summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2025-05-20 22:20:26 +0200
committerSteve Sakoman <steve@sakoman.com>2025-06-02 10:26:30 -0700
commit42f60f3fd10186fc22c8bae708ff82b254f8464f (patch)
tree2a5f16b63c92575f0b94be3d0fe5fccd8d06606b
parentfd9b605507a20d850a9991316cd190c1d20dc4a6 (diff)
downloadpoky-42f60f3fd10186fc22c8bae708ff82b254f8464f.tar.gz
sqlite3: patch CVE-2025-3277
Pick commit [1] mentioned in [2]. [1] https://sqlite.org/src/info/498e3f1cf57f164f [2] https://nvd.nist.gov/vuln/detail/CVE-2025-3277 (From OE-Core rev: 341297828a5b7c77e6d9113d5abcd22c3a0c224a) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat
-rw-r--r--meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch28
-rw-r--r--meta/recipes-support/sqlite/sqlite3_3.48.0.bb4
2 files changed, 31 insertions, 1 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
new file mode 100644
index 0000000000..8264d4443a
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
@@ -0,0 +1,28 @@
1From d7f45414935e4ef6e3361f02a22876f1ee7a04aa Mon Sep 17 00:00:00 2001
2From: drh <>
3Date: Sun, 16 Feb 2025 10:57:25 +0000
4Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the
5 concat_ws() function with an enormous separator values and many arguments.
6
7FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5
8
9CVE: CVE-2025-3277
10Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f]
11Signed-off-by: Peter Marko <peter.marko@siemens.com>
12---
13 sqlite3.c | 2 +-
14 1 file changed, 1 insertion(+), 1 deletion(-)
15
16diff --git a/sqlite3.c b/sqlite3.c
17index 08c593e55c..24d0d954d9 100644
18--- a/sqlite3.c
19+++ b/sqlite3.c
20@@ -130954,7 +130954,7 @@ static void concatFuncCore(
21 for(i=0; i<argc; i++){
22 n += sqlite3_value_bytes(argv[i]);
23 }
24- n += (argc-1)*nSep;
25+ n += (argc-1)*(i64)nSep;
26 z = sqlite3_malloc64(n+1);
27 if( z==0 ){
28 sqlite3_result_error_nomem(context);
diff --git a/meta/recipes-support/sqlite/sqlite3_3.48.0.bb b/meta/recipes-support/sqlite/sqlite3_3.48.0.bb
index bd2ac6614d..86983f21bd 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.48.0.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.48.0.bb
@@ -3,6 +3,8 @@ require sqlite3.inc
3LICENSE = "PD" 3LICENSE = "PD"
4LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66" 4LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
5 5
6SRC_URI = "http://www.sqlite.org/2025/sqlite-autoconf-${SQLITE_PV}.tar.gz" 6SRC_URI = "http://www.sqlite.org/2025/sqlite-autoconf-${SQLITE_PV}.tar.gz \
7 file://CVE-2025-3277.patch \
8"
7SRC_URI[sha256sum] = "ac992f7fca3989de7ed1fe99c16363f848794c8c32a158dafd4eb927a2e02fd5" 9SRC_URI[sha256sum] = "ac992f7fca3989de7ed1fe99c16363f848794c8c32a158dafd4eb927a2e02fd5"
8 10
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-14 07:58:24 +0000