parent
28cc179ee2
commit
f2d6883ed2
51
sqlite-3.22.0-corrupt-schema.patch
Normal file
51
sqlite-3.22.0-corrupt-schema.patch
Normal file
@ -0,0 +1,51 @@
|
|||||||
|
Index: src/build.c
|
||||||
|
==================================================================
|
||||||
|
--- src/build.c
|
||||||
|
+++ src/build.c
|
||||||
|
@@ -1868,12 +1868,10 @@
|
||||||
|
}
|
||||||
|
assert( !db->mallocFailed );
|
||||||
|
p = pParse->pNewTable;
|
||||||
|
if( p==0 ) return;
|
||||||
|
|
||||||
|
- assert( !db->init.busy || !pSelect );
|
||||||
|
-
|
||||||
|
/* If the db->init.busy is 1 it means we are reading the SQL off the
|
||||||
|
** "sqlite_master" or "sqlite_temp_master" table on the disk.
|
||||||
|
** So do not write to the disk again. Extract the root page number
|
||||||
|
** for the table from the db->init.newTnum field. (The page number
|
||||||
|
** should have been put there by the sqliteOpenCb routine.)
|
||||||
|
@@ -1880,10 +1878,14 @@
|
||||||
|
**
|
||||||
|
** If the root page number is 1, that means this is the sqlite_master
|
||||||
|
** table itself. So mark it read-only.
|
||||||
|
*/
|
||||||
|
if( db->init.busy ){
|
||||||
|
+ if( pSelect ){
|
||||||
|
+ sqlite3ErrorMsg(pParse, "");
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
p->tnum = db->init.newTnum;
|
||||||
|
if( p->tnum==1 ) p->tabFlags |= TF_Readonly;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Special processing for WITHOUT ROWID Tables */
|
||||||
|
|
||||||
|
Index: src/prepare.c
|
||||||
|
==================================================================
|
||||||
|
--- src/prepare.c
|
||||||
|
+++ src/prepare.c
|
||||||
|
@@ -27,11 +27,11 @@
|
||||||
|
sqlite3 *db = pData->db;
|
||||||
|
if( !db->mallocFailed && (db->flags & SQLITE_WriteSchema)==0 ){
|
||||||
|
char *z;
|
||||||
|
if( zObj==0 ) zObj = "?";
|
||||||
|
z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj);
|
||||||
|
- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
|
||||||
|
+ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
|
||||||
|
sqlite3DbFree(db, *pData->pzErrMsg);
|
||||||
|
*pData->pzErrMsg = z;
|
||||||
|
}
|
||||||
|
pData->rc = db->mallocFailed ? SQLITE_NOMEM_BKPT : SQLITE_CORRUPT_BKPT;
|
||||||
|
}
|
||||||
|
|
@ -10,7 +10,7 @@
|
|||||||
Summary: Library that implements an embeddable SQL database engine
|
Summary: Library that implements an embeddable SQL database engine
|
||||||
Name: sqlite
|
Name: sqlite
|
||||||
Version: %{rpmver}
|
Version: %{rpmver}
|
||||||
Release: 3%{?dist}
|
Release: 4%{?dist}
|
||||||
License: Public Domain
|
License: Public Domain
|
||||||
Group: Applications/Databases
|
Group: Applications/Databases
|
||||||
URL: http://www.sqlite.org/
|
URL: http://www.sqlite.org/
|
||||||
@ -41,6 +41,8 @@ Patch10: sqlite-3.22.0-fts3rank-big-endian.patch
|
|||||||
# Upstream pt1: https://www.sqlite.org/src/info/d9e59cfb8476e1ec
|
# Upstream pt1: https://www.sqlite.org/src/info/d9e59cfb8476e1ec
|
||||||
# Upstream pt2: https://www.sqlite.org/src/info/ba0631de60ca38bf
|
# Upstream pt2: https://www.sqlite.org/src/info/ba0631de60ca38bf
|
||||||
Patch11: sqlite-3.22.0-walro2-filesize.patch
|
Patch11: sqlite-3.22.0-walro2-filesize.patch
|
||||||
|
# Upstream: https://www.sqlite.org/cgi/src/timeline?r=corrupt-schema
|
||||||
|
Patch12: sqlite-3.22.0-corrupt-schema.patch
|
||||||
|
|
||||||
BuildRequires: ncurses-devel readline-devel glibc-devel
|
BuildRequires: ncurses-devel readline-devel glibc-devel
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
@ -147,6 +149,7 @@ This package contains the analysis program for %{name}.
|
|||||||
%patch9 -p0
|
%patch9 -p0
|
||||||
%patch10 -p0
|
%patch10 -p0
|
||||||
%patch11 -p0
|
%patch11 -p0
|
||||||
|
%patch12 -p0
|
||||||
|
|
||||||
autoconf # Rerun with new autoconf to add support for aarm64
|
autoconf # Rerun with new autoconf to add support for aarm64
|
||||||
|
|
||||||
@ -248,6 +251,9 @@ make test
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Mar 21 2018 Petr Kubat <pkubat@redhat.com> - 3.22.0-4
|
||||||
|
- Fixed CVE-2018-8740 (#1558809)
|
||||||
|
|
||||||
* Fri Feb 9 2018 Florian Weimer <fweimer@redhat.com> - 3.22.0-3
|
* Fri Feb 9 2018 Florian Weimer <fweimer@redhat.com> - 3.22.0-3
|
||||||
- Use LDFLAGS from redhat-rpm-config for building lemon, too
|
- Use LDFLAGS from redhat-rpm-config for building lemon, too
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user