From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1151314-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id A2F12138350
for <garchives@archives.gentoo.org>; Mon, 9 Mar 2020 19:29:53 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 904EAE09A8;
Mon, 9 Mar 2020 19:29:52 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 638E0E09A8
for <gentoo-commits@lists.gentoo.org>; Mon, 9 Mar 2020 19:29:52 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by smtp.gentoo.org (Postfix) with ESMTPS id ED93234F338
for <gentoo-commits@lists.gentoo.org>; Mon, 9 Mar 2020 19:29:50 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
by oystercatcher.gentoo.org (Postfix) with ESMTP id AE1AC163
for <gentoo-commits@lists.gentoo.org>; Mon, 9 Mar 2020 19:29:47 +0000 (UTC)
From: "Mike Gilbert" <floppym@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Mike Gilbert" <floppym@gentoo.org>
Message-ID: <1583782002.f97d093bbdf3d3b6057a3743c4f9f541e51fd435.floppym@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-db/sqlite/, dev-db/sqlite/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: dev-db/sqlite/files/sqlite-3.31.1-full_archive-security_fixes.patch dev-db/sqlite/files/sqlite-3.31.1-nonfull_archive-security_fixes.patch dev-db/sqlite/sqlite-3.31.1.ebuild
X-VCS-Directories: dev-db/sqlite/ dev-db/sqlite/files/
X-VCS-Committer: floppym
X-VCS-Committer-Name: Mike Gilbert
X-VCS-Revision: f97d093bbdf3d3b6057a3743c4f9f541e51fd435
X-VCS-Branch: master
Date: Mon, 9 Mar 2020 19:29:47 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: ee0523f0-f5b4-4a1a-8e19-4590fbfa78cb
X-Archives-Hash: 033f067b61fd11843667de4021e339c3
commit: f97d093bbdf3d3b6057a3743c4f9f541e51fd435
Author: Arfrever Frehtes Taifersar Arahesis <Arfrever <AT> Apache <DOT> Org>
AuthorDate: Mon Mar 9 16:30:41 2020 +0000
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Mon Mar 9 19:26:42 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f97d093b
dev-db/sqlite: Security fixes.
Bug: https://bugs.gentoo.org/711526
Signed-off-by: Arfrever Frehtes Taifersar Arahesis <Arfrever <AT> Apache.Org>
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
...sqlite-3.31.1-full_archive-security_fixes.patch | 163 +++++++++++++++++++++
...ite-3.31.1-nonfull_archive-security_fixes.patch | 112 ++++++++++++++
dev-db/sqlite/sqlite-3.31.1.ebuild | 2 +
3 files changed, 277 insertions(+)
diff --git a/dev-db/sqlite/files/sqlite-3.31.1-full_archive-security_fixes.patch b/dev-db/sqlite/files/sqlite-3.31.1-full_archive-security_fixes.patch
new file mode 100644
index 00000000000..c0bb7144a67
--- /dev/null
+++ b/dev-db/sqlite/files/sqlite-3.31.1-full_archive-security_fixes.patch
@@ -0,0 +1,163 @@
+https://sqlite.org/cgi/src/info/9d0d4ab95dc0c56e
+https://sqlite.org/cgi/src/info/abc473fb8fb99900
+https://sqlite.org/cgi/src/info/5aeb5a2d295e10d5
+https://sqlite.org/cgi/src/info/a67cf5b7d37d5b14
+https://sqlite.org/cgi/src/info/14d14eb537075c6a
+https://sqlite.org/cgi/src/info/c431b3fd8fd0f6a6
+
+--- /src/expr.c
++++ /src/expr.c
+@@ -5463,19 +5463,25 @@
+ case TK_LT:
+ case TK_LE:
+ case TK_GT:
+- case TK_GE:
++ case TK_GE: {
++ Expr *pLeft = pExpr->pLeft;
++ Expr *pRight = pExpr->pRight;
+ testcase( pExpr->op==TK_EQ );
+ testcase( pExpr->op==TK_NE );
+ testcase( pExpr->op==TK_LT );
+ testcase( pExpr->op==TK_LE );
+ testcase( pExpr->op==TK_GT );
+ testcase( pExpr->op==TK_GE );
+- if( (pExpr->pLeft->op==TK_COLUMN && IsVirtual(pExpr->pLeft->y.pTab))
+- || (pExpr->pRight->op==TK_COLUMN && IsVirtual(pExpr->pRight->y.pTab))
++ /* The y.pTab=0 assignment in wherecode.c always happens after the
++ ** impliesNotNullRow() test */
++ if( (pLeft->op==TK_COLUMN && ALWAYS(pLeft->y.pTab!=0)
++ && IsVirtual(pLeft->y.pTab))
++ || (pRight->op==TK_COLUMN && ALWAYS(pRight->y.pTab!=0)
++ && IsVirtual(pRight->y.pTab))
+ ){
+- return WRC_Prune;
++ return WRC_Prune;
+ }
+-
++ }
+ default:
+ return WRC_Continue;
+ }
+--- /src/resolve.c
++++ /src/resolve.c
+@@ -1051,7 +1051,7 @@
+ assert( !ExprHasProperty(pExpr, EP_Reduced) );
+ /* Handle special cases of "x IS TRUE", "x IS FALSE", "x IS NOT TRUE",
+ ** and "x IS NOT FALSE". */
+- if( pRight->op==TK_ID ){
++ if( pRight && pRight->op==TK_ID ){
+ int rc = resolveExprStep(pWalker, pRight);
+ if( rc==WRC_Abort ) return WRC_Abort;
+ if( pRight->op==TK_TRUEFALSE ){
+--- /src/select.c
++++ /src/select.c
+@@ -2806,6 +2806,7 @@
+ /* Generate code to take the intersection of the two temporary
+ ** tables.
