From: Ankur Tyagi <[email protected]> Details https://nvd.nist.gov/vuln/detail/CVE-2025-3277
Signed-off-by: Ankur Tyagi <[email protected]> Signed-off-by: Steve Sakoman <[email protected]> --- .../sqlite/files/CVE-2025-3277.patch | 29 +++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.48.0.bb | 4 ++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-support/sqlite/files/CVE-2025-3277.patch diff --git a/meta/recipes-support/sqlite/files/CVE-2025-3277.patch b/meta/recipes-support/sqlite/files/CVE-2025-3277.patch new file mode 100644 index 0000000000..a3e28465f5 --- /dev/null +++ b/meta/recipes-support/sqlite/files/CVE-2025-3277.patch @@ -0,0 +1,29 @@ +From c4add21ff123bc01be51f6e7374a14c2106e3686 Mon Sep 17 00:00:00 2001 +From: Ankur Tyagi <[email protected]> +Date: Thu, 18 Dec 2025 23:28:45 +0530 +Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the + concat_ws() function with an enormous separator values and many arguments. + +FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5 + +CVE: CVE-2025-3277 +Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/f4fc2ee20311a0a5141726c71d318ab52001c974] + +Signed-off-by: Ankur Tyagi <[email protected]> +--- + sqlite3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 80433f6c1f..8a43734131 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -130954,7 +130954,7 @@ static void concatFuncCore( + for(i=0; i<argc; i++){ + n += sqlite3_value_bytes(argv[i]); + } +- n += (argc-1)*nSep; ++ n += (argc-1)*(i64)nSep; + z = sqlite3_malloc64(n+1); + if( z==0 ){ + sqlite3_result_error_nomem(context); diff --git a/meta/recipes-support/sqlite/sqlite3_3.48.0.bb b/meta/recipes-support/sqlite/sqlite3_3.48.0.bb index bd2ac6614d..4988231a0c 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.48.0.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.48.0.bb @@ -3,6 +3,8 @@ require sqlite3.inc LICENSE = "PD" LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66" -SRC_URI = "http://www.sqlite.org/2025/sqlite-autoconf-${SQLITE_PV}.tar.gz"; +SRC_URI = "http://www.sqlite.org/2025/sqlite-autoconf-${SQLITE_PV}.tar.gz \ + file://CVE-2025-3277.patch \ +" SRC_URI[sha256sum] = "ac992f7fca3989de7ed1fe99c16363f848794c8c32a158dafd4eb927a2e02fd5" -- 2.43.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#228696): https://lists.openembedded.org/g/openembedded-core/message/228696 Mute This Topic: https://lists.openembedded.org/mt/117002845/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
