From 1c52fc05c6b46b242e64eb746af429892b986d0a Mon Sep 17 00:00:00 2001
From: Sam James <sam@gentoo.org>
Date: Wed, 12 Jun 2024 02:57:18 +0100
Subject: dev-db/libdbi-drivers: fix memory corruption issues w/ sqlite

Backport some memory corruption fixes for sqlite3.

Note that I haven't fixed bug #920440 - I have essentially no idea
about this package and I'd really prefer someone investigate what
it's even trying to do there.

Bug: https://bugs.gentoo.org/920440
Closes: https://bugs.gentoo.org/920460
Closes: https://bugs.gentoo.org/933427
Signed-off-by: Sam James <sam@gentoo.org>
---
 .../libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch      | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch

(limited to 'dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch')

diff --git a/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch
new file mode 100644
index 000000000000..3bec6d958bc6
--- /dev/null
+++ b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch
@@ -0,0 +1,14 @@
+https://bugs.gentoo.org/933427
+https://sourceforge.net/p/libdbi-drivers/libdbi-drivers/ci/7657c4c688c021d5f42a38e998c876d1739d5d8f
+--- a/drivers/sqlite3/dbd_sqlite3.c
++++ b/drivers/sqlite3/dbd_sqlite3.c
+@@ -585,7 +585,8 @@
+   unsigned char *temp;
+   size_t len;
+ 
+-  if ((temp = malloc(from_length*2)) == NULL) {
++  /* allocate an extra byte for NULL and two for the quotes */
++  if ((temp = malloc(2*from_length+1+2)) == NULL) {
+     return 0;
+   }
+ 
-- 
cgit v1.2.3