aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch')
-rw-r--r--meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch57
1 files changed, 0 insertions, 57 deletions
diff --git a/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch b/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
deleted file mode 100644
index aac428c821..0000000000
--- a/meta/recipes-support/sqlite/files/sqlite3-fix-CVE-2017-13685.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-Fix CVE-2017-13685
-
-The dump_callback function in SQLite 3.20.0 allows remote attackers to
-cause a denial of service (EXC_BAD_ACCESS and application crash) via a
-crafted file.
-
-References:
-https://sqlite.org/src/info/02f0f4c54f2819b3
-http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html
-
-Upstream-Status: Backport [https://sqlite.org/src/info/cf0d3715caac9149]
-
-CVE: CVE-2017-13685
-
-Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
-
-Index: src/shell.c
-==================================================================
---- src/shell.c
-+++ src/shell.c
-@@ -2657,10 +2657,11 @@
- int *aiType /* Column types */
- ){
- int i;
- ShellState *p = (ShellState*)pArg;
-
-+ if( azArg==0 ) return 0;
- switch( p->cMode ){
- case MODE_Line: {
- int w = 5;
- if( azArg==0 ) break;
- for(i=0; i<nArg; i++){
-@@ -3007,10 +3008,11 @@
- */
- static int captureOutputCallback(void *pArg, int nArg, char **azArg, char **az){
- ShellText *p = (ShellText*)pArg;
- int i;
- UNUSED_PARAMETER(az);
-+ if( azArg==0 ) return 0;
- if( p->n ) appendText(p, "|", 0);
- for(i=0; i<nArg; i++){
- if( i ) appendText(p, ",", 0);
- if( azArg[i] ) appendText(p, azArg[i], 0);
- }
-@@ -3888,11 +3890,11 @@
- const char *zType;
- const char *zSql;
- ShellState *p = (ShellState *)pArg;
-
- UNUSED_PARAMETER(azNotUsed);
-- if( nArg!=3 ) return 1;
-+ if( nArg!=3 || azArg==0 ) return 0;
- zTable = azArg[0];
- zType = azArg[1];
- zSql = azArg[2];
-
- if( strcmp(zTable, "sqlite_sequence")==0 ){