1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
new file mode 100644
index 0000000000..ca5c31c57b
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
@@ -0,0 +1,33 @@
+CVE: CVE-2019-19880
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+From 3622d20ad10dfac9586d4423547ed960cbc66fcf Mon Sep 17 00:00:00 2001
+From: "D. Richard Hipp" <drh@hwaci.com>
+Date: Wed, 18 Dec 2019 00:05:50 +0000
+Subject: [PATCH] When processing constant integer values in ORDER BY clauses
+ of window definitions (see check-in [7e4 ---
+---
+ sqlite3.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+diff --git a/sqlite3.c b/sqlite3.c
+index db1c649..a83b3d2 100644
+--- a/sqlite3.c
+++ b/sqlite3.c
+@@ -147584,9 +147584,11 @@ static ExprList *exprListAppendList(
+     int nInit = pList ? pList->nExpr : 0;
+     for(i=0; i<pAppend->nExpr; i++){
+       Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
+      assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
+       if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
+         pDup->op = TK_NULL;
+         pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse);
+        pDup->u.zToken = 0;
+       }
+       pList = sqlite3ExprListAppend(pParse, pList, pDup);
+       if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
+-- 
+2.24.1

diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch new file mode 100644 index 0000000000..ca5c31c57b --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19880.patch
@@ -0,0 +1,33 @@
	1	CVE: CVE-2019-19880
	2	Upstream-Status: Backport
	3	Signed-off-by: Ross Burton <ross.burton@intel.com>
	4
	5	From 3622d20ad10dfac9586d4423547ed960cbc66fcf Mon Sep 17 00:00:00 2001
	6	From: "D. Richard Hipp" <drh@hwaci.com>
	7	Date: Wed, 18 Dec 2019 00:05:50 +0000
	8	Subject: [PATCH] When processing constant integer values in ORDER BY clauses
	9	of window definitions (see check-in [7e4 ---
	10
	11	---
	12	sqlite3.c \| 4 +++-
	13	1 file changed, 3 insertions(+), 1 deletion(-)
	14
	15	diff --git a/sqlite3.c b/sqlite3.c
	16	index db1c649..a83b3d2 100644
	17	--- a/sqlite3.c
	18	+++ b/sqlite3.c
	19	@@ -147584,9 +147584,11 @@ static ExprList *exprListAppendList(
	20	int nInit = pList ? pList->nExpr : 0;
	21	for(i=0; i<pAppend->nExpr; i++){
	22	Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
	23	+ assert( pDup==0 \|\| !ExprHasProperty(pDup, EP_MemToken) );
	24	if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
	25	pDup->op = TK_NULL;
	26	pDup->flags &= ~(EP_IntValue\|EP_IsTrue\|EP_IsFalse);
	27	+ pDup->u.zToken = 0;
	28	}
	29	pList = sqlite3ExprListAppend(pParse, pList, pDup);
	30	if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
	31	--
	32	2.24.1
	33