aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-10-11 16:32:12 -0300
committerKevin Daudt <kdaudt@alpinelinux.org>2019-10-20 15:44:09 +0000
commit1833ad9258bf53ebd1f42ccecc5bbf2696c7e19a (patch)
treec817258950e00e95ead9a8457e290b37af32ae6d
parent3ae476f3715e2011fce8fb62ecb98307aa497b10 (diff)
main/sqlite: fix CVE-2019-16168
ref #10868 Closes !421
-rw-r--r--main/sqlite/APKBUILD15
-rw-r--r--main/sqlite/CVE-2019-16168.patch24
2 files changed, 36 insertions, 3 deletions
diff --git a/main/sqlite/APKBUILD b/main/sqlite/APKBUILD
index 8ffc5f87374..2864c8107f3 100644
--- a/main/sqlite/APKBUILD
+++ b/main/sqlite/APKBUILD
@@ -26,7 +26,7 @@ esac
[ $_d -lt 10 ] && _d=0$_d
_ver=${_a}${_b}${_c}${_d}
-pkgrel=1
+pkgrel=2
pkgdesc="A C library that implements an SQL database engine"
url="http://www.sqlite.org/"
arch="all"
@@ -38,7 +38,9 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-libs"
source="http://www.sqlite.org/2018/$pkgname-autoconf-$_ver.tar.gz
license.txt
CVE-2019-8457.patch
+ CVE-2019-16168.patch
"
+builddir="$srcdir/$pkgname-autoconf-$_ver"
_amalgamation="-DSQLITE_ENABLE_FTS4 \
-DSQLITE_ENABLE_FTS3_PARENTHESIS \
@@ -52,7 +54,13 @@ _amalgamation="-DSQLITE_ENABLE_FTS4 \
-DSQLITE_MAX_VARIABLE_NUMBER=250000 \
-DSQLITE_ENABLE_JSON1"
-builddir="$srcdir/$pkgname-autoconf-$_ver"
+# secfixes:
+# 3.25.3-r2:
+# - CVE-2018-20346
+# 3.25.3-r1:
+# - CVE-2019-8457
+# 3.25.3-r0:
+# - CVE-2018-20346
build() {
cd "$builddir"
@@ -91,4 +99,5 @@ libs() {
sha512sums="5bc501d15367e097f4070185974b0c3a8246c06b205fb2258ed18870ff3fbf120ac5e0ba031a6744af89f7659206e28e7de2f0367bdb190b8412e453b43de4ba sqlite-autoconf-3250300.tar.gz
5bde14bec5bf18cc686b8b90a8b2324c8c6600bca1ae56431a795bb34b8b5ae85527143f3b5f0c845c776bce60eaa537624104cefc3a47b3820d43083f40c6e9 license.txt
-ab795b18d5426ff9ccad20f413de4f46fce7b532ebbf72dfbafc7db2d2e46453541abe992535c7aea598ec69c8557b477008e58299e3426afd2e8ab458c859e4 CVE-2019-8457.patch"
+ab795b18d5426ff9ccad20f413de4f46fce7b532ebbf72dfbafc7db2d2e46453541abe992535c7aea598ec69c8557b477008e58299e3426afd2e8ab458c859e4 CVE-2019-8457.patch
+19eb036e0d03543127a9ed67155522952cb7f3ce9da81ee49fba14a1c0bfc2cd0c86acab1b47b794043cac033959d861dce7ec97fca2293cb146a7ee1b83b8fa CVE-2019-16168.patch"
diff --git a/main/sqlite/CVE-2019-16168.patch b/main/sqlite/CVE-2019-16168.patch
new file mode 100644
index 00000000000..d1be258aecd
--- /dev/null
+++ b/main/sqlite/CVE-2019-16168.patch
@@ -0,0 +1,24 @@
+diff --git a/sqlite3.c b/sqlite3.c
+index c607252..7c01bbf 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -104242,7 +104242,9 @@ static void decodeIntArray(
+ if( sqlite3_strglob("unordered*", z)==0 ){
+ pIndex->bUnordered = 1;
+ }else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){
+- pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3));
++ int sz = sqlite3Atoi(z+3);
++ if( sz<2 ) sz = 2;
++ pIndex->szIdxRow = sqlite3LogEst(sz);
+ }else if( sqlite3_strglob("noskipscan*", z)==0 ){
+ pIndex->noSkipScan = 1;
+ }
+@@ -141020,6 +141022,7 @@ static int whereLoopAddBtreeIndex(
+ ** it to pNew->rRun, which is currently set to the cost of the index
+ ** seek only. Then, if this is a non-covering index, add the cost of
+ ** visiting the rows in the main table. */
++ assert( pSrc->pTab->szTabRow>0 );
+ rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
+ pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
+ if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK))==0 ){
+