Date: Thu, 22 Mar 2018 08:52:58 +0000 (UTC) From: Yuri Victorovich <yuri@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r465275 - in head/databases/sqlite3: . files Message-ID: <201803220852.w2M8qwBX047215@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: yuri Date: Thu Mar 22 08:52:58 2018 New Revision: 465275 URL: https://svnweb.freebsd.org/changeset/ports/465275 Log: databases/sqlite3: Patch for CVE-2018-8740 Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message. CVE-2018-8740 will be entered into VuXML when SQLite will make a release, because CVE-2018-8740 says that versions up to and including the current version 3.22.0 are vulnerable. Submitted by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer) Reported by: tj <tj@mrsk.me> Added: head/databases/sqlite3/files/ head/databases/sqlite3/files/patch-sqlite3.c (contents, props changed) Modified: head/databases/sqlite3/Makefile Modified: head/databases/sqlite3/Makefile ============================================================================== --- head/databases/sqlite3/Makefile Thu Mar 22 08:49:22 2018 (r465274) +++ head/databases/sqlite3/Makefile Thu Mar 22 08:52:58 2018 (r465275) @@ -3,6 +3,7 @@ PORTNAME= sqlite3 DISTVERSION= 3.22.0 +PORTREVISION= 1 CATEGORIES= databases MASTER_SITES= https://www.sqlite.org/2018/ http://www2.sqlite.org/2018/ http://www3.sqlite.org/2018/ DISTNAME= sqlite-autoconf-${PORTVERSION:C/\.([[:digit:]])[[:>:]]/0\1/g:S/.//g}00 Added: head/databases/sqlite3/files/patch-sqlite3.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/databases/sqlite3/files/patch-sqlite3.c Thu Mar 22 08:52:58 2018 (r465275) @@ -0,0 +1,36 @@ +Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740 +Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message. +Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b +Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349 + +--- sqlite3.c.orig 2018-03-22 07:08:21 UTC ++++ sqlite3.c +@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable( + p = pParse->pNewTable; + if( p==0 ) return; + +- assert( !db->init.busy || !pSelect ); +- + /* If the db->init.busy is 1 it means we are reading the SQL off the + ** "sqlite_master" or "sqlite_temp_master" table on the disk. + ** So do not write to the disk again. Extract the root page number +@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable( + ** table itself. So mark it read-only. + */ + if( db->init.busy ){ ++ if( pSelect ){ ++ sqlite3ErrorMsg(pParse, ""); ++ return; ++ } + p->tnum = db->init.newTnum; + if( p->tnum==1 ) p->tabFlags |= TF_Readonly; + } +@@ -117813,7 +117815,7 @@ static void corruptSchema( + char *z; + if( zObj==0 ) zObj = "?"; + z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj); +- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra); ++ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra); + sqlite3DbFree(db, *pData->pzErrMsg); + *pData->pzErrMsg = z; + }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803220852.w2M8qwBX047215>