mirror of
https://git.yoctoproject.org/poky
synced 2026-02-27 03:49:41 +01:00
e328ec317e
Fixes CVE-2020-11655 and CVE-2020-11656 (From OE-Core rev: e63a38ca6ea95c0dbc79d5024c0cec31062d2e39) Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
33 lines
1.1 KiB
Diff
33 lines
1.1 KiB
Diff
From a4601326d61bf1a11151ac6b78b50804bfd03b4d Mon Sep 17 00:00:00 2001
|
|
From: Sakib Sajal <sakib.sajal@windriver.com>
|
|
Date: Thu, 30 Apr 2020 10:46:16 -0700
|
|
Subject: [PATCH 2/2] In the event of a semantic error in an aggregate query,
|
|
early-out the resetAccumulator() function to prevent problems due to
|
|
incomplete or incorrect initialization of the AggInfo object. Fix for ticket
|
|
[af4556bb5c285c08].
|
|
|
|
FossilOrigin-Name: 4a302b42c7bf5e11ddb5522ca999f74aba397d3a7eb91b1844bb02852f772441
|
|
Upstream Status: Backport [c415d91007e1680e4eb17def583b202c3c83c718]
|
|
|
|
CVE: CVE-2020-11655
|
|
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
|
|
---
|
|
sqlite3.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/sqlite3.c b/sqlite3.c
|
|
index 1df6633..726adf7 100644
|
|
--- a/sqlite3.c
|
|
+++ b/sqlite3.c
|
|
@@ -133242,6 +133242,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
|
|
struct AggInfo_func *pFunc;
|
|
int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
|
|
if( nReg==0 ) return;
|
|
+ if( pParse->nErr ) return;
|
|
#ifdef SQLITE_DEBUG
|
|
/* Verify that all AggInfo registers are within the range specified by
|
|
** AggInfo.mnReg..AggInfo.mxReg */
|
|
--
|
|
2.17.1
|
|
|