sqlite3: fix (disputed) CVE-2021-36690

Bump PKGREVISION.
This commit is contained in:
wiz 2021-10-17 07:14:27 +00:00
parent a7d54a18c4
commit ba5084473c
3 changed files with 52 additions and 2 deletions

View file

@ -1,9 +1,10 @@
# $NetBSD: Makefile,v 1.141 2021/06/25 21:21:31 adam Exp $
# $NetBSD: Makefile,v 1.142 2021/10/17 07:14:27 wiz Exp $
.include "Makefile.common"
DISTNAME= sqlite-autoconf-${SQLITE3_DISTVERSION}
PKGNAME= sqlite3-${SQLITE3_VERSION}
PKGREVISION= 1
CATEGORIES= databases
MAINTAINER= pkgsrc-users@NetBSD.org

View file

@ -1,6 +1,7 @@
$NetBSD: distinfo,v 1.172 2021/10/07 13:35:51 nia Exp $
$NetBSD: distinfo,v 1.173 2021/10/17 07:14:27 wiz Exp $
RMD160 (sqlite-autoconf-3360000.tar.gz) = ef34b98fbe1f3436fc0d1255ae2fa9a660011cb2
SHA512 (sqlite-autoconf-3360000.tar.gz) = e59c57f421b4956c7759af528a2da929167e15179ab9d28267474683e2272f93c901203e5a648732f1a3d43e7be3ac4217c3cdd7adf108c378b9127b771a7cd0
Size (sqlite-autoconf-3360000.tar.gz) = 2977080 bytes
SHA1 (patch-configure) = c0aa83bddc20d090b3cd2fd840ac69031f4396e4
SHA1 (patch-shell.c) = d20cddef6cf75753c78d95b7dd1ae928caba5df6

View file

@ -0,0 +1,48 @@
$NetBSD: patch-shell.c,v 1.1 2021/10/17 07:14:27 wiz Exp $
Fix Segmentation fault in idxGetTableInfo (CVE-2021-36690)
https://sqlite.org/src/info/b1e0c22ec981cf5f
--- shell.c.orig 2021-06-18 18:52:24.000000000 +0000
+++ shell.c
@@ -9852,11 +9852,13 @@ static int idxGetTableInfo(
rc = idxPrintfPrepareStmt(db, &p1, pzErrmsg, "PRAGMA table_xinfo=%Q", zTab);
while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(p1) ){
const char *zCol = (const char*)sqlite3_column_text(p1, 1);
+ const char *zColSeq = 0;
nByte += 1 + STRLEN(zCol);
rc = sqlite3_table_column_metadata(
- db, "main", zTab, zCol, 0, &zCol, 0, 0, 0
+ db, "main", zTab, zCol, 0, &zColSeq, 0, 0, 0
);
- nByte += 1 + STRLEN(zCol);
+ if( zColSeq==0 ) zColSeq = "binary";
+ nByte += 1 + STRLEN(zColSeq);
nCol++;
nPk += (sqlite3_column_int(p1, 5)>0);
}
@@ -9876,6 +9878,7 @@ static int idxGetTableInfo(
nCol = 0;
while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(p1) ){
const char *zCol = (const char*)sqlite3_column_text(p1, 1);
+ const char *zColSeq = 0;
int nCopy = STRLEN(zCol) + 1;
pNew->aCol[nCol].zName = pCsr;
pNew->aCol[nCol].iPk = (sqlite3_column_int(p1, 5)==1 && nPk==1);
@@ -9883,12 +9886,13 @@ static int idxGetTableInfo(
pCsr += nCopy;
rc = sqlite3_table_column_metadata(
- db, "main", zTab, zCol, 0, &zCol, 0, 0, 0
+ db, "main", zTab, zCol, 0, &zColSeq, 0, 0, 0
);
if( rc==SQLITE_OK ){
- nCopy = STRLEN(zCol) + 1;
+ if( zColSeq==0 ) zColSeq = "binary";
+ nCopy = STRLEN(zColSeq) + 1;
pNew->aCol[nCol].zColl = pCsr;
- memcpy(pCsr, zCol, nCopy);
+ memcpy(pCsr, zColSeq, nCopy);
pCsr += nCopy;
}