diff options
| author | yuri <yuri@FreeBSD.org> | 2018-03-22 16:52:58 +0800 |
|---|---|---|
| committer | yuri <yuri@FreeBSD.org> | 2018-03-22 16:52:58 +0800 |
| commit | 6a39f634a2c714d6ce193387f5176f88b5071fff (patch) | |
| tree | f6b6590a4a92aa4964fa1018298fc5115c6aa3fb | |
| parent | 7b468865c25d60a098edd49e0ac50f66dc2a35a8 (diff) | |
| download | freebsd-ports-gnome-6a39f634a2c714d6ce193387f5176f88b5071fff.tar.gz freebsd-ports-gnome-6a39f634a2c714d6ce193387f5176f88b5071fff.tar.zst freebsd-ports-gnome-6a39f634a2c714d6ce193387f5176f88b5071fff.zip | |
databases/sqlite3: Patch for CVE-2018-8740
Detect databases whose schema is corrupted using
a CREATE TABLE AS statement and issue an appropriate error message.
CVE-2018-8740 will be entered into VuXML when SQLite will make
a release, because CVE-2018-8740 says that versions up to and including
the current version 3.22.0 are vulnerable.
Submitted by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
Reported by: tj <tj@mrsk.me>
| -rw-r--r-- | databases/sqlite3/Makefile | 1 | ||||
| -rw-r--r-- | databases/sqlite3/files/patch-sqlite3.c | 36 |
2 files changed, 37 insertions, 0 deletions
diff --git a/databases/sqlite3/Makefile b/databases/sqlite3/Makefile index a55599ee4e00..af0aad12173b 100644 --- a/databases/sqlite3/Makefile +++ b/databases/sqlite3/Makefile @@ -3,6 +3,7 @@ PORTNAME= sqlite3 DISTVERSION= 3.22.0 +PORTREVISION= 1 CATEGORIES= databases MASTER_SITES= https://www.sqlite.org/2018/ http://www2.sqlite.org/2018/ http://www3.sqlite.org/2018/ DISTNAME= sqlite-autoconf-${PORTVERSION:C/\.([[:digit:]])[[:>:]]/0\1/g:S/.//g}00 diff --git a/databases/sqlite3/files/patch-sqlite3.c b/databases/sqlite3/files/patch-sqlite3.c new file mode 100644 index 000000000000..9be947b709cc --- /dev/null +++ b/databases/sqlite3/files/patch-sqlite3.c @@ -0,0 +1,36 @@ +Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740 +Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message. +Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b +Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349 + +--- sqlite3.c.orig 2018-03-22 07:08:21 UTC ++++ sqlite3.c +@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable( + p = pParse->pNewTable; + if( p==0 ) return; + +- assert( !db->init.busy || !pSelect ); +- + /* If the db->init.busy is 1 it means we are reading the SQL off the + ** "sqlite_master" or "sqlite_temp_master" table on the disk. + ** So do not write to the disk again. Extract the root page number +@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable( + ** table itself. So mark it read-only. + */ + if( db->init.busy ){ ++ if( pSelect ){ ++ sqlite3ErrorMsg(pParse, ""); ++ return; ++ } + p->tnum = db->init.newTnum; + if( p->tnum==1 ) p->tabFlags |= TF_Readonly; + } +@@ -117813,7 +117815,7 @@ static void corruptSchema( + char *z; + if( zObj==0 ) zObj = "?"; + z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj); +- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra); ++ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra); + sqlite3DbFree(db, *pData->pzErrMsg); + *pData->pzErrMsg = z; + } |