27 lines
959 B
Diff
27 lines
959 B
Diff
From 3528b0de3aa5fefc4cb91599c920e2c9d6c2ffc3 Mon Sep 17 00:00:00 2001
|
|
From: yanglongkang <yanglongkang@huawei.com>
|
|
Date: Thu, 11 Jun 2020 19:21:35 +0000
|
|
Subject: [PATCH] sqlite: fix CVE-2020-13632
|
|
|
|
Fix a null pointer deference that can occur on a strange matchinfo() query.
|
|
https://sqlite.org/src/info/a4dd148928ea65bd
|
|
|
|
Signed-off-by: drh <drh@noemail.net>
|
|
Signed-off-by: yanglongkang <yanglongkang@huawei.com>
|
|
---
|
|
ext/fts3/fts3_snippet.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff -Naur 1/ext/fts3/fts3_snippet.c 2/ext/fts3/fts3_snippet.c
|
|
--- 1/ext/fts3/fts3_snippet.c 2020-06-23 03:05:55.432000000 +0000
|
|
+++ 2/ext/fts3/fts3_snippet.c 2020-06-23 03:32:44.272000000 +0000
|
|
@@ -869,7 +869,7 @@
|
|
iStart = pExpr->iPhrase * ((p->nCol + 31) / 32);
|
|
}
|
|
|
|
- while( 1 ){
|
|
+ if( pIter ) while( 1 ){
|
|
int nHit = fts3ColumnlistCount(&pIter);
|
|
if( (pPhrase->iColumn>=pTab->nColumn || pPhrase->iColumn==iCol) ){
|
|
if( p->flag==FTS3_MATCHINFO_LHITS ){
|