dev-db/sqlite/files/sqlite-3.30.1-CVE-2019-19880.patch - mirrors/cros/chromiumos/overlays/portage-stable - Git at Google

 Pick sqlite upstream patch from
 https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
 to fix CVE-2019-19880.
 diff --git a/sqlite3.c b/sqlite3.c
 index 8fd740b..1a5886b 100644
 --- a/sqlite3.c
 +++ b/sqlite3.c
 @@ -147583,9 +147583,11 @@ static ExprList *exprListAppendList(
      int nInit = pList ? pList->nExpr : 0;
      for(i=0; i<pAppend->nExpr; i++){
        Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
 +      assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
        if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
          pDup->op = TK_NULL;
          pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse);
 +        pDup->u.zToken = 0;
        }
        pList = sqlite3ExprListAppend(pParse, pList, pDup);
        if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
	Pick sqlite upstream patch from
	https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
	to fix CVE-2019-19880.
	diff --git a/sqlite3.c b/sqlite3.c
	index 8fd740b..1a5886b 100644
	--- a/sqlite3.c
	+++ b/sqlite3.c
	@@ -147583,9 +147583,11 @@ static ExprList *exprListAppendList(
	int nInit = pList ? pList->nExpr : 0;
	for(i=0; i<pAppend->nExpr; i++){
	Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
	+ assert( pDup==0 \|\| !ExprHasProperty(pDup, EP_MemToken) );
	if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
	pDup->op = TK_NULL;
	pDup->flags &= ~(EP_IntValue\|EP_IsTrue\|EP_IsFalse);
	+ pDup->u.zToken = 0;
	}
	pList = sqlite3ExprListAppend(pParse, pList, pDup);
	if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;