Fix CVE-2017-13685 The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. References: https://sqlite.org/src/info/02f0f4c54f2819b3 http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html Upstream-Status: Backport [https://sqlite.org/src/info/cf0d3715caac9149] CVE: CVE-2017-13685 Signed-off-by: Wenzong Fan Index: src/shell.c ================================================================== --- src/shell.c +++ src/shell.c @@ -2657,10 +2657,11 @@ int *aiType /* Column types */ ){ int i; ShellState *p = (ShellState*)pArg; + if( azArg==0 ) return 0; switch( p->cMode ){ case MODE_Line: { int w = 5; if( azArg==0 ) break; for(i=0; in ) appendText(p, "|", 0); for(i=0; i