diff options
Diffstat (limited to 'meta/recipes-support/sqlite/sqlite3/CVE-2019-19244.patch')
-rw-r--r-- | meta/recipes-support/sqlite/sqlite3/CVE-2019-19244.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-19244.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19244.patch new file mode 100644 index 0000000000..3f70979acc --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-19244.patch @@ -0,0 +1,33 @@ +CVE: CVE-2019-19244 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 0f690d4ae5ffe656762fdbb7f36cc4c2dcbb2d9d Mon Sep 17 00:00:00 2001 +From: dan <dan@noemail.net> +Date: Fri, 22 Nov 2019 10:14:01 +0000 +Subject: [PATCH] Fix a crash that could occur if a sub-select that uses both + DISTINCT and window functions also used an ORDER BY that is the same as its + select list. + +Amalgamation version of the patch: +FossilOrigin-Name: bcdd66c1691955c697f3d756c2b035acfe98f6aad72e90b0021bab6e9023b3ba +--- + sqlite3.c | 5 +++-- + sqlite3.h | 2 +- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 8fd740b..db1c649 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -131679,6 +131679,7 @@ SQLITE_PRIVATE int sqlite3Select( + */ + if( (p->selFlags & (SF_Distinct|SF_Aggregate))==SF_Distinct + && sqlite3ExprListCompare(sSort.pOrderBy, pEList, -1)==0 ++ && p->pWin==0 + ){ + p->selFlags &= ~SF_Distinct; + pGroupBy = p->pGroupBy = sqlite3ExprListDup(db, pEList, 0); +-- +2.24.1 + |