From: Vivek Kumbhar <[email protected]> Signed-off-by: Vivek Kumbhar <[email protected]> --- .../sqlite/files/CVE-2022-46908.patch | 39 +++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.38.5.bb | 1 + 2 files changed, 40 insertions(+) create mode 100644 meta/recipes-support/sqlite/files/CVE-2022-46908.patch
diff --git a/meta/recipes-support/sqlite/files/CVE-2022-46908.patch b/meta/recipes-support/sqlite/files/CVE-2022-46908.patch new file mode 100644 index 0000000000..38bd544838 --- /dev/null +++ b/meta/recipes-support/sqlite/files/CVE-2022-46908.patch @@ -0,0 +1,39 @@ +From 1b779afa3ed2f35a110e460fc6ed13cba744db85 2022-12-05 02:52:37 UTC +From: larrybr <[email protected]> +Date: 2022-12-05 02:52:37 UTC +Subject: [PATCH] Fix safe mode authorizer callback to reject disallowed UDFs + +Fix safe mode authorizer callback to reject disallowed UDFs. Reported at Forum post 07beac8056151b2f. + +Upstream-Status: Backport [https://sqlite.org/src/info/cefc032473ac5ad2] +CVE-2022-46908 +Signed-off-by: Vivek Kumbhar <[email protected]> +--- + shell.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/shell.c b/shell.c +index d104768..0200c0a 100644 +--- a/shell.c ++++ b/shell.c +@@ -12894,7 +12894,7 @@ static int safeModeAuth( + "zipfile", + "zipfile_cds", + }; +- UNUSED_PARAMETER(zA2); ++ UNUSED_PARAMETER(zA1); + UNUSED_PARAMETER(zA3); + UNUSED_PARAMETER(zA4); + switch( op ){ +@@ -12905,7 +12905,7 @@ static int safeModeAuth( + case SQLITE_FUNCTION: { + int i; + for(i=0; i<ArraySize(azProhibitedFunctions); i++){ +- if( sqlite3_stricmp(zA1, azProhibitedFunctions[i])==0 ){ ++ if( sqlite3_stricmp(zA2, azProhibitedFunctions[i])==0 ){ + failIfSafeMode(p, "cannot use the %s() function in safe mode", + azProhibitedFunctions[i]); + } +-- +2.30.2 + diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb index 628f630657..313c15dff4 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb @@ -5,6 +5,7 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0 SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \ file://0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch \ + file://CVE-2022-46908.patch \ " SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c" -- 2.30.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174841): https://lists.openembedded.org/g/openembedded-core/message/174841 Mute This Topic: https://lists.openembedded.org/mt/95781396/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
