[OE-Core][dunfell][PATCH 1/2] sqlite3: Fix CVE-2020-35525

[OE-Core][dunfell][PATCH 1/2] sqlite3: Fix CVE-2020-35525

[Virendra Thakur]

From: Virendra Thakur <virendrak@kpit.com>

Add patch to fix CVE-2020-35525

Reference:
http://security.debian.org/debian-security/pool/updates/main/s/sqlite3/sqlite3_3.27.2-3+deb10u2.debian.tar.xz

Signed-off-by: Virendra Thakur <virendrak@kpit.com>
---
 .../sqlite/files/CVE-2020-35525.patch         | 21 +++++++++++++++++++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb |  1 +
 2 files changed, 22 insertions(+)
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2020-35525.patch

diff --git a/meta/recipes-support/sqlite/files/CVE-2020-35525.patch b/meta/recipes-support/sqlite/files/CVE-2020-35525.patch
new file mode 100644
index 0000000000..27d81d42d9
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/CVE-2020-35525.patch
@@ -0,0 +1,21 @@
+From: drh <drh@noemail.net>
+Date: Thu, 20 Feb 2020 14:08:51 +0000
+Subject: [PATCH] Early-out on the INTERSECT query processing following an
+ error.
+
+Upstream-Status: Backport [http://security.debian.org/debian-security/pool/updates/main/s/sqlite3/sqlite3_3.27.2-3+deb10u2.debian.tar.xz]
+CVE: CVE-2020-35525
+Signed-off-by: Virendra Thakur <virendrak@kpit.com>
+---
+Index: sqlite-autoconf-3310100/sqlite3.c
+===================================================================
+--- sqlite-autoconf-3310100.orig/sqlite3.c
++++ sqlite-autoconf-3310100/sqlite3.c
+@@ -130767,6 +130767,7 @@ static int multiSelect(
+         /* Generate code to take the intersection of the two temporary
+         ** tables.
+         */
++        if( rc ) break;
+         assert( p->pEList );
+         iBreak = sqlite3VdbeMakeLabel(pParse);
+         iCont = sqlite3VdbeMakeLabel(pParse);
diff --git a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
index 3440bf4913..48051593e4 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
@@ -14,6 +14,7 @@ SRC_URI = "http://www.sqlite.org/2020/sqlite-autoconf-${SQLITE_PV}.tar.gz \
            file://CVE-2020-13631.patch \
            file://CVE-2020-13632.patch \
            file://CVE-2022-35737.patch \
+           file://CVE-2020-35525.patch \
            "
 SRC_URI[md5sum] = "2d0a553534c521504e3ac3ad3b90f125"
 SRC_URI[sha256sum] = "62284efebc05a76f909c580ffa5c008a7d22a1287285d68b7825a2b6b51949ae"
--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.

Re: [OE-Core][dunfell][PATCH 1/2] sqlite3: Fix CVE-2020-35525

[Virendra Kumar Thakur]

[-- Attachment #1.1: Type: text/plain, Size: 4684 bytes --]

please use attach patch in case there is issue in do_patch.

As observed earlier KPIT mailer is adding some extra character in patch while sending patch, which cause failure in do_patch.

Best Regards


________________________________
From: Virendra Kumar Thakur <Virendra.Thakur@kpit.com>
Sent: Monday, September 19, 2022 7:25 PM
To: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org>
Cc: steve@sakoman.com <steve@sakoman.com>; Virendra Kumar Thakur <Virendra.Thakur@kpit.com>
Subject: [OE-Core][dunfell][PATCH 1/2] sqlite3: Fix CVE-2020-35525

From: Virendra Thakur <virendrak@kpit.com>

Add patch to fix CVE-2020-35525

Reference:
https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsecurity.debian.org%2Fdebian-security%2Fpool%2Fupdates%2Fmain%2Fs%2Fsqlite3%2Fsqlite3_3.27.2-3%2Bdeb10u2.debian.tar.xz&amp;data=05%7C01%7CVirendra.Thakur%40kpit.com%7C66ef6b4f62da4e9c4c0e08da9a46b263%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637991925705182386%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=yr1oVWwognNVO0Puv8gHuRzVm12EXvAtc3LCoJmhYuU%3D&amp;reserved=0

Signed-off-by: Virendra Thakur <virendrak@kpit.com>
---
 .../sqlite/files/CVE-2020-35525.patch         | 21 +++++++++++++++++++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb |  1 +
 2 files changed, 22 insertions(+)
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2020-35525.patch

