fix: compileLikeRegex mishandled SQL escape sequences \% and \_, canSkipPage LIKE prefix overflow at U+FFFF

Two LIKE bugs fixed:

1. compileLikeRegex escaped all regex metacharacters first, then
   replaced % and _. SQL escape sequences like \% (literal percent)
   got broken: the backslash was escaped to \\, then % was still
   treated as wildcard. Now walks char-by-char: \% → literal %,
   \_ → literal _, then regex-escapes remaining characters.

2. canSkipPage LIKE prefix computation: charCodeAt(last) + 1
   overflows when last char is U+FFFF (0xFFFF + 1 = 0x10000 wraps
   to U+0000 via String.fromCharCode). Now guards with < 0xFFFF
   check — skips the prefix-successor test when overflow would occur.

Author: teamchong

src/decode.test.ts

@@ -530,6 +530,23 @@ describe("matchesFilter", () => {
     expect(matchesFilter("Alice", { column: "x", op: "not_like", value: "Ali%" })).toBe(false);
     expect(matchesFilter("alice", { column: "x", op: "not_like", value: "Ali%" })).toBe(true);
   });
+
+  it("LIKE with escaped percent (\\%) matches literal %", () => {
+    expect(matchesFilter("100%", { column: "x", op: "like", value: "100\\%" })).toBe(true);
+    expect(matchesFilter("100abc", { column: "x", op: "like", value: "100\\%" })).toBe(false);
+    expect(matchesFilter("100%done", { column: "x", op: "like", value: "100\\%%"})).toBe(true);
+  });
+
+  it("LIKE with escaped underscore (\\_) matches literal _", () => {
+    expect(matchesFilter("a_b", { column: "x", op: "like", value: "a\\_b" })).toBe(true);
+    expect(matchesFilter("axb", { column: "x", op: "like", value: "a\\_b" })).toBe(false);
+  });
+
+  it("LIKE with regex metacharacters in pattern", () => {
+    expect(matchesFilter("hello.world", { column: "x", op: "like", value: "hello.world" })).toBe(true);
+    expect(matchesFilter("helloXworld", { column: "x", op: "like", value: "hello.world" })).toBe(false);
+    expect(matchesFilter("(test)", { column: "x", op: "like", value: "(test)" })).toBe(true);
+  });
 });
 
 describe("bigIntReplacer", () => {

src/decode.ts

@@ -76,9 +76,14 @@ export function canSkipPage(page: PageInfo, filters: QueryDescriptor["filters"],
         if (typeof filter.value !== "string" || typeof min !== "string") break;
         const prefix = extractLikePrefix(filter.value);
         if (!prefix) break;
-        // Page max < prefix or page min >= prefix + '\uffff' → no match possible
-        const prefixEnd = prefix.slice(0, -1) + String.fromCharCode(prefix.charCodeAt(prefix.length - 1) + 1);
-        if ((max as string) < prefix || (min as string) >= prefixEnd) return true;
+        // Page max < prefix → no match possible
+        if ((max as string) < prefix) { return true; }
+        // Page min >= prefix successor → no match possible (guard U+FFFF overflow)
+        const lastCode = prefix.charCodeAt(prefix.length - 1);
+        if (lastCode < 0xffff) {
+          const prefixEnd = prefix.slice(0, -1) + String.fromCharCode(lastCode + 1);
+          if ((min as string) >= prefixEnd) return true;
+        }
         break;
       }
       // not_like: skip uniform pages where the single value matches the pattern
@@ -582,9 +587,24 @@ const likeRegexCache = new Map<string, RegExp>();
 export function compileLikeRegex(pattern: string): RegExp {
   let cached = likeRegexCache.get(pattern);
   if (cached) return cached;
-  // Escape regex metacharacters, then replace SQL wildcards
-  const escaped = pattern.replace(/[.+?^${}()|[\]\\*]/g, "\\$&");
-  const re = new RegExp("^" + escaped.replace(/%/g, ".*").replace(/_/g, ".") + "$", "s");
+  // Walk character-by-character to handle SQL escape sequences (\%, \_)
+  let reStr = "^";
+  for (let i = 0; i < pattern.length; i++) {
+    const ch = pattern[i];
+    if (ch === "\\" && i + 1 < pattern.length) {
+      // SQL escape: \% → literal %, \_ → literal _, \\ → literal \
+      const next = pattern[++i];
+      reStr += next.replace(/[.+?^${}()|[\]\\*]/g, "\\$&");
+    } else if (ch === "%") {
+      reStr += ".*";
+    } else if (ch === "_") {
+      reStr += ".";
+    } else {
+      reStr += ch.replace(/[.+?^${}()|[\]\\*]/g, "\\$&");
+    }
+  }
+  reStr += "$";
+  const re = new RegExp(reStr, "s");
   likeRegexCache.set(pattern, re);
   if (likeRegexCache.size > 1000) likeRegexCache.clear(); // prevent unbounded growth
   return re;