[RESTRICT AUTOMERGE] Apply security patch to sqlite 3.18
This patch fixes CVE-2019-9936,CVE-2019-5018,CVE-2019-8457
in b/140181188 b/140180629 and b/140182003 respectively
Download from https://www.sqlite.org/src/info/b54aa18b0fe4d683
Get the Tarball or ZIP Archive, unzip it on linux machine then run:
mkdir bld; cd bld; ../configure; make sqlite3.c
Copy sqlite3.c, sqlite3.h, sqlite3ext.h, shell.c from bld directory
to dist/orig.
dist contains a copy of dist/orig, but with the Android.patch
file applied.
Test: select sqlite_version() - returns 3.18.2
Test: atest cts/SQLiteDatabaseTest all passed.
Bug: 140181188
Bug: 140180629
Bug: 140182003
Merged-In: Iad8c3d1d74d8591a75a4c033c8bf9d3956d2fe4f
Change-Id: Idab253d25374ef6c60e753086d9d8ba12f365697
(cherry picked from commit 9c46de648a547bf82dc1edebc589cc09362d3432)
diff --git a/README.version b/README.version
index 855986a..bd6e8d9 100644
--- a/README.version
+++ b/README.version
@@ -1,4 +1,4 @@
-URL: https://www.sqlite.org/src/info/4bb21d8205b3c72b
-Version: 3.18.2 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663
-This patch fixes Magellan SQLite Security Vulnerability as in b/121156452
+URL: https://www.sqlite.org/src/info/b54aa18b0fe4d683
+Version: 3.18.2 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973
+This patch fixes CVE-2019-9936,CVE-2019-5018,CVE-2019-8457 in b/140181188 b/140180629 and b/140182003 respectively
BugComponent: 24950
diff --git a/dist/orig/sqlite3.c b/dist/orig/sqlite3.c
index bbe07ce..f7c2e40 100644
--- a/dist/orig/sqlite3.c
+++ b/dist/orig/sqlite3.c
@@ -400,7 +400,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2018-12-19 01:38:18 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
@@ -167025,6 +167025,7 @@
}
+#if defined(SQLITE_TEST)
/*
** Implementation of a scalar function that decodes r-tree nodes to
** human readable strings. This can be used for debugging and analysis.
@@ -167086,6 +167087,7 @@
sqlite3_result_text(ctx, zText, -1, sqlite3_free);
}
+#endif
/* This routine implements an SQL function that returns the "depth" parameter
** from the front of a blob that is an r-tree node. For example:
@@ -167115,9 +167117,11 @@
*/
SQLITE_PRIVATE int sqlite3RtreeInit(sqlite3 *db){
const int utf8 = SQLITE_UTF8;
- int rc;
+ int rc = SQLITE_OK;
+#if defined(SQLITE_TEST)
rc = sqlite3_create_function(db, "rtreenode", 2, utf8, 0, rtreenode, 0, 0);
+#endif
if( rc==SQLITE_OK ){
rc = sqlite3_create_function(db, "rtreedepth", 1, utf8, 0,rtreedepth, 0, 0);
}
@@ -189086,7 +189090,9 @@
for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
Fts5HashEntry *pIter;
for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
- if( pTerm==0 || 0==memcmp(pIter->zKey, pTerm, nTerm) ){
+ if( pTerm==0
+ || (strlen(pIter->zKey)>=nTerm && 0==memcmp(pIter->zKey, pTerm, nTerm))
+ ){
Fts5HashEntry *pEntry = pIter;
pEntry->pScanNext = 0;
for(i=0; ap[i]; i++){
@@ -198282,7 +198288,7 @@
){
assert( nArg==0 );
UNUSED_PARAM2(nArg, apUnused);
- sqlite3_result_text(pCtx, "fts5: 2018-12-19 01:38:18 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663", -1, SQLITE_TRANSIENT);
+ sqlite3_result_text(pCtx, "fts5: 2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973", -1, SQLITE_TRANSIENT);
}
static int fts5Init(sqlite3 *db){
diff --git a/dist/orig/sqlite3.h b/dist/orig/sqlite3.h
index 642ae90..3b9829e 100644
--- a/dist/orig/sqlite3.h
+++ b/dist/orig/sqlite3.h
@@ -123,7 +123,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2018-12-19 01:38:18 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
diff --git a/dist/sqlite3.c b/dist/sqlite3.c
index e6e702d..846e75b 100644
--- a/dist/sqlite3.c
+++ b/dist/sqlite3.c
@@ -400,7 +400,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2018-12-19 01:38:18 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
@@ -167038,6 +167038,7 @@
}
+#if defined(SQLITE_TEST)
/*
** Implementation of a scalar function that decodes r-tree nodes to
** human readable strings. This can be used for debugging and analysis.
@@ -167099,6 +167100,7 @@
sqlite3_result_text(ctx, zText, -1, sqlite3_free);
}
+#endif
/* This routine implements an SQL function that returns the "depth" parameter
** from the front of a blob that is an r-tree node. For example:
@@ -167128,9 +167130,11 @@
*/
SQLITE_PRIVATE int sqlite3RtreeInit(sqlite3 *db){
const int utf8 = SQLITE_UTF8;
- int rc;
+ int rc = SQLITE_OK;
+#if defined(SQLITE_TEST)
rc = sqlite3_create_function(db, "rtreenode", 2, utf8, 0, rtreenode, 0, 0);
+#endif
if( rc==SQLITE_OK ){
rc = sqlite3_create_function(db, "rtreedepth", 1, utf8, 0,rtreedepth, 0, 0);
}
@@ -189099,7 +189103,9 @@
for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
Fts5HashEntry *pIter;
for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
- if( pTerm==0 || 0==memcmp(pIter->zKey, pTerm, nTerm) ){
+ if( pTerm==0
+ || (strlen(pIter->zKey)>=nTerm && 0==memcmp(pIter->zKey, pTerm, nTerm))
+ ){
Fts5HashEntry *pEntry = pIter;
pEntry->pScanNext = 0;
for(i=0; ap[i]; i++){
@@ -198295,7 +198301,7 @@
){
assert( nArg==0 );
UNUSED_PARAM2(nArg, apUnused);
- sqlite3_result_text(pCtx, "fts5: 2018-12-19 01:38:18 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663", -1, SQLITE_TRANSIENT);
+ sqlite3_result_text(pCtx, "fts5: 2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973", -1, SQLITE_TRANSIENT);
}
static int fts5Init(sqlite3 *db){
diff --git a/dist/sqlite3.h b/dist/sqlite3.h
index 642ae90..3b9829e 100644
--- a/dist/sqlite3.h
+++ b/dist/sqlite3.h
@@ -123,7 +123,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2018-12-19 01:38:18 4bb21d8205b3c72b94442018a0544ecc55e3320ef2593f0e3350142b7f2a7663"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
