From 8c80ee8972575d02ac5066c7d002eb062db68067 Mon Sep 17 00:00:00 2001 From: eulerstorage Date: Mon, 20 Jan 2020 10:07:09 +0800 Subject: [PATCH] fix CVEs --- ...function-in-the-zipfile-extension-so.patch | 43 +++++++++++++++++++ sqlite.spec | 10 ++++- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 6054-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch diff --git a/6054-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch b/6054-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch new file mode 100644 index 0000000..0ff9b40 --- /dev/null +++ b/6054-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch @@ -0,0 +1,43 @@ +From d8f2d46cbc9925e034a68aaaf60aad788d9373c1 Mon Sep 17 00:00:00 2001 +From: drh +Date: Mon, 23 Dec 2019 21:04:33 +0000 +Subject: [PATCH] Fix the zipfile() function in the zipfile extension so that + it is able to deal with goofy filenames that contain embedded zeros. + +Code for CVE-2019-19959 fixing +Modified by openEuler build team +Removed manifest changes and adapt to old code. + +FossilOrigin-Name: cc0fb00a128fd0773db5ff7891f7aa577a3671d570166d2cbb30df922344adcf +--- + ext/misc/zipfile.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c +index 9f2258e..3a87ec2 100644 +--- a/ext/misc/zipfile.c ++++ b/ext/misc/zipfile.c +@@ -1631,7 +1631,7 @@ static int zipfileUpdate( + zFree = sqlite3_mprintf("%s/", zPath); + if( zFree==0 ){ rc = SQLITE_NOMEM; } + zPath = (const char*)zFree; +- nPath++; ++ nPath = (int)strlen(zPath); + } + } + +@@ -2032,11 +2032,11 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){ + }else{ + if( zName[nName-1]!='/' ){ + zName = zFree = sqlite3_mprintf("%s/", zName); +- nName++; + if( zName==0 ){ + rc = SQLITE_NOMEM; + goto zipfile_step_out; + } ++ nName = (int)strlen(zName); + }else{ + while( nName>1 && zName[nName-2]=='/' ) nName--; + } +-- +1.8.3.1 diff --git a/sqlite.spec b/sqlite.spec index db4b6f2..732064f 100644 --- a/sqlite.spec +++ b/sqlite.spec @@ -6,7 +6,7 @@ Name: sqlite Version: 3.24.0 -Release: 7 +Release: 8 Summary: Embeded SQL database License: Public Domain URL: http://www.sqlite.org/ @@ -73,6 +73,7 @@ Patch6050: 6050-Fix-CVE-2019-19924-When-an-error-occurs-while-rewriting-the-pars Patch6051: 6051-Fix-CVE-2019-19925-Fix-the-zipfile-extension-so-that-INSERT-works-even-.patch Patch6052: 6052-Fix-CVE-2019-19926-Continuation-of-e2bddcd4c55ba3cb-Add-another-spot-wh.patch Patch6053: 6053-Fix-CVE-2019-20218-Do-not-attempt-to-unwind-the-WITH-stack-in-the-Parse.patch +Patch6054: 6054-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch BuildRequires: gcc autoconf tcl tcl-devel BuildRequires: ncurses-devel readline-devel glibc-devel @@ -172,6 +173,7 @@ This contains man files and HTML files for the using of sqlite. %patch6051 -p1 %patch6052 -p1 %patch6053 -p1 +%patch6054 -p1 rm -f %{name}-doc-%{extver}/sqlite.css~ || : @@ -242,6 +244,12 @@ make test %{_mandir}/man*/* %changelog +* Wed Jan 11 2020 openEuler Buildteam - 3.24.0-8 +- Type:enhancement +- ID:NA +- SUG:NA +- DESC:CVE-2019-19959 fixed + * Wed Jan 11 2020 openEuler Buildteam - 3.24.0-7 - Type:enhancement - ID:NA -- Gitee