From: Steve Sakoman <steve@sakoman.com>
Date: Mon, 1 Sep 2025 15:18:45 +0000 (-0700)
Subject: Revert "sqlite3: patch CVE-2025-7458"
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=36cf6bb39df081b27306d27b20155995b73e1a01;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git

Revert "sqlite3: patch CVE-2025-7458"

We have found that since this patch SELECT queries with
COUNT(DISTINCT(column)) seem to cause sqlite to segfault

This reverts commit 4d5093e5103016c08b3a32fd83b1ec9edd87cd5a.
---

diff --git a/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch b/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch
deleted file mode 100644
index 8fb037bb0f..0000000000
--- a/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From f55a7dad195994f2bb24db7df0a0515502386fe2 Mon Sep 17 00:00:00 2001
-From: drh <>
-Date: Sat, 22 Oct 2022 14:16:02 +0000
-Subject: [PATCH] This branch attempts to improve the detection of covering
- indexes.  This first check-in merely improves a parameter name to
- sqlite3WhereBegin() to be more descriptive of what it contains, and ensures
- that a subroutine is not inlines so that sqlite3WhereBegin() runs slightly
- faster.
-
-FossilOrigin-Name: cadf5f6bb1ce0492ef858ada476288e8057afd3609caa18b09c818d3845d7244
-
-Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/f55a7dad195994f2bb24db7df0a0515502386fe2]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- sqlite3.c | 28 +++++++++++++---------------
- 1 file changed, 13 insertions(+), 15 deletions(-)
-
-diff --git a/sqlite3.c b/sqlite3.c
-index 4cbc2d0..b7ed991 100644
---- a/sqlite3.c
-+++ b/sqlite3.c
-@@ -147371,9 +147371,7 @@ struct WhereInfo {
-   ExprList *pOrderBy;       /* The ORDER BY clause or NULL */
-   ExprList *pResultSet;     /* Result set of the query */
-   Expr *pWhere;             /* The complete WHERE clause */
--#ifndef SQLITE_OMIT_VIRTUALTABLE
--  Select *pLimit;           /* Used to access LIMIT expr/registers for vtabs */
--#endif
-+  Select *pSelect;          /* The entire SELECT statement containing WHERE */
-   int aiCurOnePass[2];      /* OP_OpenWrite cursors for the ONEPASS opt */
-   int iContinue;            /* Jump here to continue with next record */
-   int iBreak;               /* Jump here to break out of the loop */
-@@ -149070,9 +149068,9 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
-          && pLoop->u.vtab.bOmitOffset
-         ){
-           assert( pTerm->eOperator==WO_AUX );
--          assert( pWInfo->pLimit!=0 );
--          assert( pWInfo->pLimit->iOffset>0 );
--          sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pLimit->iOffset);
-+          assert( pWInfo->pSelect!=0 );
-+          assert( pWInfo->pSelect->iOffset>0 );
-+          sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pSelect->iOffset);
-           VdbeComment((v,"Zero OFFSET counter"));
-         }
-       }
-@@ -151830,10 +151828,10 @@ static void whereAddLimitExpr(
- ** exist only so that they may be passed to the xBestIndex method of the
- ** single virtual table in the FROM clause of the SELECT.
- */
--SQLITE_PRIVATE void sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
--  assert( p==0 || (p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0) );
--  if( (p && p->pLimit)                                          /* 1 */
--   && (p->selFlags & (SF_Distinct|SF_Aggregate))==0             /* 2 */
-+SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
-+  assert( p!=0 && p->pLimit!=0 );                 /* 1 -- checked by caller */
-+  assert( p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0 );
-+  if( (p->selFlags & (SF_Distinct|SF_Aggregate))==0             /* 2 */
-    && (p->pSrc->nSrc==1 && IsVirtual(p->pSrc->a[0].pTab))       /* 3 */
