Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
sqlite3.27248
sqlite-CVE-2022-46908.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File sqlite-CVE-2022-46908.patch of Package sqlite3.27248
--- src/shell.c.in.orig +++ src/shell.c.in @@ -1833,7 +1833,7 @@ static int safeModeAuth( "zipfile", "zipfile_cds", }; - UNUSED_PARAMETER(zA2); + UNUSED_PARAMETER(zA1); UNUSED_PARAMETER(zA3); UNUSED_PARAMETER(zA4); switch( op ){ @@ -1848,7 +1848,7 @@ static int safeModeAuth( case SQLITE_FUNCTION: { int i; for(i=0; i<ArraySize(azProhibitedFunctions); i++){ - if( sqlite3_stricmp(zA1, azProhibitedFunctions[i])==0 ){ + if( sqlite3_stricmp(zA2, azProhibitedFunctions[i])==0 ){ failIfSafeMode(p, "cannot use the %s() function in safe mode", azProhibitedFunctions[i]); } --- test/shell2.test.orig +++ test/shell2.test @@ -191,4 +191,16 @@ do_test shell2-1.4.7 { SELECT 'unclosed; ^--- error here}} +# Verify that safe mode rejects certain UDFs +# Reported at https://sqlite.org/forum/forumpost/07beac8056151b2f +do_test shell2-1.4.8 { + catchcmd "-safe :memory:" { + SELECT edit('DoNotCare');} +} {1 {line 2: cannot use the edit() function in safe mode}} +do_test shell2-1.4.9 { + catchcmd "-safe :memory:" { + SELECT writefile('DoNotCare', x'');} +} {1 {line 2: cannot use the writefile() function in safe mode}} + + finish_test
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor