diff options
author | Leo <thinkabit.ukim@gmail.com> | 2019-10-11 16:32:12 -0300 |
---|---|---|
committer | Kevin Daudt <kdaudt@alpinelinux.org> | 2019-10-20 15:44:09 +0000 |
commit | 1833ad9258bf53ebd1f42ccecc5bbf2696c7e19a (patch) | |
tree | c817258950e00e95ead9a8457e290b37af32ae6d /main/sqlite/CVE-2019-16168.patch | |
parent | 3ae476f3715e2011fce8fb62ecb98307aa497b10 (diff) | |
download | aports-1833ad9258bf53ebd1f42ccecc5bbf2696c7e19a.tar.bz2 aports-1833ad9258bf53ebd1f42ccecc5bbf2696c7e19a.tar.xz |
main/sqlite: fix CVE-2019-16168
ref #10868
Closes !421
Diffstat (limited to 'main/sqlite/CVE-2019-16168.patch')
-rw-r--r-- | main/sqlite/CVE-2019-16168.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/main/sqlite/CVE-2019-16168.patch b/main/sqlite/CVE-2019-16168.patch new file mode 100644 index 0000000000..d1be258aec --- /dev/null +++ b/main/sqlite/CVE-2019-16168.patch @@ -0,0 +1,24 @@ +diff --git a/sqlite3.c b/sqlite3.c +index c607252..7c01bbf 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -104242,7 +104242,9 @@ static void decodeIntArray( + if( sqlite3_strglob("unordered*", z)==0 ){ + pIndex->bUnordered = 1; + }else if( sqlite3_strglob("sz=[0-9]*", z)==0 ){ +- pIndex->szIdxRow = sqlite3LogEst(sqlite3Atoi(z+3)); ++ int sz = sqlite3Atoi(z+3); ++ if( sz<2 ) sz = 2; ++ pIndex->szIdxRow = sqlite3LogEst(sz); + }else if( sqlite3_strglob("noskipscan*", z)==0 ){ + pIndex->noSkipScan = 1; + } +@@ -141020,6 +141022,7 @@ static int whereLoopAddBtreeIndex( + ** it to pNew->rRun, which is currently set to the cost of the index + ** seek only. Then, if this is a non-covering index, add the cost of + ** visiting the rows in the main table. */ ++ assert( pSrc->pTab->szTabRow>0 ); + rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow; + pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx); + if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK))==0 ){ + |