Merge pull request #28 from trimble-oss/alert-autofix-271

Potential fix for code scanning alert no. 271: Incorrect conversion between integer types

Author: joel-rieke

sql/system_settype.go

@@ -91,12 +91,15 @@ func (t systemSetType) Convert(v interface{}) (interface{}, error) {
 		// Float values aren't truly accepted, but the engine will give them when it should give ints.
 		// Therefore, if the float doesn't have a fractional portion, we treat it as an int.
 		if value >= float64(math.MinInt64) && value <= float64(math.MaxInt64) {
-			intValue := int64(value)
-			if float64(intValue) == value {
+			if math.Trunc(value) == value { // Ensure no fractional part exists
+				if value < 0 || value > math.MaxInt64 { // Additional bounds check
+					return nil, ErrInvalidSystemVariableValue.New(t.varName, v) // Reject out-of-range values
+				}
+				intValue := int64(value)
 				return t.SetType.Convert(intValue)
 			}
 		}
-		return nil, ErrInvalidSystemVariableValue.New(t.varName, v)
+		return nil, ErrInvalidSystemVariableValue.New(t.varName, v) // Reject out-of-range values
 	case decimal.Decimal:
 		f, _ := value.Float64()
 		return t.Convert(f)