From 193236933b0f4ab91b1625b64e2187e2db4e0e8f Mon Sep 17 00:00:00 2001
From: Brad Bishop <bradleyb@fuzziesquirrel.com>
Date: Fri, 5 Apr 2019 15:28:33 -0400
Subject: reset upstream subtrees to HEAD

Reset the following subtrees on HEAD:
  poky: 8217b477a1(master)
  meta-xilinx: 64aa3d35ae(master)
  meta-openembedded: 0435c9e193(master)
  meta-raspberrypi: 490a4441ac(master)
  meta-security: cb6d1c85ee(master)

Squashed patches:
  meta-phosphor: drop systemd 239 patches
  meta-phosphor: mrw-api: use correct install path

Change-Id: I268e2646d9174ad305630c6bbd3fbc1a6105f43d
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
---
 .../sqlite/sqlite3/CVE-2019-9936.patch             | 28 ++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 poky/meta/recipes-support/sqlite/sqlite3/CVE-2019-9936.patch

(limited to 'poky/meta/recipes-support/sqlite/sqlite3/CVE-2019-9936.patch')

diff --git a/poky/meta/recipes-support/sqlite/sqlite3/CVE-2019-9936.patch b/poky/meta/recipes-support/sqlite/sqlite3/CVE-2019-9936.patch
new file mode 100644
index 000000000..1b907b9d4
--- /dev/null
+++ b/poky/meta/recipes-support/sqlite/sqlite3/CVE-2019-9936.patch
@@ -0,0 +1,28 @@
+Running fts5 prefix queries inside a transaction could trigger a heap-based
+buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an
+information leak.
+
+CVE: CVE-2019-9936
+Upstream-Status: Backport [https://sqlite.org/src/vpatch?from=45c73deb440496e8&to=b3fa58dd7403dbd4]
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+---
+ sqlite3.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index 4729f45..65527d8 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -207759,7 +207759,9 @@ static int fts5HashEntrySort(
+   for(iSlot=0; iSlot<pHash->nSlot; iSlot++){
+     Fts5HashEntry *pIter;
+     for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
+-      if( pTerm==0 || 0==memcmp(fts5EntryKey(pIter), pTerm, nTerm) ){
++      if( pTerm==0
++       || (pIter->nKey+1>=nTerm && 0==memcmp(fts5EntryKey(pIter), pTerm, nTerm))
++      ){
+         Fts5HashEntry *pEntry = pIter;
+         pEntry->pScanNext = 0;
+         for(i=0; ap[i]; i++){
+-- 
+2.20.1
-- 
cgit v1.2.3