Revert "sqlite3: patch CVE-2025-7458"

We have found that since this patch SELECT queries with COUNT(DISTINCT(column)) seem to cause sqlite to segfault This reverts commit 4d5093e5103016c08b3a32fd83b1ec9edd87cd5a. Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Steve Sakoman <steve@sakoman.com> 2025-09-01 08:18:45 -0700
committer: Steve Sakoman <steve@sakoman.com> 2025-09-01 08:25:16 -0700
commit: d655701622de0228e28324c0a1e8eabf73668e56 (patch)
tree: 763666045618c97f8e8a6f858752acb50c000034
parent: 34ee6fc4949f4a7adb4ceb0f51fb327093b8b491 (diff)
download: poky-d655701622de0228e28324c0a1e8eabf73668e56.tar.gz
3 files changed, 0 insertions, 125 deletions
diff --git a/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch b/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch
deleted file mode 100644
index 8fb037bb0f..0000000000
--- a/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From f55a7dad195994f2bb24db7df0a0515502386fe2 Mon Sep 17 00:00:00 2001
-From: drh <>
-Date: Sat, 22 Oct 2022 14:16:02 +0000
-Subject: [PATCH] This branch attempts to improve the detection of covering
- indexes.  This first check-in merely improves a parameter name to
- sqlite3WhereBegin() to be more descriptive of what it contains, and ensures
- that a subroutine is not inlines so that sqlite3WhereBegin() runs slightly
- faster.
-FossilOrigin-Name: cadf5f6bb1ce0492ef858ada476288e8057afd3609caa18b09c818d3845d7244
-Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/f55a7dad195994f2bb24db7df0a0515502386fe2]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
- sqlite3.c | 28 +++++++++++++---------------
- 1 file changed, 13 insertions(+), 15 deletions(-)
-diff --git a/sqlite3.c b/sqlite3.c
-index 4cbc2d0..b7ed991 100644
--- a/sqlite3.c
-+++ b/sqlite3.c
-@@ -147371,9 +147371,7 @@ struct WhereInfo {
-   ExprList *pOrderBy;       /* The ORDER BY clause or NULL */
-   ExprList *pResultSet;     /* Result set of the query */
-   Expr *pWhere;             /* The complete WHERE clause */
-#ifndef SQLITE_OMIT_VIRTUALTABLE
-  Select *pLimit;           /* Used to access LIMIT expr/registers for vtabs */
-#endif
-+  Select *pSelect;          /* The entire SELECT statement containing WHERE */
-   int aiCurOnePass[2];      /* OP_OpenWrite cursors for the ONEPASS opt */
-   int iContinue;            /* Jump here to continue with next record */
-   int iBreak;               /* Jump here to break out of the loop */
-@@ -149070,9 +149068,9 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
-          && pLoop->u.vtab.bOmitOffset
-         ){
-           assert( pTerm->eOperator==WO_AUX );
-          assert( pWInfo->pLimit!=0 );
-          assert( pWInfo->pLimit->iOffset>0 );
-          sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pLimit->iOffset);
-+          assert( pWInfo->pSelect!=0 );
-+          assert( pWInfo->pSelect->iOffset>0 );
-+          sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pSelect->iOffset);
-           VdbeComment((v,"Zero OFFSET counter"));
-         }
-       }
-@@ -151830,10 +151828,10 @@ static void whereAddLimitExpr(
- ** exist only so that they may be passed to the xBestIndex method of the
- ** single virtual table in the FROM clause of the SELECT.
