mirror of
https://git.yoctoproject.org/poky
synced 2026-04-21 03:32:12 +02:00
sqlite3: fix CVE-2019-16168
(From OE-Core rev: 8d663da7e5fad8dd936fbefeba67db6e0e356975) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
committed by
Richard Purdie
parent
ee276e50e5
commit
b569007b7b
@@ -0,0 +1,40 @@
|
||||
From fcf06b0b426e6c243d6ca2d6c6a02830717ab6a3 Mon Sep 17 00:00:00 2001
|
||||
From: Chen Qi <Qi.Chen@windriver.com>
|
||||
Date: Tue, 15 Oct 2019 13:22:52 +0800
|
||||
Subject: [PATCH] Fix CVE-2019-16168
|
||||
|
||||
CVE: CVE-2019-16168
|
||||
|
||||
Upstream-Status: Backport [https://www.sqlite.org/src/vpatch?from=4f5b2d938194fab7&to=98357d8c1263920b]
|
||||
|
||||
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
|
||||
---
|
||||
sqlite3.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/sqlite3.c b/sqlite3.c
|
||||
index 61bfdeb..b3e6ae2 100644
|
||||
--- a/sqlite3.c
|
||||
+++ b/sqlite3.c
|
||||
@@ -105933,7 +105933,9 @@ static void decodeIntArray(
|
||||
if( sqlite3_strglob("unordered*", z)==0 ){
|
||||
pIndex->bUnordered = 1;
|
||||
}else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){
|
||||
- pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3));
|
||||
+ int sz = sqlite3Atoi(z+3);
|
||||
+ if( sz<2 ) sz = 2;
|
||||
+ pIndex->szIdxRow = sqlite3LogEst(sz);
|
||||
}else if( sqlite3_strglob("noskipscan*", z)==0 ){
|
||||
pIndex->noSkipScan = 1;
|
||||
}
|
||||
@@ -143260,6 +143262,7 @@ static int whereLoopAddBtreeIndex(
|
||||
** it to pNew->rRun, which is currently set to the cost of the index
|
||||
** seek only. Then, if this is a non-covering index, add the cost of
|
||||
** visiting the rows in the main table. */
|
||||
+ assert( pSrc->pTab->szTabRow>0 );
|
||||
rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
|
||||
pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
|
||||
if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK))==0 ){
|
||||
--
|
||||
2.17.1
|
||||
|
||||
@@ -7,6 +7,7 @@ SRC_URI = "\
|
||||
http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \
|
||||
file://CVE-2019-9936.patch \
|
||||
file://CVE-2019-9937.patch \
|
||||
file://0001-Fix-CVE-2019-16168.patch \
|
||||
"
|
||||
|
||||
SRC_URI[md5sum] = "1f72631ce6e8efa5b4a6e55a43b3bdc0"
|
||||
|
||||
Reference in New Issue
Block a user