Merge remote-tracking branch 'origin/5.14' into 5.15

Change-Id: I088f72543f5a964ae073f434b819b5fda4c549c8
doytsujin · Apr 20, 2020 · 5725cb7 · 5725cb7
2 parents fa83b30 + 3e6089b
commit 5725cb7
Show file tree

Hide file tree

Showing 4 changed files with 112 additions and 2 deletions.
diff --git a/src/3rdparty/sqlite/patches/0002-sqlite-Fix-CVE-2020-11655.patch b/src/3rdparty/sqlite/patches/0002-sqlite-Fix-CVE-2020-11655.patch
@@ -0,0 +1,30 @@
+From fa3ea2350c0367aa7cfd796b31214e2dcf574360 Mon Sep 17 00:00:00 2001
+From: Andy Shaw <[email protected]>
+Date: Mon, 20 Apr 2020 10:43:29 +0200
+Subject: [PATCH] sqlite: Fix CVE-2020-11655
+
+This was taken from 4a302b42c7bf5e11 in SQLite, ref:
+https://www3.sqlite.org/cgi/src/info/4a302b42c7bf5e11
+
+[ChangeLog][QtSQL][sqlite] Fixed CVE-2020-11655
+
+Change-Id: I5ead78d9ee63aa0f12f1c1014c79373728569f30
+---
+ src/3rdparty/sqlite/sqlite3.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/3rdparty/sqlite/sqlite3.c b/src/3rdparty/sqlite/sqlite3.c
+index dfe5323a59..054be43d95 100644
+--- a/src/3rdparty/sqlite/sqlite3.c
++++ b/src/3rdparty/sqlite/sqlite3.c
+@@ -133226,6 +133226,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
+   struct AggInfo_func *pFunc;
+   int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
+   if( nReg==0 ) return;
++  if( pParse->nErr ) return;
+ #ifdef SQLITE_DEBUG
+   /* Verify that all AggInfo registers are within the range specified by
+   ** AggInfo.mnReg..AggInfo.mxReg */
+-- 
+2.24.2 (Apple Git-127)
+
diff --git a/src/3rdparty/sqlite/patches/0003-sqlite-Fix-CVE-2020-11656.patch b/src/3rdparty/sqlite/patches/0003-sqlite-Fix-CVE-2020-11656.patch
@@ -0,0 +1,63 @@
+From 99cdbed3bb5368ae2ec80d15635a2dd57961310c Mon Sep 17 00:00:00 2001
+From: Andy Shaw <[email protected]>
+Date: Mon, 20 Apr 2020 10:49:57 +0200
+Subject: [PATCH] sqlite: Fix CVE-2020-11656
+
+This was taken from d09f8c3621d5f7f8 and b64674919f673602 in SQLite,
+ref: https://www3.sqlite.org/cgi/src/info/d09f8c3621d5f7f8
+https://www.sqlite.org/cgi/src/info/b64674919f673602
+
+[ChangeLog][QtSQL][sqlite] Fixed CVE-2020-11656
+
+Fixes: QTBUG-83652
+Change-Id: I99bd59dc10b753ff19822c902dff1fc339d330a8
+---
+ src/3rdparty/sqlite/sqlite3.c | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/3rdparty/sqlite/sqlite3.c b/src/3rdparty/sqlite/sqlite3.c
+index 054be43d95..6ff9ba42aa 100644
+--- a/src/3rdparty/sqlite/sqlite3.c
++++ b/src/3rdparty/sqlite/sqlite3.c
+@@ -97945,7 +97945,7 @@ static int resolveOrderByTermToExprList(
+   nc.nErr = 0;
+   db = pParse->db;
+   savedSuppErr = db->suppressErr;
+-  db->suppressErr = 1;
++  if( IN_RENAME_OBJECT==0 ) db->suppressErr = 1;
+   rc = sqlite3ResolveExprNames(&nc, pE);
+   db->suppressErr = savedSuppErr;
+   if( rc ) return 0;
+@@ -105383,6 +105383,21 @@ static void renameWalkWith(Walker *pWalker, Select *pSelect){
+   }
+ }
+
++/*
++** Unmap all tokens in the IdList object passed as the second argument.
++*/
++static void unmapColumnIdlistNames(
++  Parse *pParse,
++  IdList *pIdList
++){
++  if( pIdList ){
++    int ii;
++    for(ii=0; ii<pIdList->nId; ii++){
++      sqlite3RenameTokenRemap(pParse, 0, (void*)pIdList->a[ii].zName);
++    }
++  }
++}
++      
+ /*
+ ** Walker callback used by sqlite3RenameExprUnmap().
+ */
+@@ -105404,6 +105419,7 @@ static int renameUnmapSelectCb(Walker *pWalker, Select *p){
+     for(i=0; i<pSrc->nSrc; i++){
+       sqlite3RenameTokenRemap(pParse, 0, (void*)pSrc->a[i].zName);
+       if( sqlite3WalkExpr(pWalker, pSrc->a[i].pOn) ) return WRC_Abort;
++      unmapColumnIdlistNames(pParse, pSrc->a[i].pUsing);
+     }
+   }
+
+-- 
+2.24.2 (Apple Git-127)
+
diff --git a/src/3rdparty/sqlite/sqlite3.c b/src/3rdparty/sqlite/sqlite3.c
@@ -97945,7 +97945,7 @@ static int resolveOrderByTermToExprList(
   nc.nErr = 0;
   db = pParse->db;
   savedSuppErr = db->suppressErr;
-  db->suppressErr = 1;
+  if( IN_RENAME_OBJECT==0 ) db->suppressErr = 1;
   rc = sqlite3ResolveExprNames(&nc, pE);
   db->suppressErr = savedSuppErr;
   if( rc ) return 0;
@@ -105383,6 +105383,21 @@ static void renameWalkWith(Walker *pWalker, Select *pSelect){
   }
 }
 
