| Pick sqlite upstream patch from |
| https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 |
| to fix CVE-2019-19880. |
| diff --git a/sqlite3.c b/sqlite3.c |
| index 8fd740b..1a5886b 100644 |
| --- a/sqlite3.c |
| +++ b/sqlite3.c |
| @@ -147583,9 +147583,11 @@ static ExprList *exprListAppendList( |
| int nInit = pList ? pList->nExpr : 0; |
| for(i=0; i<pAppend->nExpr; i++){ |
| Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0); |
| + assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) ); |
| if( bIntToNull && pDup && pDup->op==TK_INTEGER ){ |
| pDup->op = TK_NULL; |
| pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse); |
| + pDup->u.zToken = 0; |
| } |
| pList = sqlite3ExprListAppend(pParse, pList, pDup); |
| if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags; |