> the commit shortlog does not match what the patch is doing, unless the new > replaced function is the one avoiding exceptions..
The fixed issue is tracked under https://github.com/ikeydoherty/cve-check-tool/issues/60 It says "crash on bad pointer free". It fixes crash when freeing invalid pointer, which happened on sqlite exceptions. If necessary, I can update the commit message with longer explanation. On Wed, 2017-06-07 at 08:04 +0200, Peter Marko wrote: > This fixes cve-check-tool crashes on exceptions. > > Signed-off-by: Peter Marko <peter.ma...@siemens.com> > --- > .../cve-check-tool/cve-check-tool_5.6.4.bb | 1 + > ...01-Fix-freeing-memory-allocated-by-sqlite.patch | 50 > ++++++++++++++++++++++ > 2 files changed, 51 insertions(+) > create mode 100644 > meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-all > ocated-by-sqlite.patch > > diff --git > a/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb > b/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb > index 1f906ee..4829b11 100644 > --- a/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb > +++ b/meta/recipes-devtools/cve-check-tool/cve-check-tool_5.6.4.bb > @@ -11,6 +11,7 @@ SRC_URI = > "https://github.com/ikeydoherty/${BPN}/releases/download/v${PV}/${BP}. > > file://0001-print-progress-in-percent-when-downloading-CVE-db.patch \ > > file://0001-curl-allow-overriding-default-CA-certificate-file.patch \ > > file://0001-update-Compare-computed-vs-expected-sha256-digit-str.patch > \ > + file://0001-Fix-freeing-memory-allocated-by-sqlite.patch \ > " > > SRC_URI[md5sum] = "c5f4247140fc9be3bf41491d31a34155" > diff --git > a/meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-a > llocated-by-sqlite.patch > b/meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memory-a > llocated-by-sqlite.patch > new file mode 100644 > index 0000000..4a82cf2 > --- /dev/null > +++ b/meta/recipes-devtools/cve-check-tool/files/0001-Fix-freeing-memo > +++ ry-allocated-by-sqlite.patch > @@ -0,0 +1,50 @@ > +From a3353429652f83bb8b0316500faa88fa2555542d Mon Sep 17 00:00:00 > +2001 > +From: Peter Marko <peter.ma...@siemens.com> > +Date: Thu, 13 Apr 2017 23:09:52 +0200 > +Subject: [PATCH] Fix freeing memory allocated by sqlite > + > +Upstream-Status: Backport > +Signed-off-by: Peter Marko <peter.ma...@siemens.com> > +--- > + src/core.c | 8 ++++---- > + 1 file changed, 4 insertions(+), 4 deletions(-) > + > +diff --git a/src/core.c b/src/core.c > +index 6263031..6788f16 100644 > +--- a/src/core.c > ++++ b/src/core.c > +@@ -82,7 +82,7 @@ static bool ensure_table(CveDB *self) > + rc = sqlite3_exec(self->db, query, NULL, NULL, &err); > + if (rc != SQLITE_OK) { > + fprintf(stderr, "ensure_table(): %s\n", err); > +- free(err); > ++ sqlite3_free(err); > + return false; > + } > + > +@@ -91,7 +91,7 @@ static bool ensure_table(CveDB *self) > + rc = sqlite3_exec(self->db, query, NULL, NULL, &err); > + if (rc != SQLITE_OK) { > + fprintf(stderr, "ensure_table(): %s\n", err); > +- free(err); > ++ sqlite3_free(err); > + return false; > + } > + > +@@ -99,11 +99,11 @@ static bool ensure_table(CveDB *self) > + rc = sqlite3_exec(self->db, query, NULL, NULL, &err); > + if (rc != SQLITE_OK) { > + fprintf(stderr, "ensure_table(): %s\n", err); > +- free(err); > ++ sqlite3_free(err); > + return false; > + } > + if (err) { > +- free(err); > ++ sqlite3_free(err); > + } > + > + return true; > +-- > +2.1.4 > + > -- > 2.1.4 > -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core