Attachment #192379 for bug #227414

View | Details | Raw Unified | Return to bug 227414
Collapse All | Expand All




# $FreeBSD$

PORTNAME=	upp
DISTVERSION=	11873
CATEGORIES=	devel x11-toolkits
MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/2018.1/
DISTNAME=	${PORTNAME}-x11-src-${PORTVERSION}

MAINTAINER=	m.sund@arcor.de

	(cd ${WRKSRC} && ${COPYTREE_SHARE} "${PORTDATA}" ${STAGEDIR}${DATADIR} \
		"-not ( -type d -empty )")
	(cd ${STAGEDIR}${DATADIR}/uppsrc && ${RM} build_info.h *Makefile*)
	${RM} ${STAGEDIR}${DATADIR}/uppsrc/plugin/sqlite3/lib/sqlite3.c.orig

do-install-IDE-on:
	${INSTALL_PROGRAM} ${WRKSRC}/theide ${STAGEDIR}${PREFIX}/bin

Lines 1-3 Link Here

(-)distinfo (-3 / +3 lines)
1	TIMESTAMP = 1512832900	1	TIMESTAMP = 1522479324
2	SHA256 (upp-x11-src-11540.tar.gz) = 85707d7b545f262b58bdd783c27aff2357548a3db01bf0f9287a10c90ae01420	2	SHA256 (upp-x11-src-11873.tar.gz) = 0231b768830db96257ebf7a9cc1aaff05017aa40a2ea6dfa577de7232c1cd07b
3	SIZE (upp-x11-src-11540.tar.gz) = 56513312	3	SIZE (upp-x11-src-11873.tar.gz) = 56167504




# Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740
# Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message.
# Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b
# Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349

--- uppsrc/plugin/sqlite3/lib/sqlite3.c.orig	2018-03-31 06:10:16 UTC
+++ uppsrc/plugin/sqlite3/lib/sqlite3.c
@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable(
   p = pParse->pNewTable;
   if( p==0 ) return;
 
-  assert( !db->init.busy || !pSelect );
-
   /* If the db->init.busy is 1 it means we are reading the SQL off the
   ** "sqlite_master" or "sqlite_temp_master" table on the disk.
   ** So do not write to the disk again.  Extract the root page number
@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable(
   ** table itself.  So mark it read-only.
   */
   if( db->init.busy ){
+    if( pSelect ){
+      sqlite3ErrorMsg(pParse, "");
+      return;
+    }
     p->tnum = db->init.newTnum;
     if( p->tnum==1 ) p->tabFlags |= TF_Readonly;
   }
@@ -117813,7 +117815,7 @@ static void corruptSchema(
     char *z;
     if( zObj==0 ) zObj = "?";
     z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj);
-    if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
+    if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
     sqlite3DbFree(db, *pData->pzErrMsg);
     *pData->pzErrMsg = z;
   }

Return to bug 227414

Lines 2-10 Link Here

(-)Makefile (-2 / +3 lines)
2	# $FreeBSD$	2	# $FreeBSD$
3		3
4	PORTNAME= upp	4	PORTNAME= upp
5	DISTVERSION= 11540	5	DISTVERSION= 11873
6	CATEGORIES= devel x11-toolkits	6	CATEGORIES= devel x11-toolkits
7	MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2017.2/	7	MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2018.1/
8	DISTNAME= ${PORTNAME}-x11-src-${PORTVERSION}	8	DISTNAME= ${PORTNAME}-x11-src-${PORTVERSION}
9		9
10	MAINTAINER= m.sund@arcor.de	10	MAINTAINER= m.sund@arcor.de
Lines 127-132 Link Here
127	(cd ${WRKSRC} && ${COPYTREE_SHARE} "${PORTDATA}" ${STAGEDIR}${DATADIR} \	127	(cd ${WRKSRC} && ${COPYTREE_SHARE} "${PORTDATA}" ${STAGEDIR}${DATADIR} \
128	"-not ( -type d -empty )")	128	"-not ( -type d -empty )")
129	(cd ${STAGEDIR}${DATADIR}/uppsrc && ${RM} build_info.h Makefile)	129	(cd ${STAGEDIR}${DATADIR}/uppsrc && ${RM} build_info.h Makefile)
		130	${RM} ${STAGEDIR}${DATADIR}/uppsrc/plugin/sqlite3/lib/sqlite3.c.orig
130		131
131	do-install-IDE-on:	132	do-install-IDE-on:
132	${INSTALL_PROGRAM} ${WRKSRC}/theide ${STAGEDIR}${PREFIX}/bin	133	${INSTALL_PROGRAM} ${WRKSRC}/theide ${STAGEDIR}${PREFIX}/bin

Line 0 Link Here

(-)files/patch-uppsrc_plugin_sqlite3_lib_sqlite3.c (+36 lines)
	1	# Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740
	2	# Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message.
	3	# Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b
	4	# Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349
	5
	6	--- uppsrc/plugin/sqlite3/lib/sqlite3.c.orig 2018-03-31 06:10:16 UTC
	7	+++ uppsrc/plugin/sqlite3/lib/sqlite3.c
	8	@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable(
	9	p = pParse->pNewTable;
	10	if( p==0 ) return;
	11
	12	- assert( !db->init.busy \|\| !pSelect );
	13	-
	14	/* If the db->init.busy is 1 it means we are reading the SQL off the
	15	** "sqlite_master" or "sqlite_temp_master" table on the disk.
	16	** So do not write to the disk again. Extract the root page number
	17	@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable(
	18	** table itself. So mark it read-only.
	19	*/
	20	if( db->init.busy ){
	21	+ if( pSelect ){
	22	+ sqlite3ErrorMsg(pParse, "");
	23	+ return;
	24	+ }
	25	p->tnum = db->init.newTnum;
	26	if( p->tnum==1 ) p->tabFlags \|= TF_Readonly;
	27	}
	28	@@ -117813,7 +117815,7 @@ static void corruptSchema(
	29	char *z;
	30	if( zObj==0 ) zObj = "?";
	31	z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj);
	32	- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
	33	+ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
	34	sqlite3DbFree(db, *pData->pzErrMsg);
	35	*pData->pzErrMsg = z;
	36	}