packages/sqlite
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
sqlite/0061-Fix-CVE-2020-13434.patch

66 lines
2.3 KiB
Diff
Raw Blame History

From 4f0a1ae44243b92d7e20ff1b263f39ef8e183b50 Mon Sep 17 00:00:00 2001
From: Peibao Liu <peibao.liu@windriver.com>
Date: Fri, 29 May 2020 01:34:28 -0400
Subject: [PATCH] Limit the "precision" of floating-point to text conversions
in the printf() function to 100,000,000.
port from:
https://www.sqlite.org/src/info/d08d3405878d394e
1. The printf() func was introduced in sqlite v3.8(6db7052eeefafdbf)
and in the current version this func is still not introduced, which
caused the test case printf-16.1 could not execute. So remove the test
case part of the upstream patch.
2. The modification of sqlite3VXPrintf() in this patch could cause the
printf-2.1.2.10 test case failure as this test case has already modified
in e7144ffd21294d7a commit. Just modify this test case to latest but do
not port the relevant patch.
Signed-off-by: Peibao Liu <peibao.liu@windriver.com>
---
src/printf.c | 12 ++++++++++++
test/printf.test | 2 +-
2 files changed, 13 insertions(+), 1 deletion(-)
diff -Naur a/src/printf.c b/src/printf.c
--- a/src/printf.c 2020-06-23 03:01:16.783000000 +0000
+++ b/src/printf.c 2020-06-23 03:51:18.644000000 +0000
@@ -166,6 +166,13 @@
#define etBUFSIZE SQLITE_PRINT_BUF_SIZE /* Size of the output buffer */
/*
+ * ** Hard limit on the precision of floating-point conversions.
+ * */
+#ifndef SQLITE_PRINTF_PRECISION_LIMIT
+# define SQLITE_FP_PRECISION_LIMIT 100000000
+#endif
+
+/*
** Render a string given by "fmt" into the StrAccum object.
*/
void sqlite3_str_vappendf(
@@ -471,6 +478,11 @@
length = 0;
#else
if( precision<0 ) precision = 6; /* Set default precision */
+#ifdef SQLITE_FP_PRECISION_LIMIT
+ if( precision>SQLITE_FP_PRECISION_LIMIT ){
+ precision = SQLITE_FP_PRECISION_LIMIT;
+ }
+#endif
if( realvalue<0.0 ){
realvalue = -realvalue;
prefix = '-';
diff -Naur a/test/printf.test b/test/printf.test
--- a/test/printf.test 2020-06-23 03:01:16.963000000 +0000
+++ b/test/printf.test 2020-06-23 03:52:25.410000000 +0000
@@ -540,7 +540,7 @@
} {abc: 1 1 (1e-20) :xyz}
do_test printf-2.1.2.10 {
sqlite3_mprintf_double {abc: %*.*f} 2000000000 1000000000 1.0e-20
-} {abc: }
+} {}
do_test printf-2.1.3.1 {
sqlite3_mprintf_double {abc: (%*.*f) :xyz} 1 1 1.0
} {abc: (1.0) :xyz}
Reference in New Issue View Git Blame Copy Permalink