[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-commits-diffs] org.debian.monotone: 8f2bc17718b40cb82e9b3bec5a
From: |
code |
Subject: |
[Monotone-commits-diffs] org.debian.monotone: 8f2bc17718b40cb82e9b3bec5aceba31bbf2cb8f |
Date: |
Mon, 11 Mar 2013 21:54:18 +0100 (CET) |
revision: 8f2bc17718b40cb82e9b3bec5aceba31bbf2cb8f
date: 2010-10-26T23:45:41
author: Richard Levitte <address@hidden>
branch: org.debian.monotone
changelog:
merge of '71931c9a5c8d377bfb143bd4f20fabd0ec30ada0'
and '7f0976f5c960c9f494b1de0b27307dc7759986ca'
manifest:
format_version "1"
new_manifest [ed816be7e116744023fcc3d7f8d00e5d0e886666]
old_revision [71931c9a5c8d377bfb143bd4f20fabd0ec30ada0]
add_file "patches/10-sqlite_3.7.3_empty_blob.diff"
content [69ffd220f2ed68b00fe2b06bd93402b76cf01903]
patch "changelog"
from [0ed7f9ec2bfb565f328139dfd3733c00716836d8]
to [27c7ec19639f84113098dd5578cc949cc8605cac]
patch "patches/series"
from [46b089f38bf947773523743d6cd387a59946f42d]
to [010e54b02a946755c6c68e9a6e9fe9d1c0605648]
old_revision [7f0976f5c960c9f494b1de0b27307dc7759986ca]
add_file "patches/01-database.cc.diff"
content [665f7d49b645df16a5b38298bc887504a49c04a5]
============================================================
--- changelog 0ed7f9ec2bfb565f328139dfd3733c00716836d8
+++ changelog 27c7ec19639f84113098dd5578cc949cc8605cac
@@ -1,3 +1,12 @@
+monotone (0.48.1-1) UNRELEASED; urgency=high
+
+ * New upstream release.
+ - Contains security fix to prevent crashing of servers with remote command
+ execution enabled.
+ * Backport upstream fix for change in SQLite empty blob behaviour.
+
+ -- Francis Russell <address@hidden> Tue, 26 Oct 2010 17:11:42 +0100
+
monotone (0.48-3) UNRELEASED; urgency=low
* Add debian/source/format file as it may become mandatory.
============================================================
--- /dev/null
+++ patches/10-sqlite_3.7.3_empty_blob.diff 69ffd220f2ed68b00fe2b06bd93402b76cf01903
@@ -0,0 +1,34 @@
+From upstream changelog for revision 97939c9677047b36beef031cce4c1896849a987c:
+ sqlite3_column_blob() returns null for both empty blobs and real nulls.
+ Check the actual datatype first, and don't rely on a non-null return.
+ This only matters for recent SQLite, noted in bug 96.
+
+See also http://code.monotone.ca/p/monotone/issues/96/.
+Index: monotone-0.48.1/database.cc
+===================================================================
+--- monotone-0.48.1.orig/database.cc 2010-10-26 17:09:59.401570755 +0100
++++ monotone-0.48.1/database.cc 2010-10-26 17:10:14.563939979 +0100
+@@ -1489,12 +1489,19 @@
+ vector<string> row;
+ for (int col = 0; col < ncol; col++)
+ {
++ // We never store NULLs, so we should never see one.
++ int const datatype = sqlite3_column_type(i->second.stmt(), col);
++ E(datatype != SQLITE_NULL, origin::database,
++ F("null result in query: %s") % query.sql_cmd);
+ const char * value = (const char*)sqlite3_column_blob(i->second.stmt(), col);
+ int bytes = sqlite3_column_bytes(i->second.stmt(), col);
+- E(value, origin::database,
+- F("null result in query: %s") % query.sql_cmd);
+- row.push_back(string(value, value + bytes));
+- //L(FL("row %d col %d value='%s'") % nrow % col % value);
++ if (value) {
++ row.push_back(string(value, value + bytes));
++ } else {
++ // sqlite3_column_blob() returns null for zero-length
++ I(bytes == 0);
++ row.push_back(string());
++ }
+ }
+ res.push_back(row);
+ }
============================================================
--- patches/series 46b089f38bf947773523743d6cd387a59946f42d
+++ patches/series 010e54b02a946755c6c68e9a6e9fe9d1c0605648
@@ -1,3 +1,3 @@ 00-fail_cleanly_on_unreadable_db.diff
00-fail_cleanly_on_unreadable_db.diff
-01-database.cc.diff
+10-sqlite_3.7.3_empty_blob.diff
90-stacktrace-on-crash.diff
============================================================
--- /dev/null
+++ patches/01-database.cc.diff 665f7d49b645df16a5b38298bc887504a49c04a5
@@ -0,0 +1,37 @@
+#
+# SQLite 3.7.3 and later does consistently return a NULL pointer
+# for empty or NULL blobs, just as documented. We've just been
+# lucky enough in the past to always get back an empty string
+# before...
+#
+# patch "database.cc"
+# from [0afa3ff4bd9c9ee3bc62b10bcf6295a9f5388d64]
+# to [8bfff559a0894259fe3668294bd3906ae837129b]
+#
+============================================================
+--- monotone-0.48.orig/database.cc 0afa3ff4bd9c9ee3bc62b10bcf6295a9f5388d64
++++ monotone-0.48/database.cc 8bfff559a0894259fe3668294bd3906ae837129b
+@@ -1489,12 +1489,19 @@ database_impl::fetch(results & res,
+ vector<string> row;
+ for (int col = 0; col < ncol; col++)
+ {
++ // We never store NULLs, so we should never see one.
++ int const datatype = sqlite3_column_type(i->second.stmt(), col);
++ E(datatype != SQLITE_NULL, origin::database,
++ F("null result in query: %s") % query.sql_cmd);
+ const char * value = (const char*)sqlite3_column_blob(i->second.stmt(), col);
+ int bytes = sqlite3_column_bytes(i->second.stmt(), col);
+- E(value, origin::database,
+- F("null result in query: %s") % query.sql_cmd);
+- row.push_back(string(value, value + bytes));
+- //L(FL("row %d col %d value='%s'") % nrow % col % value);
++ if (value) {
++ row.push_back(string(value, value + bytes));
++ } else {
++ // sqlite3_column_blob() returns null for zero-length
++ I(bytes == 0);
++ row.push_back(string());
++ }
+ }
+ res.push_back(row);
+ }
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Monotone-commits-diffs] org.debian.monotone: 8f2bc17718b40cb82e9b3bec5aceba31bbf2cb8f,
code <=