mirror of
https://git.yoctoproject.org/poky
synced 2026-03-05 06:49:39 +01:00
0d86d58505
CVE: CVE-2020-13630 Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13630 (From OE-Core rev: 5780879dec867bdb3c7eeeffb7a958a8b50188a4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
33 lines
937 B
Diff
33 lines
937 B
Diff
From becd68ba0dac41904aa817d96a67fb4685734b41 Mon Sep 17 00:00:00 2001
|
|
From: dan <dan@noemail.net>
|
|
Date: Sat, 16 May 2020 17:26:58 +0000
|
|
Subject: [PATCH] Fix a use-after-free bug in the fts3 snippet() function.
|
|
|
|
FossilOrigin-Name: 0d69f76f0865f9626078bee087a22fb826407279e78cf9d5382e1c985c9f64a9
|
|
|
|
Upstream-Status: Backport
|
|
CVE: CVE-2020-13630
|
|
|
|
Reference to upstream patch:
|
|
https://github.com/sqlite/sqlite/commit/becd68ba0dac41904aa817d96a67fb4685734b41
|
|
|
|
Patch converted to amalgamation format
|
|
|
|
Signed-off-by: Steve Sakoman <steve@sakoman.com>
|
|
---
|
|
sqlite3.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/sqlite3.c b/sqlite3.c
|
|
index 02892f8..e72fabb 100644
|
|
--- a/sqlite3.c
|
|
+++ b/sqlite3.c
|
|
@@ -170257,6 +170257,7 @@ static void fts3EvalNextRow(
|
|
fts3EvalNextRow(pCsr, pLeft, pRc);
|
|
}
|
|
}
|
|
+ pRight->bEof = pLeft->bEof = 1;
|
|
}
|
|
}
|
|
break;
|