[zeus] sqlite3: CVE-2020-13632

Submitted by Li Wang on Nov. 19, 2020, 10:20 a.m. | Patch ID: 178057

Details

Message ID 20201119102040.624-1-li.wang@windriver.com
State New
Headers show

Commit Message

Li Wang Nov. 19, 2020, 10:20 a.m.
backport patch from:
https://github.com/sqlite/sqlite/commit/219b8e7e7587df8669d96ce867cdd61ca1c05730

Signed-off-by: Li Wang <li.wang@windriver.com>

---
 .../sqlite/sqlite3/CVE-2020-13632.patch       | 32 +++++++++++++++++++
 meta/recipes-support/sqlite/sqlite3_3.29.0.bb |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2020-13632.patch

-- 
2.17.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#144811): https://lists.openembedded.org/g/openembedded-core/message/144811
Mute This Topic: https://lists.openembedded.org/mt/78361867/3616849
Group Owner: openembedded-core+owner@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [michael@yoctoproject.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patch hide | download patch | download mbox

diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2020-13632.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2020-13632.patch
new file mode 100644
index 0000000000..7af5e91c4c
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2020-13632.patch
@@ -0,0 +1,32 @@ 
+From 219b8e7e7587df8669d96ce867cdd61ca1c05730 Mon Sep 17 00:00:00 2001
+From: drh <drh@noemail.net>
+Date: Thu, 14 May 2020 23:59:24 +0000
+Subject: [PATCH] Fix a null pointer deference that can occur on a strange
+ matchinfo() query.
+
+FossilOrigin-Name: a4dd148928ea65bd4e1654dfacc3d8057d1f85b8c9939416991d50722e5a720e
+
+Upstream-Status: Backport
+CVE: CVE-2020-13632
+[https://github.com/sqlite/sqlite/commit/219b8e7e7587df8669d96ce867cdd61ca1c05730]
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ sqlite3.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index fd28360..ee455e5 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -177622,7 +177622,7 @@ static int fts3ExprLHits(
+     iStart = pExpr->iPhrase * ((p->nCol + 31) / 32);
+   }
+ 
+-  while( 1 ){
++  if( pIter ) while( 1 ){
+     int nHit = fts3ColumnlistCount(&pIter);
+     if( (pPhrase->iColumn>=pTab->nColumn || pPhrase->iColumn==iCol) ){
+       if( p->flag==FTS3_MATCHINFO_LHITS ){
+-- 
+2.17.1
+
diff --git a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
index 95e1174b07..425612bf12 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
@@ -13,6 +13,7 @@  SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \
            file://CVE-2019-19959.patch \
            file://CVE-2019-20218.patch \
            file://CVE-2020-11655.patch \
+           file://CVE-2020-13632.patch \
 "
 SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc"
 SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b"