mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-02 05:19:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8b77dd2bcfec627dc8bf013c62de5582bf224f8e
poky/meta/recipes-support/sqlite/files/CVE-2022-35737.patch
Hitendra Prajapati d24759196a sqlite: CVE-2022-35737 assertion failure 
Source: https://www.sqlite.org/
MR: 120541
Type: Security Fix
Disposition: Backport from https://www.sqlite.org/src/info/aab790a16e1bdff7
ChangeID: cf6d0962be0d1f7d4a5019843da6349eb7f9acda
Description:
	 CVE-2022-35737 sqlite: assertion failure via query when compiled with -DSQLITE_ENABLE_STAT4.

(From OE-Core rev: 226f9458075061cb99d71bee737bafbe73469c22)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-12 08:41:51 +01:00

30 lines
991 B
Diff
Raw Blame History

From 2bbf4c999dbb4b520561a57e0bafc19a15562093 Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Fri, 2 Sep 2022 11:22:29 +0530
Subject: [PATCH] CVE-2022-35737
Upstream-Status: Backport [https://www.sqlite.org/src/info/aab790a16e1bdff7]
CVE: CVE-2022-35737
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
sqlite3.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sqlite3.c b/sqlite3.c
index f664217..33dfb78 100644
--- a/sqlite3.c
+++ b/sqlite3.c
@@ -28758,7 +28758,8 @@ SQLITE_API void sqlite3_str_vappendf(
case etSQLESCAPE: /* %q: Escape ' characters */
case etSQLESCAPE2: /* %Q: Escape ' and enclose in '...' */
case etSQLESCAPE3: { /* %w: Escape " characters */
- int i, j, k, n, isnull;
+ i64 i, j, k, n;
+ int isnull;
int needQuote;
char ch;
char q = ((xtype==etSQLESCAPE3)?'"':'\''); /* Quote character */
--
2.25.1
Reference in New Issue View Git Blame Copy Permalink