sqlite3: patch CVE-2025-7709

Pick commit used in debian patch https://git.launchpad.net/ubuntu/+source/sqlite3/commit/?id=9a309a50fa99e3b69623894bfd7d1f84d9fab33c Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/192d0ff8ccf0bf55776a5930cdc64e25f87299d6] (From OE-Core rev: baaf28f6f2eac600f7caf53660a0b75f0329e86a) Signed-off-by: Bruno VERNAY <bruno.vernay@se.com> Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> 2025-11-14 17:00:07 +0100
committer: Steve Sakoman <steve@sakoman.com> 2025-11-26 07:50:35 -0800
commit: 49e4da8b0a6a84c5dc0a6837c55f7b5e1cd06c37 (patch)
tree: 336209796498738cb0a3c66af8885cc61b8f2175 /meta
parent: e77289e9a4c9960fad9cf15ff9ac8787a6c350aa (diff)
download: poky-49e4da8b0a6a84c5dc0a6837c55f7b5e1cd06c37.tar.gz
2 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch
new file mode 100644
index 0000000000..820262881f
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch
@@ -0,0 +1,33 @@
+From a7ed2fcba8ef1df4bcd846d895469ca72542be07 Mon Sep 17 00:00:00 2001
+From: Hugo SIMELIERE <simeliere.hugo@non.se.com>
+Date: Fri, 14 Nov 2025 15:31:17 +0100
+Subject: [PATCH] Optimize allocation of large tombstone arrays in fts5.
+FossilOrigin-Name: 0fcc3cbdfa21adf97aed01fa76991cccf9380e2755b0182a9e2c94e3c8fb38d7
+CVE: CVE-2025-7709
+Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/192d0ff8ccf0bf55776a5930cdc64e25f87299d6]
+Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
+---
+ sqlite3.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/sqlite3.c b/sqlite3.c
+index 1ee8de4..43f59e2 100644
+--- a/sqlite3.c
+++ b/sqlite3.c
+@@ -240724,9 +240724,9 @@ static void fts5SegIterSetNext(Fts5Index *p, Fts5SegIter *pIter){
+ ** leave an error in the Fts5Index object.
+ */
+ static void fts5SegIterAllocTombstone(Fts5Index *p, Fts5SegIter *pIter){
+-  const int nTomb = pIter->pSeg->nPgTombstone;
+  const i64 nTomb = (i64)pIter->pSeg->nPgTombstone;
+   if( nTomb>0 ){
+-    int nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
+    i64 nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
+     Fts5TombstoneArray *pNew;
+     pNew = (Fts5TombstoneArray*)sqlite3Fts5MallocZero(&p->rc, nByte);
+     if( pNew ){
+-- 
+2.43.0
diff --git a/meta/recipes-support/sqlite/sqlite3_3.45.3.bb b/meta/recipes-support/sqlite/sqlite3_3.45.3.bb
index 60a8f1449b..05bfaac1af 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.45.3.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.45.3.bb
@@ -7,6 +7,7 @@ SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz \
           file://CVE-2025-3277.patch \
           file://CVE-2025-29088.patch \
           file://CVE-2025-6965.patch \
+           file://CVE-2025-7709.patch \
          "
 SRC_URI[sha256sum] = "b2809ca53124c19c60f42bf627736eae011afdcc205bb48270a5ee9a38191531"
author	Hugo SIMELIERE <hsimeliere.opensource@witekio.com>	2025-11-14 17:00:07 +0100
committer	Steve Sakoman <steve@sakoman.com>	2025-11-26 07:50:35 -0800
commit	49e4da8b0a6a84c5dc0a6837c55f7b5e1cd06c37 (patch)
tree	336209796498738cb0a3c66af8885cc61b8f2175 /meta
parent	e77289e9a4c9960fad9cf15ff9ac8787a6c350aa (diff)
download	poky-49e4da8b0a6a84c5dc0a6837c55f7b5e1cd06c37.tar.gz

diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch new file mode 100644 index 0000000000..820262881f --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch
@@ -0,0 +1,33 @@
		1	From a7ed2fcba8ef1df4bcd846d895469ca72542be07 Mon Sep 17 00:00:00 2001
		2	From: Hugo SIMELIERE <simeliere.hugo@non.se.com>
		3	Date: Fri, 14 Nov 2025 15:31:17 +0100
		4	Subject: [PATCH] Optimize allocation of large tombstone arrays in fts5.
		5
		6	FossilOrigin-Name: 0fcc3cbdfa21adf97aed01fa76991cccf9380e2755b0182a9e2c94e3c8fb38d7
		7
		8	CVE: CVE-2025-7709
		9	Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/192d0ff8ccf0bf55776a5930cdc64e25f87299d6]
		10	Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
		11	---
		12	sqlite3.c \| 4 ++--
		13	1 file changed, 2 insertions(+), 2 deletions(-)
		14
		15	diff --git a/sqlite3.c b/sqlite3.c
		16	index 1ee8de4..43f59e2 100644
		17	--- a/sqlite3.c
		18	+++ b/sqlite3.c
		19	@@ -240724,9 +240724,9 @@ static void fts5SegIterSetNext(Fts5Index p, Fts5SegIter pIter){
		20	** leave an error in the Fts5Index object.
		21	*/
		22	static void fts5SegIterAllocTombstone(Fts5Index p, Fts5SegIter pIter){
		23	- const int nTomb = pIter->pSeg->nPgTombstone;
		24	+ const i64 nTomb = (i64)pIter->pSeg->nPgTombstone;
		25	if( nTomb>0 ){
		26	- int nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
		27	+ i64 nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
		28	Fts5TombstoneArray *pNew;
		29	pNew = (Fts5TombstoneArray*)sqlite3Fts5MallocZero(&p->rc, nByte);
		30	if( pNew ){
		31	--
		32	2.43.0
		33


diff --git a/meta/recipes-support/sqlite/sqlite3_3.45.3.bb b/meta/recipes-support/sqlite/sqlite3_3.45.3.bb index 60a8f1449b..05bfaac1af 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.45.3.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.45.3.bb
@@ -7,6 +7,7 @@ SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz \
7	file://CVE-2025-3277.patch \	7	file://CVE-2025-3277.patch \
8	file://CVE-2025-29088.patch \	8	file://CVE-2025-29088.patch \
9	file://CVE-2025-6965.patch \	9	file://CVE-2025-6965.patch \
		10	file://CVE-2025-7709.patch \
10	"	11	"
11	SRC_URI[sha256sum] = "b2809ca53124c19c60f42bf627736eae011afdcc205bb48270a5ee9a38191531"	12	SRC_URI[sha256sum] = "b2809ca53124c19c60f42bf627736eae011afdcc205bb48270a5ee9a38191531"
12		13