Re: [OE-core] [kirkstone] [PATCH] sqlite: Increase the size of loop variables in the printf() implementation to avoid harmless compiler warnings.

2022-08-25 Thread Steve Sakoman
On Wed, Aug 24, 2022 at 9:34 PM Marta Rybczynska  wrote:
>
>
>
> On Thu, Aug 25, 2022 at 9:25 AM ghassaneben  wrote:
>>
>> From: ghassaneben 
>>
>> Increase the size of loop variables in the printf() implementation to avoid 
>> integer overflow on multi-gigabyte string arguments. CVE-2022-35737. This 
>> bug fix refers to: CVE-2022-35737 and it's a backport of a fix added in 
>> sqlite 3.39.2 (2022-07-21).
>> Original commit: https://www.sqlite.org/src/info/aab790a16e1bdff7.
>>
>
> Steve,
> I'm adding it to your watch list. This is a CVE fix contrary to the "harmless 
> warnings" one of the commit messages is telling us.

Thanks!  I'll update the short message to reflect this.

Steve

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#169874): 
https://lists.openembedded.org/g/openembedded-core/message/169874
Mute This Topic: https://lists.openembedded.org/mt/93243836/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-



Re: [OE-core] [kirkstone] [PATCH] sqlite: Increase the size of loop variables in the printf() implementation to avoid harmless compiler warnings.

2022-08-25 Thread Marta Rybczynska
On Thu, Aug 25, 2022 at 9:25 AM ghassaneben  wrote:

> From: ghassaneben 
>
> Increase the size of loop variables in the printf() implementation to
> avoid integer overflow on multi-gigabyte string arguments. CVE-2022-35737.
> This bug fix refers to: CVE-2022-35737 and it's a backport of a fix added
> in sqlite 3.39.2 (2022-07-21).
> Original commit: https://www.sqlite.org/src/info/aab790a16e1bdff7.
>
>
Steve,
I'm adding it to your watch list. This is a CVE fix contrary to the
"harmless warnings" one of the commit messages is telling us.

Kind regards,
Marta

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#169837): 
https://lists.openembedded.org/g/openembedded-core/message/169837
Mute This Topic: https://lists.openembedded.org/mt/93243836/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-



[OE-core] [kirkstone] [PATCH] sqlite: Increase the size of loop variables in the printf() implementation to avoid harmless compiler warnings.

2022-08-25 Thread ghassaneben
From: ghassaneben 

Increase the size of loop variables in the printf() implementation to avoid 
integer overflow on multi-gigabyte string arguments. CVE-2022-35737. This bug 
fix refers to: CVE-2022-35737 and it's a backport of a fix added in sqlite 
3.39.2 (2022-07-21).
Original commit: https://www.sqlite.org/src/info/aab790a16e1bdff7.

Signed-off-by: Ghassane Ben El Aattar 
---
 ...riables-in-the-printf-implementation.patch | 31 +++
 meta/recipes-support/sqlite/sqlite3_3.38.5.bb |  5 +++
 2 files changed, 36 insertions(+)
 create mode 100644 
meta/recipes-support/sqlite/sqlite/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch

diff --git 
a/meta/recipes-support/sqlite/sqlite/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch
 
b/meta/recipes-support/sqlite/sqlite/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch
new file mode 100644
index 00..998e93bc6c
--- /dev/null
+++ 
b/meta/recipes-support/sqlite/sqlite/0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch
@@ -0,0 +1,31 @@
+From ec75530b8d8268cb07d8e476d79e1b0e59492fa2 Mon Sep 17 00:00:00 2001
+From: drh
+Date: Thu, 18 Aug 2022 15:10:46 +0200
+Subject: [PATCH] sqlite: Increase the size of loop variables in the printf() 
implementation to avoid harmless compiler warnings.
+
+Increase the size of loop variables in the printf() implementation to avoid 
integer overflow on multi-gigabyte string arguments. CVE-2022-35737. This bug 
fix refers to: CVE-2022-35737 and it's a backport of a fix added in sqlite 
3.39.2 (2022-07-21). 
+Original commit: https://www.sqlite.org/src/info/aab790a16e1bdff7.
+
+Signed-off-by: Ghassane Ben El Aattar 
+
+CVE: CVE-2022-35737
+
+Upstream-Status: Backport 
https://github.com/sqlite/sqlite/commit/6eb7354fabede50a3601f251caaec172556a3a82
+---
+ src/printf.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/printf.c b/src/printf.c
+index f867d62..490199a 100644
+--- a/src/printf.c
 b/src/printf.c
+@@ -542,7 +542,8 @@ static int vxprintf(
+   case etSQLESCAPE:
+   case etSQLESCAPE2:
+ {
+-  int i, j, n, c, isnull;
++  i64  i, j, n, c;
++  int isnull;
+   char *arg = va_arg(ap,char*);
+   isnull = arg==0;
+   if( isnull ) arg = (xtype==etSQLESCAPE2 ? "NULL" : "(NULL)");
diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb 
b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
index d56a3a0209..7b62980e24 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -12,3 +12,8 @@ CVE_CHECK_IGNORE += "CVE-2019-19242"
 CVE_CHECK_IGNORE += "CVE-2015-3717"
 # Issue in an experimental extension we don't have/use. Fixed by 
https://sqlite.org/src/info/b1e0c22ec981cf5f
 CVE_CHECK_IGNORE += "CVE-2021-36690"
+
+FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
+
+SRC_URI += 
"file://0001-sqlite-Increased-the-size-of-loop-variables-in-the-printf-implementation.patch"
+
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#169835): 
https://lists.openembedded.org/g/openembedded-core/message/169835
Mute This Topic: https://lists.openembedded.org/mt/93243836/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-