diff options
Diffstat (limited to 'meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch')
-rw-r--r-- | meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch new file mode 100644 index 0000000000..cba8ec9d30 --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch | |||
@@ -0,0 +1,46 @@ | |||
1 | CVE: CVE-2019-19959 | ||
2 | Upstream-Status: Backport | ||
3 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
4 | |||
5 | From f83f7e8141ee7cbbf7f2dc8985279a7372b259b6 Mon Sep 17 00:00:00 2001 | ||
6 | From: "D. Richard Hipp" <drh@hwaci.com> | ||
7 | Date: Mon, 23 Dec 2019 21:04:33 +0000 | ||
8 | Subject: [PATCH] Fix the zipfile() function in the zipfile extension so that | ||
9 | it is able to deal with goofy filenames that contain embedded zeros. | ||
10 | |||
11 | FossilOrigin-Name: cc0fb00a128fd0773db5ff7891f7aa577a3671d570166d2cbb30df922344adcf | ||
12 | --- | ||
13 | shell.c | 4 ++-- | ||
14 | sqlite3.c | 4 ++-- | ||
15 | sqlite3.h | 2 +- | ||
16 | 3 files changed, 5 insertions(+), 5 deletions(-) | ||
17 | |||
18 | diff --git a/shell.c b/shell.c | ||
19 | index 404a8d4..48065e9 100644 | ||
20 | --- a/shell.c | ||
21 | +++ b/shell.c | ||
22 | @@ -5841,7 +5841,7 @@ static int zipfileUpdate( | ||
23 | zFree = sqlite3_mprintf("%s/", zPath); | ||
24 | if( zFree==0 ){ rc = SQLITE_NOMEM; } | ||
25 | zPath = (const char*)zFree; | ||
26 | - nPath++; | ||
27 | + nPath = (int)strlen(zPath); | ||
28 | } | ||
29 | } | ||
30 | |||
31 | @@ -6242,11 +6242,11 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){ | ||
32 | }else{ | ||
33 | if( zName[nName-1]!='/' ){ | ||
34 | zName = zFree = sqlite3_mprintf("%s/", zName); | ||
35 | - nName++; | ||
36 | if( zName==0 ){ | ||
37 | rc = SQLITE_NOMEM; | ||
38 | goto zipfile_step_out; | ||
39 | } | ||
40 | + nName = (int)strlen(zName); | ||
41 | }else{ | ||
42 | while( nName>1 && zName[nName-2]=='/' ) nName--; | ||
43 | } | ||
44 | -- | ||
45 | 2.24.1 | ||
46 | |||