summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch')
-rw-r--r--meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch33
1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
new file mode 100644
index 0000000000..ca5c31c57b
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
@@ -0,0 +1,33 @@
1CVE: CVE-2019-19880
2Upstream-Status: Backport
3Signed-off-by: Ross Burton <ross.burton@intel.com>
4
5From 3622d20ad10dfac9586d4423547ed960cbc66fcf Mon Sep 17 00:00:00 2001
6From: "D. Richard Hipp" <drh@hwaci.com>
7Date: Wed, 18 Dec 2019 00:05:50 +0000
8Subject: [PATCH] When processing constant integer values in ORDER BY clauses
9 of window definitions (see check-in [7e4 ---
10
11---
12 sqlite3.c | 4 +++-
13 1 file changed, 3 insertions(+), 1 deletion(-)
14
15diff --git a/sqlite3.c b/sqlite3.c
16index db1c649..a83b3d2 100644
17--- a/sqlite3.c
18+++ b/sqlite3.c
19@@ -147584,9 +147584,11 @@ static ExprList *exprListAppendList(
20 int nInit = pList ? pList->nExpr : 0;
21 for(i=0; i<pAppend->nExpr; i++){
22 Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
23+ assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
24 if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
25 pDup->op = TK_NULL;
26 pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse);
27+ pDup->u.zToken = 0;
28 }
29 pList = sqlite3ExprListAppend(pParse, pList, pDup);
30 if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
31--
322.24.1
33