From 423d82ac8c7c545e8eac6f70a3e5e92208b7d991 Mon Sep 17 00:00:00 2001
From: Andy Shaw <andy.shaw@qt.io>
Date: Tue, 21 Jan 2020 15:15:00 +0100
Subject: [PATCH] Fix CVE-2019-19880 in SQLite

Fixes: QTBUG-81565
Change-Id: I6bf2364e696315e5262d1abfa2f0b6947f14a33b
---
 src/3rdparty/sqlite/sqlite3.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/3rdparty/sqlite/sqlite3.c b/src/3rdparty/sqlite/sqlite3.c
index d5b43857ad..cd1a4d5221 100644
--- a/src/3rdparty/sqlite/sqlite3.c
+++ b/src/3rdparty/sqlite/sqlite3.c
@@ -147620,9 +147620,11 @@ static ExprList *exprListAppendList(
     int nInit = pList ? pList->nExpr : 0;
     for(i=0; i<pAppend->nExpr; i++){
       Expr *pDup = sqlite3ExprDup(pParse->db, pAppend->a[i].pExpr, 0);
+      assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
       if( bIntToNull && pDup && pDup->op==TK_INTEGER ){
         pDup->op = TK_NULL;
         pDup->flags &= ~(EP_IntValue|EP_IsTrue|EP_IsFalse);
+        pDup->u.zToken = 0;
       }
       pList = sqlite3ExprListAppend(pParse, pList, pDup);
       if( pList ) pList->a[nInit+i].sortFlags = pAppend->a[i].sortFlags;
-- 
2.21.0 (Apple Git-122.2)