Bug#856120: unblock (pre-approval): sqlite3

Sat, 25 Feb 2017 02:52:10 -0800 

Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: unblock

Hi Release Team,

There's a NULL pointer problem fixed in the 3.17.0 version of
SQLite that affects the Stretch version.
The bugreport[1] contains a proof of concept code, which doesn't crash
(it seems it doesn't have a security impact) - but still the bug marked
as severe code defect and fixed immediately. Upstream fix[2] is small,
checking the value and assign 0 if it's NULL. Then the next 'if' will
print an error message that the value can not be opened as being NULL.
The debdiff is attached and I hope the upload and later the unblock
can be approved.

Thanks for consideration,
Laszlo/GCS
[1] http://www.sqlite.org/src/tktview?name=e6e962d6b0
[2] https://www.sqlite.org/src/info/8cd1a4451cce1fe2
diff -Nru sqlite3-3.16.2/debian/changelog sqlite3-3.16.2/debian/changelog
--- sqlite3-3.16.2/debian/changelog	2017-01-22 17:21:15.000000000 +0000
+++ sqlite3-3.16.2/debian/changelog	2017-02-13 17:31:26.000000000 +0000
@@ -1,3 +1,10 @@
+sqlite3 (3.16.2-3) unstable; urgency=medium
+
+  * Backport upstream fix to ensure that sqlite3_blob_reopen() correctly
+    handles short rows.
+
+ -- Laszlo Boszormenyi (GCS) <g...@debian.org>  Mon, 13 Feb 2017 17:31:26 +0000
+
 sqlite3 (3.16.2-2) unstable; urgency=medium
 
   * Backport upstream fix of variable initialization in the CLI tool.
diff -Nru sqlite3-3.16.2/debian/patches/35-fix-sqlite3_blob_reopen.patch sqlite3-3.16.2/debian/patches/35-fix-sqlite3_blob_reopen.patch
--- sqlite3-3.16.2/debian/patches/35-fix-sqlite3_blob_reopen.patch	1970-01-01 00:00:00.000000000 +0000
+++ sqlite3-3.16.2/debian/patches/35-fix-sqlite3_blob_reopen.patch	2017-02-13 17:31:26.000000000 +0000
@@ -0,0 +1,22 @@
+Description: Ensure that sqlite3_blob_reopen() correctly handles short rows
+ TODO: Put a short summary on the line above and replace this paragraph
+   * Non-maintainer upload.
+Origin: upstream, https://www.sqlite.org/src/info/8cd1a4451cce1fe2
+Author: Laszlo Boszormenyi (GCS) <g...@debian.org>
+Last-Update: 2017-02-14
+
+---
+
+--- sqlite3-3.16.2.orig/src/vdbeblob.c
++++ sqlite3-3.16.2/src/vdbeblob.c
+@@ -67,7 +67,9 @@ static int blobSeekToRow(Incrblob *p, sq
+   rc = sqlite3_step(p->pStmt);
+   if( rc==SQLITE_ROW ){
+     VdbeCursor *pC = v->apCsr[0];
+-    u32 type = pC->aType[p->iCol];
++    u32 type = pC->nHdrParsed>p->iCol ? pC->aType[p->iCol] : 0;
++    testcase( pC->nHdrParsed==p->iCol );
++    testcase( pC->nHdrParsed==p->iCol+1 );
+     if( type<12 ){
+       zErr = sqlite3MPrintf(p->db, "cannot open value of type %s",
+           type==0?"null": type==7?"real": "integer"
diff -Nru sqlite3-3.16.2/debian/patches/series sqlite3-3.16.2/debian/patches/series
--- sqlite3-3.16.2/debian/patches/series	2017-01-22 17:21:15.000000000 +0000
+++ sqlite3-3.16.2/debian/patches/series	2017-02-13 17:31:26.000000000 +0000
@@ -6,3 +6,4 @@
 31-increase_SQLITE_MAX_DEFAULT_PAGE_SIZE_to_32k.patch
 02-use-packaged-lempar.c.patch
 32-fix_an_uninitialized_variable_in_the_command-line_shell.patch
+35-fix-sqlite3_blob_reopen.patch

Reply via email to