Fix two long-standing bugs that allow malicious SQL statements to crash
the process that is running SQLite. These bugs were announced by a
third-party approximately 24 hours after the 3.32.0 release but are not
specific to the 3.32.0 release.
Fix a long-standing bug in the byte-code engine that can cause a COMMIT
command report as success when in fact it failed to commit. Ticket
810dc8038872e212.
Approved by: portmgr (blanket: run-time bugfix)
MFH: 2020Q2
PR: 235802
Reported by: Charlie Li <ml+freebsd@vishwin.info>
Approved by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
Relnotes: https://www.sqlite.org/changes.html
In file included from <built-in>:318:
<command line>:39:28: warning: ISO C99 requires whitespace after the macro name [-Wc99-extensions]
#define SQLITE_ENABLE_RTREE-DSQLITE_ENABLE_SESSION 1
^
sqlite3.c:308:5: error: token is not a valid binary operator in a preprocessor subexpression
#if SQLITE_ENABLE_RTREE
^~~~~~~~~~~~~~~~~~~
<command line>:39:52: note: expanded from here
#define SQLITE_ENABLE_RTREE-DSQLITE_ENABLE_SESSION 1
~~~~~~~~~~~~~~~~~~~~~~~ ^
1 warning and 1 error generated.
*** Error code 1
Approved by: portmgr (blanket)
Changelog:
https://www.sqlite.org/releaselog/3_23_0.html
Port changes:
* Add SER1 option for the new optional sqlite3_serialize()/sqlite3_deserialize() functions
* Remove security patches that are now in the release
PR: 227365
Submitted by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
Detect databases whose schema is corrupted using
a CREATE TABLE AS statement and issue an appropriate error message.
CVE-2018-8740 will be entered into VuXML when SQLite will make
a release, because CVE-2018-8740 says that versions up to and including
the current version 3.22.0 are vulnerable.
Submitted by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
Reported by: tj <tj@mrsk.me>
Changelog:
https://www.sqlite.org/releaselog/3_22_0.html
Port changes:
* Added the OFFSET option for the new sqlite_offset() function
* Added 'Optional extensions' and 'Optional functions' option
groups for better options readability
* Deleted patches from files/ because they were disabling certain
options in the command-line utility that the upstream keeps
always enabled there
* Changed capitalization in some options according to
common spelling rules
PR: 225627
Submitted by: Charlie Li <ml+freebsd@vishwin.info> (original version)
Submitted by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer, later version)
Approved by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
Differential Revision: https://reviews.freebsd.org/D14216
ports build.
Due to recent changes in sqlite3 even if this flag is actually
implicitly added to the build when the FTS4 option is enabled, it
is not reported as present via the
sqlite3_compileoption_used("SQLITE_ENABLE_FTS3") API call, which
is used by the gecko ports configure script to check for a suitable
sqlite3 library.
Related upstream change: https://sqlite.org/src/info/9a443397a6b110f6
PR: 221361, 219963
Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com>,
jbeich@
Approved by: portmgr@ (blanket)
MFH: 2017Q3
- Fix a bug associated with auto_vacuum that can lead to database corruption
PR: 219902
Submitted by: pavelivolkov@gmail.com (maintainer)
Reviewed by: lifanov (mentor), matthew (mentor)
Approved by: pavelivolkov@gmail.com (maintainer), lifanov (mentor), matthew (mentor)
Differential Revision: https://reviews.freebsd.org/D11132
":?" is not supported by fmake from FreeBSD 9, so replace it with an explicit
version check. The end result was still the desired one (-DHAVE_STRCHRNUL=1 was
not passed on FreeBSD 9).
While here, also improve the version check by including DragonFly (which
supports strchrnul(3) according to its online man page) and restricting the
FreeBSD version check to the revision range after strchrnul(3) was added to
base.
Also stop passing -Os when building in debug mode, and set UNICODE61_CPPFLAGS
to pet portlint.
PR: 214608
Submitted by: Pavel Volkov <pavelivolkov@gmail.com> (maintainer)
MFH: 2016Q4
