resolve merge conflicts of 9c46de648a547bf82dc1edebc589cc09362d3432 to oc-dr1-dev
Bug: 140181188
Bug: 140180629
Bug: 140182003
Test: I solemnly swear I tested this conflict resolution.
Merged-In: Iad8c3d1d74d8591a75a4c033c8bf9d3956d2fe4f
Change-Id: I8c64562a64f54ea000473a8f2d887f26df81812c
diff --git a/README.version b/README.version
index 64db55f..6b2da55 100644
--- a/README.version
+++ b/README.version
@@ -1,3 +1,5 @@
URL: https://sqlite.org/src/tarball/SQLite-8201f4e1.tar.gz?uuid=8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d
Version: 3.18.2
-BugComponent: 24950
+URL: https://www.sqlite.org/src/info/b54aa18b0fe4d683
+Version: 3.18.2 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973
+This patch fixes CVE-2019-9936,CVE-2019-5018,CVE-2019-8457 in b/140181188 b/140180629 and b/140182003 respectively
diff --git a/dist/orig/sqlite3.c b/dist/orig/sqlite3.c
index cb78c5e..6baeb26 100644
--- a/dist/orig/sqlite3.c
+++ b/dist/orig/sqlite3.c
@@ -400,7 +400,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2017-07-21 07:56:09 8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
@@ -167016,6 +167016,7 @@
}
+#if defined(SQLITE_TEST)
/*
** Implementation of a scalar function that decodes r-tree nodes to
** human readable strings. This can be used for debugging and analysis.
@@ -167077,6 +167078,7 @@
sqlite3_result_text(ctx, zText, -1, sqlite3_free);
}
+#endif
/* This routine implements an SQL function that returns the "depth" parameter
** from the front of a blob that is an r-tree node. For example:
@@ -167106,9 +167108,11 @@
*/
SQLITE_PRIVATE int sqlite3RtreeInit(sqlite3 *db){
const int utf8 = SQLITE_UTF8;
- int rc;
+ int rc = SQLITE_OK;
+#if defined(SQLITE_TEST)
rc = sqlite3_create_function(db, "rtreenode", 2, utf8, 0, rtreenode, 0, 0);
+#endif
if( rc==SQLITE_OK ){
rc = sqlite3_create_function(db, "rtreedepth", 1, utf8, 0,rtreedepth, 0, 0);
}
@@ -189077,7 +189081,9 @@
for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
Fts5HashEntry *pIter;
for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
- if( pTerm==0 || 0==memcmp(pIter->zKey, pTerm, nTerm) ){
+ if( pTerm==0
+ || (strlen(pIter->zKey)>=nTerm && 0==memcmp(pIter->zKey, pTerm, nTerm))
+ ){
Fts5HashEntry *pEntry = pIter;
pEntry->pScanNext = 0;
for(i=0; ap[i]; i++){
@@ -198273,7 +198279,7 @@
){
assert( nArg==0 );
UNUSED_PARAM2(nArg, apUnused);
- sqlite3_result_text(pCtx, "fts5: 2017-07-21 07:56:09 8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d", -1, SQLITE_TRANSIENT);
+ sqlite3_result_text(pCtx, "fts5: 2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973", -1, SQLITE_TRANSIENT);
}
static int fts5Init(sqlite3 *db){
diff --git a/dist/orig/sqlite3.h b/dist/orig/sqlite3.h
index a16ce13..3b9829e 100644
--- a/dist/orig/sqlite3.h
+++ b/dist/orig/sqlite3.h
@@ -123,7 +123,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2017-07-21 07:56:09 8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
diff --git a/dist/sqlite3.c b/dist/sqlite3.c
index df415b5..98951c3 100644
--- a/dist/sqlite3.c
+++ b/dist/sqlite3.c
@@ -400,7 +400,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2017-07-21 07:56:09 8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers
@@ -167028,6 +167028,7 @@
}
+#if defined(SQLITE_TEST)
/*
** Implementation of a scalar function that decodes r-tree nodes to
** human readable strings. This can be used for debugging and analysis.
@@ -167089,6 +167090,7 @@
sqlite3_result_text(ctx, zText, -1, sqlite3_free);
}
+#endif
/* This routine implements an SQL function that returns the "depth" parameter
** from the front of a blob that is an r-tree node. For example:
@@ -167118,9 +167120,11 @@
*/
SQLITE_PRIVATE int sqlite3RtreeInit(sqlite3 *db){
const int utf8 = SQLITE_UTF8;
- int rc;
+ int rc = SQLITE_OK;
+#if defined(SQLITE_TEST)
rc = sqlite3_create_function(db, "rtreenode", 2, utf8, 0, rtreenode, 0, 0);
+#endif
if( rc==SQLITE_OK ){
rc = sqlite3_create_function(db, "rtreedepth", 1, utf8, 0,rtreedepth, 0, 0);
}
@@ -189089,7 +189093,9 @@
for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
Fts5HashEntry *pIter;
for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
- if( pTerm==0 || 0==memcmp(pIter->zKey, pTerm, nTerm) ){
+ if( pTerm==0
+ || (strlen(pIter->zKey)>=nTerm && 0==memcmp(pIter->zKey, pTerm, nTerm))
+ ){
Fts5HashEntry *pEntry = pIter;
pEntry->pScanNext = 0;
for(i=0; ap[i]; i++){
@@ -198285,7 +198291,7 @@
){
assert( nArg==0 );
UNUSED_PARAM2(nArg, apUnused);
- sqlite3_result_text(pCtx, "fts5: 2017-07-21 07:56:09 8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d", -1, SQLITE_TRANSIENT);
+ sqlite3_result_text(pCtx, "fts5: 2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973", -1, SQLITE_TRANSIENT);
}
static int fts5Init(sqlite3 *db){
diff --git a/dist/sqlite3.h b/dist/sqlite3.h
index a16ce13..3b9829e 100644
--- a/dist/sqlite3.h
+++ b/dist/sqlite3.h
@@ -123,7 +123,7 @@
*/
#define SQLITE_VERSION "3.18.2"
#define SQLITE_VERSION_NUMBER 3018002
-#define SQLITE_SOURCE_ID "2017-07-21 07:56:09 8201f4e1c566f7223c71c07e6b703d1352801f1b2daa0fd00895a18e1944cb4d"
+#define SQLITE_SOURCE_ID "2019-09-03 19:40:52 b54aa18b0fe4d683c602ed2ba59ded6c33168982d14ea14a12b4e00cde8bf973"
/*
** CAPI3REF: Run-Time Library Version Numbers