+ */
++ if( rc ) break;
+ assert( p->pEList );
+ iBreak = sqlite3VdbeMakeLabel(pParse);
+ iCont = sqlite3VdbeMakeLabel(pParse);
+@@ -5148,7 +5149,7 @@
+ pNew = sqlite3ExprListAppend(pParse, pNew, pExpr);
+ sqlite3TokenInit(&sColname, zColname);
+ sqlite3ExprListSetName(pParse, pNew, &sColname, 0);
+- if( pNew && (p->selFlags & SF_NestedFrom)!=0 ){
++ if( pNew && (p->selFlags & SF_NestedFrom)!=0 && !IN_RENAME_OBJECT ){
+ struct ExprList_item *pX = &pNew->a[pNew->nExpr-1];
+ sqlite3DbFree(db, pX->zEName);
+ if( pSub ){
+--- /src/sqliteInt.h
++++ /src/sqliteInt.h
+@@ -2153,8 +2153,11 @@
+ */
+ #ifndef SQLITE_OMIT_VIRTUALTABLE
+ # define IsVirtual(X) ((X)->nModuleArg)
++# define ExprIsVtab(X) \
++ ((X)->op==TK_COLUMN && (X)->y.pTab!=0 && (X)->y.pTab->nModuleArg)
+ #else
+ # define IsVirtual(X) 0
++# define ExprIsVtab(X) 0
+ #endif
+
+ /*
+--- /src/whereexpr.c
++++ /src/whereexpr.c
+@@ -377,7 +377,8 @@
+ ** MATCH(expression,vtab_column)
+ */
+ pCol = pList->a[1].pExpr;
+- if( pCol->op==TK_COLUMN && IsVirtual(pCol->y.pTab) ){
++ testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
++ if( ExprIsVtab(pCol) ){
+ for(i=0; i<ArraySize(aOp); i++){
+ if( sqlite3StrICmp(pExpr->u.zToken, aOp[i].zOp)==0 ){
+ *peOp2 = aOp[i].eOp2;
+@@ -399,7 +400,8 @@
+ ** with function names in an arbitrary case.
