** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sqlite3 in Ubuntu.
https://bugs.launchpad.net/bugs/1530552
Title:
Segmentation fault on corrupted sqlite3 database on 14.04.3 LTS
Status in sqlite3 package in Ubuntu:
Confirmed
Bug description:
The following command triggers a Segmentation fault:
$ valgrind sqlite3 test.gpkg "SELECT * FROM gpkg_contents WHERE table_name =
'poly'"
==601== Memcheck, a memory error detector
==601== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==601== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==601== Command: sqlite3 test.gpkg SELECT\ *\ FROM\ gpkg_contents\ WHERE\
table_name\ =\ 'poly'
==601==
==601== Invalid read of size 1
==601== at 0x4EA9061: ??? (in
/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6)
==601== by 0x4EABF86: sqlite3_step (in
/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6)
==601== by 0x10DE2D: ??? (in /usr/bin/sqlite3)
==601== by 0x10AF4D: ??? (in /usr/bin/sqlite3)
==601== by 0x5357EC4: (below main) (libc-start.c:287)
==601== Address 0x105ddcd4f is not stack'd, malloc'd or (recently) free'd
==601==
==601==
==601== Process terminating with default action of signal 11 (SIGSEGV)
==601== Access not within mapped region at address 0x105DDCD4F
==601== at 0x4EA9061: ??? (in
/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6)
==601== by 0x4EABF86: sqlite3_step (in
/usr/lib/x86_64-linux-gnu/libsqlite3.so.0.8.6)
==601== by 0x10DE2D: ??? (in /usr/bin/sqlite3)
==601== by 0x10AF4D: ??? (in /usr/bin/sqlite3)
==601== by 0x5357EC4: (below main) (libc-start.c:287)
==601== If you believe this happened as a result of a stack
==601== overflow in your program's main thread (unlikely but
==601== possible), you can try to increase the size of the
==601== main thread stack using the --main-stacksize= flag.
==601== The main thread stack size used in this run was 8388608.
==601==
==601== HEAP SUMMARY:
==601== in use at exit: 196,267 bytes in 1,176 blocks
==601== total heap usage: 1,975 allocs, 799 frees, 481,840 bytes allocated
==601==
==601== LEAK SUMMARY:
==601== definitely lost: 0 bytes in 0 blocks
==601== indirectly lost: 0 bytes in 0 blocks
==601== possibly lost: 196,256 bytes in 1,175 blocks
==601== still reachable: 11 bytes in 1 blocks
==601== suppressed: 0 bytes in 0 blocks
==601== Rerun with --leak-check=full to see details of leaked memory
==601==
==601== For counts of detected and suppressed errors, rerun with: -v
==601== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
$ dpkg -l | grep sqlite3
ii libsqlite3-0:amd64 3.8.2-1ubuntu2.1
amd64 SQLite 3 shared library
ii libsqlite3-0:i386 3.8.2-1ubuntu2.1
i386 SQLite 3 shared library
ii libsqlite3-dev:amd64 3.8.2-1ubuntu2.1
amd64 SQLite 3 development files
ii sqlite3 3.8.2-1ubuntu2.1
amd64 Command line interface for
SQLite 3
It seems security patches must be missing as the same database with latest
self-compiled sqlite 3.9.2 outputs:
$ sqlite-autoconf-3090200/sqlite3 test.gpkg "SELECT * FROM gpkg_contents
WHERE table_name = 'poly'"
Error: database disk image is malformed
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1530552/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
