Fix CVE-2019-19242 in SQLite

Task-number: QTBUG-80903 Change-Id: I78a72a574da5cf3503950afe47146ae6424f00c6 Reviewed-by: Christian Ehrlicher <ch.ehrlicher@gmx.de> Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
author: Andy Shaw <andy.shaw@qt.io> 2019-12-19 21:59:09 +0100
committer: Andy Shaw <andy.shaw@qt.io> 2020-01-03 09:30:52 +0100
commit: dcef0b96eef04c4e17c2e51ea71aea1f78625864 (patch)
tree: 5ec63542504f2a0d1fe6734d4a6d216f6290542a /src/3rdparty/sqlite/sqlite3.c
parent: 105e662221cc90d5002e06c97febf50c5c601336 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/src/3rdparty/sqlite/sqlite3.c b/src/3rdparty/sqlite/sqlite3.c
index bd647ca1c2..d3e0c065b6 100644
--- a/src/3rdparty/sqlite/sqlite3.c
+++ b/src/3rdparty/sqlite/sqlite3.c
@@ -101055,7 +101055,12 @@ expr_code_doover:
         ** constant.
         */
         int iReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft,target);
-        int aff = sqlite3TableColumnAffinity(pExpr->y.pTab, pExpr->iColumn);
+        int aff;
+        if( pExpr->y.pTab ){
+          aff = sqlite3TableColumnAffinity(pExpr->y.pTab, pExpr->iColumn);
+        }else{
+          aff = pExpr->affExpr;
+        }
         if( aff>SQLITE_AFF_BLOB ){
           static const char zAff[] = "B\000C\000D\000E";
           assert( SQLITE_AFF_BLOB=='A' );
author	Andy Shaw <andy.shaw@qt.io>	2019-12-19 21:59:09 +0100
committer	Andy Shaw <andy.shaw@qt.io>	2020-01-03 09:30:52 +0100
commit	dcef0b96eef04c4e17c2e51ea71aea1f78625864 (patch)
tree	5ec63542504f2a0d1fe6734d4a6d216f6290542a /src/3rdparty/sqlite/sqlite3.c
parent	105e662221cc90d5002e06c97febf50c5c601336 (diff)