- */
-SQLITE_PRIVATE void sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
-  assert( p==0 || (p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0) );
-  if( (p && p->pLimit)                                          /* 1 */
-   && (p->selFlags & (SF_Distinct|SF_Aggregate))==0             /* 2 */
-+SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
-+  assert( p!=0 && p->pLimit!=0 );                 /* 1 -- checked by caller */
-+  assert( p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0 );
-+  if( (p->selFlags & (SF_Distinct|SF_Aggregate))==0             /* 2 */
-    && (p->pSrc->nSrc==1 && IsVirtual(p->pSrc->a[0].pTab))       /* 3 */
-   ){
-     ExprList *pOrderBy = p->pOrderBy;
-@@ -157427,7 +157425,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
-   Expr *pWhere,           /* The WHERE clause */
-   ExprList *pOrderBy,     /* An ORDER BY (or GROUP BY) clause, or NULL */
-   ExprList *pResultSet,   /* Query result set.  Req'd for DISTINCT */
-  Select *pLimit,         /* Use this LIMIT/OFFSET clause, if any */
-+  Select *pSelect,        /* The entire SELECT statement */
-   u16 wctrlFlags,         /* The WHERE_* flags defined in sqliteInt.h */
-   int iAuxArg             /* If WHERE_OR_SUBCLAUSE is set, index cursor number
-                           ** If WHERE_USE_LIMIT, then the limit amount */
-@@ -157504,9 +157502,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
-   pWInfo->wctrlFlags = wctrlFlags;
-   pWInfo->iLimit = iAuxArg;
-   pWInfo->savedNQueryLoop = pParse->nQueryLoop;
-#ifndef SQLITE_OMIT_VIRTUALTABLE
-  pWInfo->pLimit = pLimit;
-#endif
-+  pWInfo->pSelect = pSelect;
-   memset(&pWInfo->nOBSat, 0,
-          offsetof(WhereInfo,sWC) - offsetof(WhereInfo,nOBSat));
-   memset(&pWInfo->a[0], 0, sizeof(WhereLoop)+nTabList*sizeof(WhereLevel));
-@@ -157575,7 +157571,9 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
- 
-   /* Analyze all of the subexpressions. */
-   sqlite3WhereExprAnalyze(pTabList, &pWInfo->sWC);
-  sqlite3WhereAddLimit(&pWInfo->sWC, pLimit);
-+  if( pSelect && pSelect->pLimit ){
-+    sqlite3WhereAddLimit(&pWInfo->sWC, pSelect);
-+  }
-   if( db->mallocFailed ) goto whereBeginError;
- 
-   /* Special case: WHERE terms that do not refer to any tables in the join
diff --git a/meta/recipes-support/sqlite/files/CVE-2025-7458.patch b/meta/recipes-support/sqlite/files/CVE-2025-7458.patch
deleted file mode 100644
index 6b041d9332..0000000000
--- a/meta/recipes-support/sqlite/files/CVE-2025-7458.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From b816ca9994e03a8bc829b49452b8158a731e81a9 Mon Sep 17 00:00:00 2001
-From: drh <>
-Date: Thu, 16 Mar 2023 20:54:29 +0000
-Subject: [PATCH] Correctly handle SELECT DISTINCT ... ORDER BY when all of the
- result set terms are constant and there are more result set terms than ORDER
- BY terms. Fix for these tickets: [c36cdb4afd504dc1], [4051a7f931d9ba24],
- [d6fd512f50513ab7].
