1 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch
new file mode 100644
index 0000000000..cba8ec9d30
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch
@@ -0,0 +1,46 @@
+CVE: CVE-2019-19959
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+From f83f7e8141ee7cbbf7f2dc8985279a7372b259b6 Mon Sep 17 00:00:00 2001
+From: "D. Richard Hipp" <drh@hwaci.com>
+Date: Mon, 23 Dec 2019 21:04:33 +0000
+Subject: [PATCH] Fix the zipfile() function in the zipfile extension so that
+ it is able to deal with goofy filenames that contain embedded zeros.
+FossilOrigin-Name: cc0fb00a128fd0773db5ff7891f7aa577a3671d570166d2cbb30df922344adcf
+---
+ shell.c   | 4 ++--
+ sqlite3.c | 4 ++--
+ sqlite3.h | 2 +-
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+diff --git a/shell.c b/shell.c
+index 404a8d4..48065e9 100644
+--- a/shell.c
+++ b/shell.c
+@@ -5841,7 +5841,7 @@ static int zipfileUpdate(
+         zFree = sqlite3_mprintf("%s/", zPath);
+         if( zFree==0 ){ rc = SQLITE_NOMEM; }
+         zPath = (const char*)zFree;
+-        nPath++;
+        nPath = (int)strlen(zPath);
+       }
+     }
+ 
+@@ -6242,11 +6242,11 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){
+   }else{
+     if( zName[nName-1]!='/' ){
+       zName = zFree = sqlite3_mprintf("%s/", zName);
+-      nName++;
+       if( zName==0 ){
+         rc = SQLITE_NOMEM;
+         goto zipfile_step_out;
+       }
+      nName = (int)strlen(zName);
+     }else{
+       while( nName>1 && zName[nName-2]=='/' ) nName--;
+     }
+-- 
+2.24.1

diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch new file mode 100644 index 0000000000..cba8ec9d30 --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19959.patch
@@ -0,0 +1,46 @@
	1	CVE: CVE-2019-19959
	2	Upstream-Status: Backport
	3	Signed-off-by: Ross Burton <ross.burton@intel.com>
	4
	5	From f83f7e8141ee7cbbf7f2dc8985279a7372b259b6 Mon Sep 17 00:00:00 2001
	6	From: "D. Richard Hipp" <drh@hwaci.com>
	7	Date: Mon, 23 Dec 2019 21:04:33 +0000
	8	Subject: [PATCH] Fix the zipfile() function in the zipfile extension so that
	9	it is able to deal with goofy filenames that contain embedded zeros.
	10
	11	FossilOrigin-Name: cc0fb00a128fd0773db5ff7891f7aa577a3671d570166d2cbb30df922344adcf
	12	---
	13	shell.c \| 4 ++--
	14	sqlite3.c \| 4 ++--
	15	sqlite3.h \| 2 +-
	16	3 files changed, 5 insertions(+), 5 deletions(-)
	17
	18	diff --git a/shell.c b/shell.c
	19	index 404a8d4..48065e9 100644
	20	--- a/shell.c
	21	+++ b/shell.c
	22	@@ -5841,7 +5841,7 @@ static int zipfileUpdate(
	23	zFree = sqlite3_mprintf("%s/", zPath);
	24	if( zFree==0 ){ rc = SQLITE_NOMEM; }
	25	zPath = (const char*)zFree;
	26	- nPath++;
	27	+ nPath = (int)strlen(zPath);
	28	}
	29	}
	30
	31	@@ -6242,11 +6242,11 @@ void zipfileStep(sqlite3_context pCtx, int nVal, sqlite3_value *apVal){
	32	}else{
	33	if( zName[nName-1]!='/' ){
	34	zName = zFree = sqlite3_mprintf("%s/", zName);
	35	- nName++;
	36	if( zName==0 ){
	37	rc = SQLITE_NOMEM;
	38	goto zipfile_step_out;
	39	}
	40	+ nName = (int)strlen(zName);
	41	}else{
	42	while( nName>1 && zName[nName-2]=='/' ) nName--;
	43	}
	44	--
	45	2.24.1
	46