc g++ libtool equivs python3
 
     - name: Install build dependencies
       run: sudo apt-get -y install libssl-dev gnutls-dev libgnutls28-dev libmysqlclient-dev libboost-all-dev libunwind8 libunwind-dev uuid-dev ca-certificates

From 9df03d4f98567ccdae81739e75dad09b2f8d4645 Mon Sep 17 00:00:00 2001
From: Miro Stauder <miro@proxysql.com>
Date: Mon, 13 Feb 2023 16:27:07 +0100
Subject: [PATCH 3/5] Update codeql.yml

---
 .github/workflows/codeql.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 7cf47901d..2d7915828 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -83,6 +83,7 @@ jobs:
     - if: matrix.language == 'cpp' 
       name: Build C++
       run: |
+        export GIT_VERSION 2.5.0
         make
 
     - name: Perform CodeQL Analysis

From 83e4dc3aef97020752ccfc947d3eb88e4f65b117 Mon Sep 17 00:00:00 2001
From: Miro Stauder <miro@proxysql.com>
Date: Mon, 13 Feb 2023 16:31:39 +0100
Subject: [PATCH 4/5] Update codeql.yml

---
 .github/workflows/codeql.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 2d7915828..509eddb16 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -83,7 +83,7 @@ jobs:
     - if: matrix.language == 'cpp' 
       name: Build C++
       run: |
-        export GIT_VERSION 2.5.0
+        export GIT_VERSION=2.5.0-0-g0000000
         make
 
     - name: Perform CodeQL Analysis

From e6150364e10566e78d7cdde6dc8d09f32229aa9e Mon Sep 17 00:00:00 2001
From: Miro Stauder <miro@proxysql.com>
Date: Mon, 13 Feb 2023 18:04:18 +0000
Subject: [PATCH 5/5] fixes for issues detected by CodeQL

---
 deps/Makefile                                 | 10 +++---
 deps/libev/ev.c-multiplication-overflow.patch |  6 ++--
 .../sqlite3.c-multiplication-overflow.patch   | 31 ++++++++-----------
 3 files changed, 21 insertions(+), 26 deletions(-)

diff --git a/deps/Makefile b/deps/Makefile
index e3e973c96..83896973b 100644
--- a/deps/Makefile
+++ b/deps/Makefile
@@ -114,7 +114,7 @@ libhttpserver: libhttpserver/libhttpserver/build/src/.libs/libhttpserver.a
 libev/libev/.libs/libev.a:
 	cd libev && rm -rf libev-*/ || true
 	cd libev && tar -zxf libev-*.tar.gz
-#	cd libev/libev && patch ev.c < ../ev.c-multiplication-overflow.patch
+	cd libev/libev && patch ev.c < ../ev.c-multiplication-overflow.patch
 	cd libev/libev && ./configure
 	cd libev/libev && CC=${CC} CXX=${CXX} ${MAKE}
 
@@ -251,7 +251,7 @@ endif
 	cd mariadb-client-library/mariadb_client && patch libmariadb/mariadb_rpl.c < ../mariadb_rpl.c.patch
 	cd mariadb-client-library/mariadb_client && patch include/mariadb_rpl.h < ../mariadb_rpl.h.patch
 	cd mariadb-client-library/mariadb_client && CC=${CC} CXX=${CXX} ${MAKE} mariadbclient
-# cd mariadb-client-library/mariadb_client/include && make my_config.h
+#	cd mariadb-client-library/mariadb_client/include && make my_config.h
 
 mariadb_client: mariadb-client-library/mariadb_client/libmariadb/libmariadbclient.a
 
@@ -260,7 +260,7 @@ sqlite3/sqlite3/sqlite3.o:
 	cd sqlite3 && rm -rf sqlite-amalgamation-*/ || true
 	cd sqlite3 && tar -zxf sqlite-amalgamation-*.tar.gz
 	cd sqlite3/sqlite3 && patch -p1 < ../from_unixtime.patch
-#	cd sqlite3/sqlite3 && patch sqlite3.c < ../sqlite3.c-multiplication-overflow.patch
+	cd sqlite3/sqlite3 && patch sqlite3.c < ../sqlite3.c-multiplication-overflow.patch
 	cd sqlite3/sqlite3 && ${CC} ${MYCFLAGS} -fPIC -c -o sqlite3.o sqlite3.c -DSQLITE_ENABLE_MEMORY_MANAGEMENT -DSQLITE_ENABLE_JSON1 -DSQLITE_DLL=1
 	cd sqlite3/sqlite3 && ${CC} -shared -o libsqlite3.so sqlite3.o
 
