diff options
| author | Sakib Sajal <sakib.sajal@windriver.com> | 2020-07-10 09:58:23 +0300 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2020-08-04 23:17:38 +0100 |
| commit | f29b31784ae836b0d7f6f62398814900550a0c87 (patch) | |
| tree | 44e1ecb58255f71a6cff04adb2130ddd8763794e /meta/recipes-support | |
| parent | f6998f7c70305b650316a8586bb39d94fab00326 (diff) | |
| download | poky-f29b31784ae836b0d7f6f62398814900550a0c87.tar.gz | |
sqlite: backport CVE fix
Fixes CVE-2020-11655
(From OE-Core rev: 3b06a6c73f4e49c6d00f758423c2e8865ec2de00)
(From OE-Core rev: 36edee3e489e7bd94d6fa555f87d94c5ec0f3ad8)
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ without the CVE-2020-11656 fix that did not apply cleanly ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support')
| -rw-r--r-- | meta/recipes-support/sqlite/files/CVE-2020-11655.patch | 32 | ||||
| -rw-r--r-- | meta/recipes-support/sqlite/sqlite3_3.29.0.bb | 1 |
2 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/files/CVE-2020-11655.patch b/meta/recipes-support/sqlite/files/CVE-2020-11655.patch new file mode 100644 index 0000000000..c2360cb867 --- /dev/null +++ b/meta/recipes-support/sqlite/files/CVE-2020-11655.patch | |||
| @@ -0,0 +1,32 @@ | |||
| 1 | From a4601326d61bf1a11151ac6b78b50804bfd03b4d Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Sakib Sajal <sakib.sajal@windriver.com> | ||
| 3 | Date: Thu, 30 Apr 2020 10:46:16 -0700 | ||
| 4 | Subject: [PATCH 2/2] In the event of a semantic error in an aggregate query, | ||
| 5 | early-out the resetAccumulator() function to prevent problems due to | ||
| 6 | incomplete or incorrect initialization of the AggInfo object. Fix for ticket | ||
| 7 | [af4556bb5c285c08]. | ||
| 8 | |||
| 9 | FossilOrigin-Name: 4a302b42c7bf5e11ddb5522ca999f74aba397d3a7eb91b1844bb02852f772441 | ||
| 10 | Upstream-Status: Backport [c415d91007e1680e4eb17def583b202c3c83c718] | ||
| 11 | |||
| 12 | CVE: CVE-2020-11655 | ||
| 13 | Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> | ||
| 14 | --- | ||
| 15 | sqlite3.c | 1 + | ||
| 16 | 1 file changed, 1 insertion(+) | ||
| 17 | |||
| 18 | diff --git a/sqlite3.c b/sqlite3.c | ||
| 19 | index 1df6633..726adf7 100644 | ||
| 20 | --- a/sqlite3.c | ||
| 21 | +++ b/sqlite3.c | ||
| 22 | @@ -133242,6 +133242,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){ | ||
| 23 | struct AggInfo_func *pFunc; | ||
| 24 | int nReg = pAggInfo->nFunc + pAggInfo->nColumn; | ||
| 25 | if( nReg==0 ) return; | ||
| 26 | + if( pParse->nErr ) return; | ||
| 27 | #ifdef SQLITE_DEBUG | ||
| 28 | /* Verify that all AggInfo registers are within the range specified by | ||
| 29 | ** AggInfo.mnReg..AggInfo.mxReg */ | ||
| 30 | -- | ||
| 31 | 2.17.1 | ||
| 32 | |||
diff --git a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb index cf3b179845..95e1174b07 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb | |||
| @@ -12,6 +12,7 @@ SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \ | |||
| 12 | file://CVE-2019-19926.patch \ | 12 | file://CVE-2019-19926.patch \ |
| 13 | file://CVE-2019-19959.patch \ | 13 | file://CVE-2019-19959.patch \ |
| 14 | file://CVE-2019-20218.patch \ | 14 | file://CVE-2019-20218.patch \ |
| 15 | file://CVE-2020-11655.patch \ | ||
| 15 | " | 16 | " |
| 16 | SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc" | 17 | SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc" |
| 17 | SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b" | 18 | SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b" |