From 0d86d5850545acca2482a47aabc78e87ea2160ad Mon Sep 17 00:00:00 2001
From: Steve Sakoman <steve@sakoman.com>
Date: Wed, 4 Nov 2020 06:38:49 -1000
Subject: sqlite3: fix CVE-2020-13630

CVE: CVE-2020-13630

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-13630

(From OE-Core rev: 5780879dec867bdb3c7eeeffb7a958a8b50188a4)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../sqlite/files/CVE-2020-13630.patch              | 32 ++++++++++++++++++++++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb      |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2020-13630.patch

(limited to 'meta/recipes-support')

diff --git a/meta/recipes-support/sqlite/files/CVE-2020-13630.patch b/meta/recipes-support/sqlite/files/CVE-2020-13630.patch
new file mode 100644
index 0000000000..31916a1939
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/CVE-2020-13630.patch
@@ -0,0 +1,32 @@
+From becd68ba0dac41904aa817d96a67fb4685734b41 Mon Sep 17 00:00:00 2001
+From: dan <dan@noemail.net>
+Date: Sat, 16 May 2020 17:26:58 +0000
+Subject: [PATCH] Fix a use-after-free bug in the fts3 snippet() function.
+
+FossilOrigin-Name: 0d69f76f0865f9626078bee087a22fb826407279e78cf9d5382e1c985c9f64a9
+
+Upstream-Status: Backport
+CVE: CVE-2020-13630
+
+Reference to upstream patch:
+https://github.com/sqlite/sqlite/commit/becd68ba0dac41904aa817d96a67fb4685734b41
+
+Patch converted to amalgamation format
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+---
+ sqlite3.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index 02892f8..e72fabb 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -170257,6 +170257,7 @@ static void fts3EvalNextRow(
+                 fts3EvalNextRow(pCsr, pLeft, pRc);
+               }
+             }
++            pRight->bEof = pLeft->bEof = 1;
+           }
+         }
+         break;
diff --git a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
index 4ef1da703b..ace9423e8d 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
@@ -10,6 +10,7 @@ SRC_URI = "http://www.sqlite.org/2020/sqlite-autoconf-${SQLITE_PV}.tar.gz \
            file://CVE-2020-15358.patch \
            file://CVE-2020-13434.patch \
            file://CVE-2020-13435.patch \
+           file://CVE-2020-13630.patch \
            "
 SRC_URI[md5sum] = "2d0a553534c521504e3ac3ad3b90f125"
 SRC_URI[sha256sum] = "62284efebc05a76f909c580ffa5c008a7d22a1287285d68b7825a2b6b51949ae"
-- 
cgit v1.2.3-54-g00ecf