Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Mar 2018 08:52:58 +0000 (UTC)
From:      Yuri Victorovich <yuri@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r465275 - in head/databases/sqlite3: . files
Message-ID:  <201803220852.w2M8qwBX047215@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: yuri
Date: Thu Mar 22 08:52:58 2018
New Revision: 465275
URL: https://svnweb.freebsd.org/changeset/ports/465275

Log:
  databases/sqlite3: Patch for CVE-2018-8740
  
  Detect databases whose schema is corrupted using
  a CREATE TABLE AS statement and issue an appropriate error message.
  
  CVE-2018-8740 will be entered into VuXML when SQLite will make
  a release, because CVE-2018-8740 says that versions up to and including
  the current version 3.22.0 are vulnerable.
  
  Submitted by:	Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
  Reported by:	tj <tj@mrsk.me>

Added:
  head/databases/sqlite3/files/
  head/databases/sqlite3/files/patch-sqlite3.c   (contents, props changed)
Modified:
  head/databases/sqlite3/Makefile

Modified: head/databases/sqlite3/Makefile
==============================================================================
--- head/databases/sqlite3/Makefile	Thu Mar 22 08:49:22 2018	(r465274)
+++ head/databases/sqlite3/Makefile	Thu Mar 22 08:52:58 2018	(r465275)
@@ -3,6 +3,7 @@
 
 PORTNAME=	sqlite3
 DISTVERSION=	3.22.0
+PORTREVISION=	1
 CATEGORIES=	databases
 MASTER_SITES=	https://www.sqlite.org/2018/ http://www2.sqlite.org/2018/ http://www3.sqlite.org/2018/
 DISTNAME=	sqlite-autoconf-${PORTVERSION:C/\.([[:digit:]])[[:>:]]/0\1/g:S/.//g}00

Added: head/databases/sqlite3/files/patch-sqlite3.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/databases/sqlite3/files/patch-sqlite3.c	Thu Mar 22 08:52:58 2018	(r465275)
@@ -0,0 +1,36 @@
+Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740
+Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message.
+Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b
+Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349
+
+--- sqlite3.c.orig	2018-03-22 07:08:21 UTC
++++ sqlite3.c
+@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable(
+   p = pParse->pNewTable;
+   if( p==0 ) return;
+ 
+-  assert( !db->init.busy || !pSelect );
+-
+   /* If the db->init.busy is 1 it means we are reading the SQL off the
+   ** "sqlite_master" or "sqlite_temp_master" table on the disk.
+   ** So do not write to the disk again.  Extract the root page number
+@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable(
+   ** table itself.  So mark it read-only.
+   */
+   if( db->init.busy ){
++    if( pSelect ){
++      sqlite3ErrorMsg(pParse, "");
++      return;
++    }
+     p->tnum = db->init.newTnum;
+     if( p->tnum==1 ) p->tabFlags |= TF_Readonly;
+   }
+@@ -117813,7 +117815,7 @@ static void corruptSchema(
+     char *z;
+     if( zObj==0 ) zObj = "?";
+     z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj);
+-    if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
++    if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
+     sqlite3DbFree(db, *pData->pzErrMsg);
+     *pData->pzErrMsg = z;
+   }



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803220852.w2M8qwBX047215>