634172 – (CVE-2017-15286) <dev-db/sqlite-3.21.0: NULL pointer dereference in tableColumnList in shell.c

Bug 634172 (CVE-2017-15286) - <dev-db/sqlite-3.21.0: NULL pointer dereference in tableColumnList in shell.c

Summary: <dev-db/sqlite-3.21.0: NULL pointer dereference in tableColumnList in shell.c

Status:	RESOLVED FIXED

Alias:	CVE-2017-15286

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	https://bugzilla.novell.com/show_bug....
Whiteboard:	B3 [noglsa cve]
Keywords:

Depends on:
Blocks:

Reported:	2017-10-13 14:43 UTC by Aleksandr Wagner (Kivak)
Modified:	2017-11-03 19:51 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Aleksandr Wagner (Kivak) 2017-10-13 14:43:13 UTC

CVE-2017-15286 (https://nvd.nist.gov/vuln/detail/CVE-2017-15286):

SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized.

References:

https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
https://bugzilla.novell.com/show_bug.cgi?id=1063145
http://www.sqlite.org/src/info/5d0ceb8dcdef92cd

Comment 1 Arfrever Frehtes Taifersar Arahesis 2017-10-14 08:32:02 UTC

(In reply to Aleksandr Wagner (Kivak) from comment #0)
> http://www.sqlite.org/src/info/5d0ceb8dcdef92cd

https://sqlite.org/src/info/5d0ceb8dcdef92cd