-   ){
-     ExprList *pOrderBy = p->pOrderBy;
-@@ -157427,7 +157425,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
-   Expr *pWhere,           /* The WHERE clause */
-   ExprList *pOrderBy,     /* An ORDER BY (or GROUP BY) clause, or NULL */
-   ExprList *pResultSet,   /* Query result set.  Req'd for DISTINCT */
--  Select *pLimit,         /* Use this LIMIT/OFFSET clause, if any */
-+  Select *pSelect,        /* The entire SELECT statement */
-   u16 wctrlFlags,         /* The WHERE_* flags defined in sqliteInt.h */
-   int iAuxArg             /* If WHERE_OR_SUBCLAUSE is set, index cursor number
-                           ** If WHERE_USE_LIMIT, then the limit amount */
-@@ -157504,9 +157502,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
-   pWInfo->wctrlFlags = wctrlFlags;
-   pWInfo->iLimit = iAuxArg;
-   pWInfo->savedNQueryLoop = pParse->nQueryLoop;
--#ifndef SQLITE_OMIT_VIRTUALTABLE
--  pWInfo->pLimit = pLimit;
--#endif
-+  pWInfo->pSelect = pSelect;
-   memset(&pWInfo->nOBSat, 0,
-          offsetof(WhereInfo,sWC) - offsetof(WhereInfo,nOBSat));
-   memset(&pWInfo->a[0], 0, sizeof(WhereLoop)+nTabList*sizeof(WhereLevel));
-@@ -157575,7 +157571,9 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
- 
-   /* Analyze all of the subexpressions. */
-   sqlite3WhereExprAnalyze(pTabList, &pWInfo->sWC);
--  sqlite3WhereAddLimit(&pWInfo->sWC, pLimit);
-+  if( pSelect && pSelect->pLimit ){
-+    sqlite3WhereAddLimit(&pWInfo->sWC, pSelect);
-+  }
-   if( db->mallocFailed ) goto whereBeginError;
- 
-   /* Special case: WHERE terms that do not refer to any tables in the join
diff --git a/meta/recipes-support/sqlite/files/CVE-2025-7458.patch b/meta/recipes-support/sqlite/files/CVE-2025-7458.patch
deleted file mode 100644
index 6b041d9332..0000000000
--- a/meta/recipes-support/sqlite/files/CVE-2025-7458.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From b816ca9994e03a8bc829b49452b8158a731e81a9 Mon Sep 17 00:00:00 2001
-From: drh <>
-Date: Thu, 16 Mar 2023 20:54:29 +0000
-Subject: [PATCH] Correctly handle SELECT DISTINCT ... ORDER BY when all of the
- result set terms are constant and there are more result set terms than ORDER
- BY terms. Fix for these tickets: [c36cdb4afd504dc1], [4051a7f931d9ba24],
- [d6fd512f50513ab7].
-
-FossilOrigin-Name: 12ad822d9b827777526ca5ed5bf3e678d600294fc9b5c25482dfff2a021328a4
-
-CVE: CVE-2025-7458
-Upstream-Status: Backport [github.com/sqlite/sqlite/commit/b816ca9994e03a8bc829b49452b8158a731e81a9]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- sqlite3.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/sqlite3.c b/sqlite3.c
-index 19d0438..6d92184 100644
---- a/sqlite3.c
-+++ b/sqlite3.c
-@@ -156989,6 +156989,10 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
-       if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
-         pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
-       }
-+      if( pWInfo->pSelect->pOrderBy
-+       && pWInfo->nOBSat > pWInfo->pSelect->pOrderBy->nExpr ){
-+        pWInfo->nOBSat = pWInfo->pSelect->pOrderBy->nExpr;
-+      }
-     }else{
-       pWInfo->nOBSat = pFrom->isOrdered;
-       pWInfo->revMask = pFrom->revLoop;
diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
index 280342204a..acdd80022e 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -10,8 +10,6 @@ SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \
            file://CVE-2023-7104.patch \
            file://CVE-2025-29088.patch \
            file://CVE-2025-6965.patch \
-           file://0001-This-branch-attempts-to-improve-the-detection-of-cov.patch \
-           file://CVE-2025-7458.patch \
            "
 SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"