+ */
+ pCol = pList->a[0].pExpr;
+- if( pCol->op==TK_COLUMN && IsVirtual(pCol->y.pTab) ){
++ testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
++ if( ExprIsVtab(pCol) ){
+ sqlite3_vtab *pVtab;
+ sqlite3_module *pMod;
+ void (*xNotUsed)(sqlite3_context*,int,sqlite3_value**);
+@@ -422,10 +424,12 @@
+ int res = 0;
+ Expr *pLeft = pExpr->pLeft;
+ Expr *pRight = pExpr->pRight;
+- if( pLeft->op==TK_COLUMN && IsVirtual(pLeft->y.pTab) ){
++ testcase( pLeft->op==TK_COLUMN && pLeft->y.pTab==0 );
++ if( ExprIsVtab(pLeft) ){
+ res++;
+ }
+- if( pRight && pRight->op==TK_COLUMN && IsVirtual(pRight->y.pTab) ){
++ testcase( pRight && pRight->op==TK_COLUMN && pRight->y.pTab==0 );
++ if( pRight && ExprIsVtab(pRight) ){
+ res++;
+ SWAP(Expr*, pLeft, pRight);
+ }
+--- /test/altertab.test
++++ /test/altertab.test
+@@ -613,4 +613,21 @@
+ SELECT sql FROM sqlite_master;
+ } {{CREATE TABLE t0 (c1 INTEGER, PRIMARY KEY(c1))}}
+
++# 2020-02-23 ticket f50af3e8a565776b
++reset_db
++do_execsql_test 19.100 {
++ CREATE TABLE t1(x);
++ CREATE VIEW t2 AS SELECT 1 FROM t1, (t1 AS a0, t1);
++ ALTER TABLE t1 RENAME TO t3;
++ SELECT sql FROM sqlite_master;
++} {{CREATE TABLE "t3"(x)} {CREATE VIEW t2 AS SELECT 1 FROM "t3", ("t3" AS a0, "t3")}}
++do_execsql_test 19.110 {
++ INSERT INTO t3(x) VALUES(123);
++ SELECT * FROM t2;
++} {1}
++do_execsql_test 19.120 {
++ INSERT INTO t3(x) VALUES('xyz');
++ SELECT * FROM t2;
++} {1 1 1 1 1 1 1 1}
++
+ finish_test
+--- /test/windowfault.test
++++ /test/windowfault.test
+@@ -263,4 +263,15 @@
+ faultsim_test_result {0 {}}
+ }
+
++do_faultsim_test 11 -faults oom* -prep {
++} -body {
++ execsql {
++ VALUES(false),(current_date collate binary)
++ intersect
++ values(count() not like group_concat(cast(cast(0e00 as text) as integer) <= NULL || 0.4e-0 || 0x8 & true ) over () collate rtrim);
++ }
++} -test {
++ faultsim_test_result {0 {}}
++}
++
+ finish_test
diff --git a/dev-db/sqlite/files/sqlite-3.31.1-nonfull_archive-security_fixes.patch b/dev-db/sqlite/files/sqlite-3.31.1-nonfull_archive-security_fixes.patch
new file mode 100644
index 00000000000..3bbbbf7c8dd
--- /dev/null
+++ b/dev-db/sqlite/files/sqlite-3.31.1-nonfull_archive-security_fixes.patch
@@ -0,0 +1,112 @@
+https://sqlite.org/cgi/src/info/9d0d4ab95dc0c56e
+https://sqlite.org/cgi/src/info/abc473fb8fb99900
+https://sqlite.org/cgi/src/info/5aeb5a2d295e10d5
+https://sqlite.org/cgi/src/info/a67cf5b7d37d5b14
+https://sqlite.org/cgi/src/info/c431b3fd8fd0f6a6
+
+--- /sqlite3.c
++++ /sqlite3.c
+@@ -17428,8 +17428,11 @@
+ */
+ #ifndef SQLITE_OMIT_VIRTUALTABLE
+ # define IsVirtual(X) ((X)->nModuleArg)
++# define ExprIsVtab(X) \
++ ((X)->op==TK_COLUMN && (X)->y.pTab!=0 && (X)->y.pTab->nModuleArg)
+ #else
+ # define IsVirtual(X) 0
++# define ExprIsVtab(X) 0
+ #endif
+
+ /*
+@@ -97816,7 +97819,7 @@
+ assert( !ExprHasProperty(pExpr, EP_Reduced) );
+ /* Handle special cases of "x IS TRUE", "x IS FALSE", "x IS NOT TRUE",
+ ** and "x IS NOT FALSE". */
+- if( pRight->op==TK_ID ){
++ if( pRight && pRight->op==TK_ID ){
+ int rc = resolveExprStep(pWalker, pRight);
+ if( rc==WRC_Abort ) return WRC_Abort;
+ if( pRight->op==TK_TRUEFALSE ){
+@@ -104133,19 +104136,25 @@
+ case TK_LT:
+ case TK_LE:
+ case TK_GT:
+- case TK_GE:
++ case TK_GE: {
++ Expr *pLeft = pExpr->pLeft;
++ Expr *pRight = pExpr->pRight;
+ testcase( pExpr->op==TK_EQ );
+ testcase( pExpr->op==TK_NE );
+ testcase( pExpr->op==TK_LT );
+ testcase( pExpr->op==TK_LE );
+ testcase( pExpr->op==TK_GT );
+ testcase( pExpr->op==TK_GE );
+- if( (pExpr->pLeft->op==TK_COLUMN && IsVirtual(pExpr->pLeft->y.pTab))
+- || (pExpr->pRight->op==TK_COLUMN && IsVirtual(pExpr->pRight->y.pTab))
++ /* The y.pTab=0 assignment in wherecode.c always happens after the
++ ** impliesNotNullRow() test */
++ if( (pLeft->op==TK_COLUMN && ALWAYS(pLeft->y.pTab!=0)
++ && IsVirtual(pLeft->y.pTab))
++ || (pRight->op==TK_COLUMN && ALWAYS(pRight->y.pTab!=0)
++ && IsVirtual(pRight->y.pTab))
+ ){
+- return WRC_Prune;
++ return WRC_Prune;
+ }
+-
++ }
+ default:
+ return WRC_Continue;
+ }
+@@ -130673,6 +130682,7 @@
+ /* Generate code to take the intersection of the two temporary
+ ** tables.
