Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 485076 Details for
Bug 624164
<dev-db/sqlite-3.17.0: buffer over-reads were recently discovered
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
sqlite-3.19.3-CVE-2017-10989.patch
sqlite-3.19.3-CVE-2017-10989.patch (text/plain), 1.26 KB, created by
Andrey Ovcharov
on 2017-07-16 09:31:24 UTC
(
hide
)
Description:
sqlite-3.19.3-CVE-2017-10989.patch
Filename:
MIME Type:
Creator:
Andrey Ovcharov
Created:
2017-07-16 09:31:24 UTC
Size:
1.26 KB
patch
obsolete
>Index: ext/rtree/rtree.c >================================================================== >--- ext/rtree/rtree.c >+++ ext/rtree/rtree.c >@@ -3435,10 +3435,14 @@ > pRtree->zDb, pRtree->zName > ); > rc = getIntFromStmt(db, zSql, &pRtree->iNodeSize); > if( rc!=SQLITE_OK ){ > *pzErr = sqlite3_mprintf("%s", sqlite3_errmsg(db)); >+ }else if( pRtree->iNodeSize<(512-64) ){ >+ rc = SQLITE_CORRUPT; >+ *pzErr = sqlite3_mprintf("undersize RTree blobs in \"%q_node\"", >+ pRtree->zName); > } > } > > sqlite3_free(zSql); > return rc; > >Index: ext/rtree/rtreeA.test >================================================================== >--- ext/rtree/rtreeA.test >+++ ext/rtree/rtreeA.test >@@ -213,8 +213,21 @@ > } {} > do_corruption_tests rtreeA-6.1 { > 1 "DELETE FROM t1 WHERE rowid = 5" > 2 "UPDATE t1 SET x1=x1+1, x2=x2+1" > } >+ >+#------------------------------------------------------------------------- >+# Truncated blobs in the _node table. >+# >+create_t1 >+populate_t1 >+sqlite3 db test.db >+do_execsql_test rtreeA-7.100 { >+ UPDATE t1_node SET data=x'' WHERE rowid=1; >+} {} >+do_catchsql_test rtreeA-7.110 { >+ SELECT * FROM t1 WHERE x1>0 AND x1<100 AND x2>0 AND x2<100; >+} {1 {undersize RTree blobs in "t1_node"}} > > > finish_test
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=485076">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 624164
: 485076