+/*
+** Unmap all tokens in the IdList object passed as the second argument.
+*/
+static void unmapColumnIdlistNames(
+  Parse *pParse,
+  IdList *pIdList
+){
+  if( pIdList ){
+    int ii;
+    for(ii=0; ii<pIdList->nId; ii++){
+      sqlite3RenameTokenRemap(pParse, 0, (void*)pIdList->a[ii].zName);
+    }
+  }
+}
+
 /*
 ** Walker callback used by sqlite3RenameExprUnmap().
 */
@@ -105404,6 +105419,7 @@ static int renameUnmapSelectCb(Walker *pWalker, Select *p){
     for(i=0; i<pSrc->nSrc; i++){
       sqlite3RenameTokenRemap(pParse, 0, (void*)pSrc->a[i].zName);
       if( sqlite3WalkExpr(pWalker, pSrc->a[i].pOn) ) return WRC_Abort;
+      unmapColumnIdlistNames(pParse, pSrc->a[i].pUsing);
     }
   }
 
@@ -133226,6 +133242,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
   struct AggInfo_func *pFunc;
   int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
   if( nReg==0 ) return;
+  if( pParse->nErr ) return;
 #ifdef SQLITE_DEBUG
   /* Verify that all AggInfo registers are within the range specified by
   ** AggInfo.mnReg..AggInfo.mxReg */

diff --git a/src/corelib/global/qnamespace.qdoc b/src/corelib/global/qnamespace.qdoc
@@ -291,7 +291,7 @@
            application on supported platforms, use of a session manager may be
            redundant for system services.
            This attribute must be set before QGuiApplication is constructed.
-           This value was added in 5.13
+           This value was added in 5.14
 
     \value AA_DisableNativeVirtualKeyboard When this attribute is set, the native
            on-screen virtual keyboard will not be shown automatically when a