mirror of
https://git.yoctoproject.org/poky
synced 2026-03-06 07:19:39 +01:00
8dd90ff82e
Fix the following CVEs: - CVE-2019-19244 - CVE-2019-19880 - CVE-2019-19923 - CVE-2019-19924 - CVE-2019-19925 - CVE-2019-19926 - CVE-2019-19959 - CVE-2019-20218 (From OE-Core rev: f3ebf3f8dd0b4d144db451a8fcb352762f7fbd75) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
34 lines
1.0 KiB
Diff
34 lines
1.0 KiB
Diff
CVE: CVE-2019-19244
|
|
Upstream-Status: Backport
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
|
|
From 0f690d4ae5ffe656762fdbb7f36cc4c2dcbb2d9d Mon Sep 17 00:00:00 2001
|
|
From: dan <dan@noemail.net>
|
|
Date: Fri, 22 Nov 2019 10:14:01 +0000
|
|
Subject: [PATCH] Fix a crash that could occur if a sub-select that uses both
|
|
DISTINCT and window functions also used an ORDER BY that is the same as its
|
|
select list.
|
|
|
|
Amalgamation version of the patch:
|
|
FossilOrigin-Name: bcdd66c1691955c697f3d756c2b035acfe98f6aad72e90b0021bab6e9023b3ba
|
|
---
|
|
sqlite3.c | 5 +++--
|
|
sqlite3.h | 2 +-
|
|
2 files changed, 4 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/sqlite3.c b/sqlite3.c
|
|
index 8fd740b..db1c649 100644
|
|
--- a/sqlite3.c
|
|
+++ b/sqlite3.c
|
|
@@ -131679,6 +131679,7 @@ SQLITE_PRIVATE int sqlite3Select(
|
|
*/
|
|
if( (p->selFlags & (SF_Distinct|SF_Aggregate))==SF_Distinct
|
|
&& sqlite3ExprListCompare(sSort.pOrderBy, pEList, -1)==0
|
|
+ && p->pWin==0
|
|
){
|
|
p->selFlags &= ~SF_Distinct;
|
|
pGroupBy = p->pGroupBy = sqlite3ExprListDup(db, pEList, 0);
|
|
--
|
|
2.24.1
|
|
|