meta/recipes-support/sqlite/files/CVE-2021-20223.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

From d1d43efa4fb0f2098c0e2c5bf2e807c58d5ec05b Mon Sep 17 00:00:00 2001
From: dan <dan@noemail.net>
Date: Mon, 26 Oct 2020 13:24:36 +0000
Subject: [PATCH] Prevent fts5 tokenizer unicode61 from considering '\0' to be
 a token characters, even if other characters of class "Cc" are.

FossilOrigin-Name: b7b7bde9b7a03665e3691c6d51118965f216d2dfb1617f138b9f9e60e418ed2f

CVE: CVE-2021-20223
Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/d1d43efa4fb0f2098c0e2c5bf2e807c58d5ec05b.patch]
Comment: Removed manifest, manifest.uuid and fts5tok1.test as these files are not present in the amalgamated source code
Signed-Off-by: Sana.Kazi@kpit.com
---
--- a/sqlite3.c        2022-09-09 13:54:30.010768197 +0530
+++ b/sqlite3.c        2022-09-09 13:56:25.458769142 +0530
@@ -227114,6 +227114,7 @@
     }
     iTbl++;
   }
+  aAscii[0] = 0;                  /* 0x00 is never a token character */
 }

 /*