@@ -294,7 +294,7 @@ re2/re2/obj/libre2.a:
 	cd re2 && tar -zxf re2-*.tar.gz
 #	cd re2/re2 && sed -i -e 's/-O3 -g /-O3 -fPIC /' Makefile
 #	cd re2/re2 && patch util/mutex.h < ../mutex.h.patch
-#	cd re2/re2 && patch re2/onepass.cc < ../onepass.cc-multiplication-overflow.patch
+	cd re2/re2 && patch re2/onepass.cc < ../onepass.cc-multiplication-overflow.patch
 ifeq ($(UNAME_S),Darwin)
 	cd re2/re2 && sed -i '' -e 's/-O3 -g/-O3 -g -std=c++11 -fPIC -DMEMORY_SANITIZER -DRE2_ON_VALGRIND /' Makefile
 #	cd re2/re2 && sed -i '' -e 's/RE2_CXXFLAGS?=-std=c++11 /RE2_CXXFLAGS?=-std=c++11 -fPIC /' Makefile
@@ -310,7 +310,7 @@ re2: re2/re2/obj/libre2.a
 pcre/pcre/.libs/libpcre.a:
 	cd pcre && rm -rf pcre-*/ || true
 	cd pcre && tar -zxf pcre-*.tar.gz
-#	cd pcre/pcre && patch pcretest.c < ../pcretest.c-multiplication-overflow.patch
+	cd pcre/pcre && patch pcretest.c < ../pcretest.c-multiplication-overflow.patch
 	cd pcre/pcre && ./configure
 	cd pcre/pcre && CC=${CC} CXX=${CXX} ${MAKE}
 
diff --git a/deps/libev/ev.c-multiplication-overflow.patch b/deps/libev/ev.c-multiplication-overflow.patch
index e72cdc9bf..45ffc4b2c 100644
--- a/deps/libev/ev.c-multiplication-overflow.patch
+++ b/deps/libev/ev.c-multiplication-overflow.patch
@@ -1,4 +1,4 @@
-@@ -1937,7 +1937,7 @@
+@@ -2253,7 +2253,7 @@
    while (cnt > ncur);
  
    /* if size is large, round to MALLOC_ROUND - 4 * longs to accommodate malloc overhead */
@@ -7,7 +7,7 @@
      {
        ncur *= elem;
        ncur = (ncur + elem + (MALLOC_ROUND - 1) + sizeof (void *) * 4) & ~(MALLOC_ROUND - 1);
-@@ -1953,7 +1953,7 @@
+@@ -2269,7 +2269,7 @@
  array_realloc (int elem, void *base, int *cur, int cnt)
  {
    *cur = array_nextsize (elem, *cur, cnt);
@@ -15,4 +15,4 @@
 +  return ev_realloc (base, (long) elem * *cur);
  }
  
- #define array_init_zero(base,count)	\
+ #define array_needsize_noinit(base,offset,count)
diff --git a/deps/sqlite3/sqlite3.c-multiplication-overflow.patch b/deps/sqlite3/sqlite3.c-multiplication-overflow.patch
index 364c7c52a..fa853379c 100644
--- a/deps/sqlite3/sqlite3.c-multiplication-overflow.patch
+++ b/deps/sqlite3/sqlite3.c-multiplication-overflow.patch
@@ -1,18 +1,13 @@
-@@ -103301,7 +103301,7 @@
-   int n = *pnEntry;
-   if( (n & (n-1))==0 ){
-     int sz = (n==0) ? 1 : 2*n;
--    void *pNew = sqlite3DbRealloc(db, pArray, sz*szEntry);
-+    void *pNew = sqlite3DbRealloc(db, pArray, (long) sz*szEntry);
-     if( pNew==0 ){
-       *pIdx = -1;
-       return pArray;
-@@ -141183,7 +141183,7 @@
-     pStart = 0;
-   }else if( pBuf==0 ){
-     sqlite3BeginBenignMalloc();
--    pStart = sqlite3Malloc( sz*cnt );  /* IMP: R-61949-35727 */
-+    pStart = sqlite3Malloc( (long) sz*cnt );  /* IMP: R-61949-35727 */
-     sqlite3EndBenignMalloc();
-     if( pStart ) cnt = sqlite3MallocSize(pStart)/sz;
-   }else{
+@@ -173310,10 +173310,10 @@
+ #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE
+   if( sz>=LOOKASIDE_SMALL*3 ){
+     nBig = szAlloc/(3*LOOKASIDE_SMALL+sz);
+-    nSm = (szAlloc - sz*nBig)/LOOKASIDE_SMALL;
++    nSm = (szAlloc - (long) sz*nBig)/LOOKASIDE_SMALL;
+   }else if( sz>=LOOKASIDE_SMALL*2 ){
+     nBig = szAlloc/(LOOKASIDE_SMALL+sz);
+-    nSm = (szAlloc - sz*nBig)/LOOKASIDE_SMALL;
++    nSm = (szAlloc - (long) sz*nBig)/LOOKASIDE_SMALL;
+   }else
+ #endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */
+   if( sz>0 ){