CaROS/poky
3
1
Fork 0
mirror of https://git.yoctoproject.org/git/poky synced 2026-01-01 13:58:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

sqlite3: patch CVE-2025-7709

Browse Source 
Pick commit used in debian patch https://git.launchpad.net/ubuntu/+source/sqlite3/commit/?id=9a309a50fa99e3b69623894bfd7d1f84d9fab33c
Upstream-Status: Backport [192d0ff8cc]

(From OE-Core rev: baaf28f6f2eac600f7caf53660a0b75f0329e86a)

Signed-off-by: Bruno VERNAY <bruno.vernay@se.com>
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Hugo SIMELIERE 2025-11-14 17:00:07 +01:00 committed by Steve Sakoman
parent e77289e9a4
commit 49e4da8b0a
2 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
meta/recipes-support/sqlite/sqlite3/CVE-2025-7709.patch Normal file
View File

@ -0,0 +1,33 @@
From a7ed2fcba8ef1df4bcd846d895469ca72542be07 Mon Sep 17 00:00:00 2001
From: Hugo SIMELIERE <simeliere.hugo@non.se.com>
Date: Fri, 14 Nov 2025 15:31:17 +0100
Subject: [PATCH] Optimize allocation of large tombstone arrays in fts5.
FossilOrigin-Name: 0fcc3cbdfa21adf97aed01fa76991cccf9380e2755b0182a9e2c94e3c8fb38d7
CVE: CVE-2025-7709
Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/192d0ff8ccf0bf55776a5930cdc64e25f87299d6]
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
---
sqlite3.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sqlite3.c b/sqlite3.c
index 1ee8de4..43f59e2 100644
--- a/sqlite3.c
+++ b/sqlite3.c
@@ -240724,9 +240724,9 @@ static void fts5SegIterSetNext(Fts5Index *p, Fts5SegIter *pIter){
** leave an error in the Fts5Index object.
*/
static void fts5SegIterAllocTombstone(Fts5Index *p, Fts5SegIter *pIter){
- const int nTomb = pIter->pSeg->nPgTombstone;
+ const i64 nTomb = (i64)pIter->pSeg->nPgTombstone;
if( nTomb>0 ){
- int nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
+ i64 nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
Fts5TombstoneArray *pNew;
pNew = (Fts5TombstoneArray*)sqlite3Fts5MallocZero(&p->rc, nByte);
if( pNew ){
--
2.43.0

1
meta/recipes-support/sqlite/sqlite3_3.45.3.bb
View File

@ -7,6 +7,7 @@ SRC_URI = "http://www.sqlite.org/2024/sqlite-autoconf-${SQLITE_PV}.tar.gz \
file://CVE-2025-3277.patch \
file://CVE-2025-29088.patch \
file://CVE-2025-6965.patch \
file://CVE-2025-7709.patch \
"
SRC_URI[sha256sum] = "b2809ca53124c19c60f42bf627736eae011afdcc205bb48270a5ee9a38191531"