diff --git a/meta/recipes-support/sqlite/files/CVE-2020-35525.patch b/meta/recipes-support/sqlite/files/CVE-2020-35525.patch
new file mode 100644
index 0000000000..27d81d42d9
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/CVE-2020-35525.patch
@@ -0,0 +1,21 @@
+From: drh <drh@noemail.net>
+Date: Thu, 20 Feb 2020 14:08:51 +0000
+Subject: [PATCH] Early-out on the INTERSECT query processing following an
+ error.
+
+Upstream-Status: Backport [https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fsecurity.debian.org%2Fdebian-security%2Fpool%2Fupdates%2Fmain%2Fs%2Fsqlite3%2Fsqlite3_3.27.2-3%2Bdeb10u2.debian.tar.xz&amp;data=05%7C01%7CVirendra.Thakur%40kpit.com%7C66ef6b4f62da4e9c4c0e08da9a46b263%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637991925705182386%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=yr1oVWwognNVO0Puv8gHuRzVm12EXvAtc3LCoJmhYuU%3D&amp;reserved=0]
+CVE: CVE-2020-35525
+Signed-off-by: Virendra Thakur <virendrak@kpit.com>
+---
+Index: sqlite-autoconf-3310100/sqlite3.c
+===================================================================
+--- sqlite-autoconf-3310100.orig/sqlite3.c
++++ sqlite-autoconf-3310100/sqlite3.c
+@@ -130767,6 +130767,7 @@ static int multiSelect(
+         /* Generate code to take the intersection of the two temporary
+         ** tables.
+         */
++        if( rc ) break;
+         assert( p->pEList );
+         iBreak = sqlite3VdbeMakeLabel(pParse);
+         iCont = sqlite3VdbeMakeLabel(pParse);
diff --git a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
index 3440bf4913..48051593e4 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
@@ -14,6 +14,7 @@ SRC_URI = "https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.sqlite.org%2F2020%2Fsqlite-autoconf-%24&amp;data=05%7C01%7CVirendra.Thakur%40kpit.com%7C66ef6b4f62da4e9c4c0e08da9a46b263%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637991925705494829%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=F4jFw0UZvxcHtGpqurisDSojtRr773gSMtHFP%2FbO3Ks%3D&amp;reserved=0{SQLITE_PV}.tar.gz \
            file://CVE-2020-13631.patch \
            file://CVE-2020-13632.patch \
            file://CVE-2022-35737.patch \
+           file://CVE-2020-35525.patch \
            "
 SRC_URI[md5sum] = "2d0a553534c521504e3ac3ad3b90f125"
 SRC_URI[sha256sum] = "62284efebc05a76f909c580ffa5c008a7d22a1287285d68b7825a2b6b51949ae"
--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.

[-- Attachment #1.2: Type: text/html, Size: 8465 bytes --]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-sqlite3-Fix-CVE-2020-35525.patch --]
[-- Type: text/x-patch; name="0001-sqlite3-Fix-CVE-2020-35525.patch", Size: 2469 bytes --]

From c6a58ddecb462d37951954c0cf7e7f75c6fd295a Mon Sep 17 00:00:00 2001
From: Virendra Thakur <virendrak@kpit.com>
Date: Thu, 15 Sep 2022 18:02:41 +0530
Subject: [PATCH] sqlite3: Fix CVE-2020-35525

Add patch to fix CVE-2020-35525

Reference:
http://security.debian.org/debian-security/pool/updates/main/s/sqlite3/sqlite3_3.27.2-3+deb10u2.debian.tar.xz

Signed-off-by: Virendra Thakur <virendrak@kpit.com>
---
 .../sqlite/files/CVE-2020-35525.patch         | 21 +++++++++++++++++++
 meta/recipes-support/sqlite/sqlite3_3.31.1.bb |  1 +
 2 files changed, 22 insertions(+)
 create mode 100644 meta/recipes-support/sqlite/files/CVE-2020-35525.patch

diff --git a/meta/recipes-support/sqlite/files/CVE-2020-35525.patch b/meta/recipes-support/sqlite/files/CVE-2020-35525.patch
new file mode 100644
index 0000000000..27d81d42d9
--- /dev/null
+++ b/meta/recipes-support/sqlite/files/CVE-2020-35525.patch
@@ -0,0 +1,21 @@
+From: drh <drh@noemail.net>
+Date: Thu, 20 Feb 2020 14:08:51 +0000
+Subject: [PATCH] Early-out on the INTERSECT query processing following an
+ error.
+
+Upstream-Status: Backport [http://security.debian.org/debian-security/pool/updates/main/s/sqlite3/sqlite3_3.27.2-3+deb10u2.debian.tar.xz]
+CVE: CVE-2020-35525
+Signed-off-by: Virendra Thakur <virendrak@kpit.com>
+---
+Index: sqlite-autoconf-3310100/sqlite3.c
+===================================================================
+--- sqlite-autoconf-3310100.orig/sqlite3.c
++++ sqlite-autoconf-3310100/sqlite3.c
+@@ -130767,6 +130767,7 @@ static int multiSelect(
+         /* Generate code to take the intersection of the two temporary
+         ** tables.
+         */
++        if( rc ) break;
+         assert( p->pEList );
+         iBreak = sqlite3VdbeMakeLabel(pParse);
+         iCont = sqlite3VdbeMakeLabel(pParse);
diff --git a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
index 3440bf4913..48051593e4 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.31.1.bb
@@ -14,6 +14,7 @@ SRC_URI = "http://www.sqlite.org/2020/sqlite-autoconf-${SQLITE_PV}.tar.gz \
            file://CVE-2020-13631.patch \
            file://CVE-2020-13632.patch \
            file://CVE-2022-35737.patch \
+           file://CVE-2020-35525.patch \
            "
 SRC_URI[md5sum] = "2d0a553534c521504e3ac3ad3b90f125"
 SRC_URI[sha256sum] = "62284efebc05a76f909c580ffa5c008a7d22a1287285d68b7825a2b6b51949ae"
-- 
2.17.1