diff options
Diffstat (limited to 'meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch')
-rw-r--r-- | meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch new file mode 100644 index 0000000000..ca5c31c57b --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch @@ -0,0 +1,33 @@ +CVE: CVE-2019-19880 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 3622d20ad10dfac9586d4423547ed960cbc66fcf Mon Sep 17 00:00:00 2001 +From: "D. Richard Hipp" <drh@hwaci.com> +Date: Wed, 18 Dec 2019 00:05:50 +0000 +Subject: [PATCH] When processing constant integer values in ORDER BY clauses + of window definitions (see check-in [7e4 --- + +--- + sqlite3.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/sqlite3.c b/sqlite3.c +index db1c649..a83b3d2 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -147584,9 +147584,11 @@ static ExprList *exprListAppendList( + int nInit = pList ? pList->nExpr : 0; + for(i=0; i<pAppend->nExpr; i++){ + Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0); ++ assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) ); + if( bIntToNull && pDup && pDup->op==TK_INTEGER ){ + pDup->op = TK_NULL; + pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse); ++ pDup->u.zToken = 0; + } + pList = sqlite3ExprListAppend(pParse, pList, pDup); + if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags; +-- +2.24.1 + |