!50 [sync] PR-49: Fix the CVE-2021-36690.

From: @openeuler-sync-bot
Reviewed-by: @bzhaoop
Signed-off-by: @bzhaoop

0003-CVE-2021-36690.patch

@@ -0,0 +1,44 @@
+diff -rNu a/ext/expert/sqlite3expert.c b/ext/expert/sqlite3expert.c
+--- a/ext/expert/sqlite3expert.c	2021-11-25 09:00:19.267831518 +0800
++++ b/ext/expert/sqlite3expert.c	2021-11-25 09:07:38.551969861 +0800
+@@ -690,11 +690,13 @@
+   rc = idxPrintfPrepareStmt(db, &p1, pzErrmsg, "PRAGMA table_xinfo=%Q", zTab);
+   while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(p1) ){
+     const char *zCol = (const char*)sqlite3_column_text(p1, 1);
++    const char *zColSeq = 0;
+     nByte += 1 + STRLEN(zCol);
+     rc = sqlite3_table_column_metadata(
+-        db, "main", zTab, zCol, 0, &zCol, 0, 0, 0
++        db, "main", zTab, zCol, 0, &zColSeq, 0, 0, 0
+     );
+-    nByte += 1 + STRLEN(zCol);
++    if( zColSeq==0 ) zColSeq = "binary";
++    nByte += 1 + STRLEN(zColSeq);
+     nCol++;
+     nPk += (sqlite3_column_int(p1, 5)>0);
+   }
+@@ -714,6 +716,7 @@
+   nCol = 0;
+   while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(p1) ){
+     const char *zCol = (const char*)sqlite3_column_text(p1, 1);
++    const char *zColSeq = 0;
+     int nCopy = STRLEN(zCol) + 1;
+     pNew->aCol[nCol].zName = pCsr;
+     pNew->aCol[nCol].iPk = (sqlite3_column_int(p1, 5)==1 && nPk==1);
+@@ -721,12 +724,13 @@
+     pCsr += nCopy;
+ 
+     rc = sqlite3_table_column_metadata(
+-        db, "main", zTab, zCol, 0, &zCol, 0, 0, 0
++        db, "main", zTab, zCol, 0, &zColSeq, 0, 0, 0
+     );
+     if( rc==SQLITE_OK ){
+-      nCopy = STRLEN(zCol) + 1;
++      if( zColSeq==0 ) zColSeq = "binary";
++      nCopy = STRLEN(zColSeq) + 1;
+       pNew->aCol[nCol].zColl = pCsr;
+-      memcpy(pCsr, zCol, nCopy);
++      memcpy(pCsr, zColSeq, nCopy);
+       pCsr += nCopy;
+     }
+ 

sqlite.spec

@@ -1,22 +1,23 @@
 %bcond_without check
 
-%global extver 3340000
+%global extver 3360000
 %global tcl_version 8.6
 %global tcl_sitearch %{_libdir}/tcl%{tcl_version}
 
 Name:    sqlite
-Version: 3.34.0
-Release: 1
+Version: 3.36.0
+Release: 2
 Summary: Embeded SQL database
 License: Public Domain
 URL:     http://www.sqlite.org/
 
-Source0: https://www.sqlite.org/2020/sqlite-src-%{extver}.zip
-Source1: http://www.sqlite.org/2020/sqlite-doc-%{extver}.zip
-Source2: https://www.sqlite.org/2020/sqlite-autoconf-%{extver}.tar.gz
+Source0: https://www.sqlite.org/2021/sqlite-src-%{extver}.zip
+Source1: http://www.sqlite.org/2021/sqlite-doc-%{extver}.zip
+Source2: https://www.sqlite.org/2021/sqlite-autoconf-%{extver}.tar.gz
 
 Patch1: 0001-sqlite-no-malloc-usable-size.patch
 Patch2: 0002-remove-fail-testcase-in-no-free-fd-situation.patch
+Patch3: 0003-CVE-2021-36690.patch
 
 BuildRequires: gcc autoconf tcl tcl-devel
 BuildRequires: ncurses-devel readline-devel glibc-devel
@@ -61,6 +62,7 @@ This contains man files and HTML files for the using of sqlite.
 %setup -q -a1 -n %{name}-src-%{extver}
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 rm -f %{name}-doc-%{extver}/sqlite.css~ || :
 
@@ -131,6 +133,18 @@ make test
 %{_mandir}/man*/*
 
 %changelog
+* Fri Nov 27 2021 wbq_sky <wangbingquan@huawei.com> - 3.36.0-2
+- fix the CVE-2021-36690.
+
+* Fri Nov 25 2021 wbq_sky <wangbingquan@huawei.com> - 3.36.0-1
+- update to 3.36.0.
+
+* Fri Sep 3 2021 wbq_sky <wangbingquan@huawei.com> - 3.34.0-3
+- fix the null reference in the tigger statement.
+
+* Fri Sep 3 2021 wbq_sky <wangbingquan@huawei.com> - 3.34.0-2
+- fix the infinite loop problem in the trim function while the pattern is well formed.
+
 * Thu Jan 14 2021 yanglongkang <yanglongkang@huawei.com> - 3.34.0-1
 - update package to 3.34.0