+ */
++ if( rc ) break;
+ assert( p->pEList );
+ iBreak = sqlite3VdbeMakeLabel(pParse);
+ iCont = sqlite3VdbeMakeLabel(pParse);
+@@ -133015,7 +133025,7 @@
+ pNew = sqlite3ExprListAppend(pParse, pNew, pExpr);
+ sqlite3TokenInit(&sColname, zColname);
+ sqlite3ExprListSetName(pParse, pNew, &sColname, 0);
+- if( pNew && (p->selFlags & SF_NestedFrom)!=0 ){
++ if( pNew && (p->selFlags & SF_NestedFrom)!=0 && !IN_RENAME_OBJECT ){
+ struct ExprList_item *pX = &pNew->a[pNew->nExpr-1];
+ sqlite3DbFree(db, pX->zEName);
+ if( pSub ){
+@@ -142593,7 +142603,8 @@
+ ** MATCH(expression,vtab_column)
+ */
+ pCol = pList->a[1].pExpr;
+- if( pCol->op==TK_COLUMN && IsVirtual(pCol->y.pTab) ){
++ testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
++ if( ExprIsVtab(pCol) ){
+ for(i=0; i<ArraySize(aOp); i++){
+ if( sqlite3StrICmp(pExpr->u.zToken, aOp[i].zOp)==0 ){
+ *peOp2 = aOp[i].eOp2;
+@@ -142615,7 +142626,8 @@
+ ** with function names in an arbitrary case.
+ */
+ pCol = pList->a[0].pExpr;
+- if( pCol->op==TK_COLUMN && IsVirtual(pCol->y.pTab) ){
++ testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
++ if( ExprIsVtab(pCol) ){
+ sqlite3_vtab *pVtab;
+ sqlite3_module *pMod;
+ void (*xNotUsed)(sqlite3_context*,int,sqlite3_value**);
+@@ -142638,10 +142650,12 @@
+ int res = 0;
+ Expr *pLeft = pExpr->pLeft;
+ Expr *pRight = pExpr->pRight;
+- if( pLeft->op==TK_COLUMN && IsVirtual(pLeft->y.pTab) ){
++ testcase( pLeft->op==TK_COLUMN && pLeft->y.pTab==0 );
++ if( ExprIsVtab(pLeft) ){
+ res++;
+ }
+- if( pRight && pRight->op==TK_COLUMN && IsVirtual(pRight->y.pTab) ){
++ testcase( pRight && pRight->op==TK_COLUMN && pRight->y.pTab==0 );
++ if( pRight && ExprIsVtab(pRight) ){
+ res++;
+ SWAP(Expr*, pLeft, pRight);
+ }
diff --git a/dev-db/sqlite/sqlite-3.31.1.ebuild b/dev-db/sqlite/sqlite-3.31.1.ebuild
index 13c2752f2c9..56401e10744 100644
--- a/dev-db/sqlite/sqlite-3.31.1.ebuild
+++ b/dev-db/sqlite/sqlite-3.31.1.ebuild
@@ -126,6 +126,7 @@ src_prepare() {
if full_archive; then
eapply "${FILESDIR}/${PN}-3.31.0-full_archive-build.patch"
eapply "${FILESDIR}/${PN}-3.31.1-full_archive-architectures.patch"
+ eapply "${FILESDIR}/${PN}-3.31.1-full_archive-security_fixes.patch"
eapply_user
@@ -135,6 +136,7 @@ src_prepare() {
else
eapply "${FILESDIR}/${PN}-3.25.0-nonfull_archive-build.patch"
eapply "${FILESDIR}/${PN}-3.31.1-nonfull_archive-architectures.patch"
+ eapply "${FILESDIR}/${PN}-3.31.1-nonfull_archive-security_fixes.patch"
eapply_user