meta/recipes-support/sqlite/files/CVE-2022-35737.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29

From 2bbf4c999dbb4b520561a57e0bafc19a15562093 Mon Sep 17 00:00:00 2001
From: Hitendra Prajapati <hprajapati@mvista.com>
Date: Fri, 2 Sep 2022 11:22:29 +0530
Subject: [PATCH] CVE-2022-35737

Upstream-Status: Backport [https://www.sqlite.org/src/info/aab790a16e1bdff7]
CVE: CVE-2022-35737
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 sqlite3.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sqlite3.c b/sqlite3.c
index f664217..33dfb78 100644
--- a/sqlite3.c
+++ b/sqlite3.c
@@ -28758,7 +28758,8 @@ SQLITE_API void sqlite3_str_vappendf(
       case etSQLESCAPE:           /* %q: Escape ' characters */
       case etSQLESCAPE2:          /* %Q: Escape ' and enclose in '...' */
       case etSQLESCAPE3: {        /* %w: Escape " characters */
-        int i, j, k, n, isnull;
+        i64  i, j, k, n;
+        int isnull;
         int needQuote;
         char ch;
         char q = ((xtype==etSQLESCAPE3)?'"':'\'');   /* Quote character */
-- 
2.25.1