summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch')
-rw-r--r--meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch33
1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
new file mode 100644
index 0000000000..ca5c31c57b
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
@@ -0,0 +1,33 @@
+CVE: CVE-2019-19880
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+From 3622d20ad10dfac9586d4423547ed960cbc66fcf Mon Sep 17 00:00:00 2001
+From: "D. Richard Hipp" <drh@hwaci.com>
+Date: Wed, 18 Dec 2019 00:05:50 +0000
+Subject: [PATCH] When processing constant integer values in ORDER BY clauses
+ of window definitions (see check-in [7e4 ---
+
+---
+ sqlite3.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index db1c649..a83b3d2 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -147584,9 +147584,11 @@ static ExprList *exprListAppendList(
+ int nInit = pList ? pList->nExpr : 0;
+ for(i=0; i<pAppend->nExpr; i++){
+ Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
++ assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
+ if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
+ pDup->op = TK_NULL;
+ pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse);
++ pDup->u.zToken = 0;
+ }
+ pList = sqlite3ExprListAppend(pParse, pList, pDup);
+ if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
+--
+2.24.1
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-27 07:33:30 +0000