-FossilOrigin-Name: 12ad822d9b827777526ca5ed5bf3e678d600294fc9b5c25482dfff2a021328a4
-CVE: CVE-2025-7458
-Upstream-Status: Backport [github.com/sqlite/sqlite/commit/b816ca9994e03a8bc829b49452b8158a731e81a9]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
- sqlite3.c | 4 ++++
- 1 file changed, 4 insertions(+)
-diff --git a/sqlite3.c b/sqlite3.c
-index 19d0438..6d92184 100644
--- a/sqlite3.c
-+++ b/sqlite3.c
-@@ -156989,6 +156989,10 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
-       if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
-         pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
-       }
-+      if( pWInfo->pSelect->pOrderBy
-+       && pWInfo->nOBSat > pWInfo->pSelect->pOrderBy->nExpr ){
-+        pWInfo->nOBSat = pWInfo->pSelect->pOrderBy->nExpr;
-+      }
-     }else{
-       pWInfo->nOBSat = pFrom->isOrdered;
-       pWInfo->revMask = pFrom->revLoop;
diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
index 280342204a..acdd80022e 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -10,8 +10,6 @@ SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \
           file://CVE-2023-7104.patch \
           file://CVE-2025-29088.patch \
           file://CVE-2025-6965.patch \
-           file://0001-This-branch-attempts-to-improve-the-detection-of-cov.patch \
-           file://CVE-2025-7458.patch \
           "
 SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"
author	Steve Sakoman <steve@sakoman.com>	2025-09-01 08:18:45 -0700
committer	Steve Sakoman <steve@sakoman.com>	2025-09-01 08:25:16 -0700
commit	d655701622de0228e28324c0a1e8eabf73668e56 (patch)
tree	763666045618c97f8e8a6f858752acb50c000034
parent	34ee6fc4949f4a7adb4ceb0f51fb327093b8b491 (diff)
download	poky-d655701622de0228e28324c0a1e8eabf73668e56.tar.gz

diff --git a/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch b/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch deleted file mode 100644 index 8fb037bb0f..0000000000 --- a/meta/recipes-support/sqlite/files/0001-This-branch-attempts-to-improve-the-detection-of-cov.patch +++ /dev/null
@@ -1,91 +0,0 @@
1	From f55a7dad195994f2bb24db7df0a0515502386fe2 Mon Sep 17 00:00:00 2001
2	From: drh <>
3	Date: Sat, 22 Oct 2022 14:16:02 +0000
4	Subject: [PATCH] This branch attempts to improve the detection of covering
5	indexes. This first check-in merely improves a parameter name to
6	sqlite3WhereBegin() to be more descriptive of what it contains, and ensures
7	that a subroutine is not inlines so that sqlite3WhereBegin() runs slightly
8	faster.
9
10	FossilOrigin-Name: cadf5f6bb1ce0492ef858ada476288e8057afd3609caa18b09c818d3845d7244
11
12	Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/f55a7dad195994f2bb24db7df0a0515502386fe2]
13	Signed-off-by: Peter Marko <peter.marko@siemens.com>
14	---
15	sqlite3.c \| 28 +++++++++++++---------------
16	1 file changed, 13 insertions(+), 15 deletions(-)
17
18	diff --git a/sqlite3.c b/sqlite3.c
19	index 4cbc2d0..b7ed991 100644
20	--- a/sqlite3.c
21	+++ b/sqlite3.c
22	@@ -147371,9 +147371,7 @@ struct WhereInfo {
23	ExprList pOrderBy; / The ORDER BY clause or NULL */
24	ExprList pResultSet; / Result set of the query */
25	Expr pWhere; / The complete WHERE clause */
26	-#ifndef SQLITE_OMIT_VIRTUALTABLE
27	- Select pLimit; / Used to access LIMIT expr/registers for vtabs */
28	-#endif
29	+ Select pSelect; / The entire SELECT statement containing WHERE */
30	int aiCurOnePass[2]; /* OP_OpenWrite cursors for the ONEPASS opt */
31	int iContinue; /* Jump here to continue with next record */
32	int iBreak; /* Jump here to break out of the loop */
33	@@ -149070,9 +149068,9 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
34	&& pLoop->u.vtab.bOmitOffset
35	){
36	assert( pTerm->eOperator==WO_AUX );
37	- assert( pWInfo->pLimit!=0 );
38	- assert( pWInfo->pLimit->iOffset>0 );
39	- sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pLimit->iOffset);
40	+ assert( pWInfo->pSelect!=0 );
41	+ assert( pWInfo->pSelect->iOffset>0 );
42	+ sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pSelect->iOffset);
43	VdbeComment((v,"Zero OFFSET counter"));
44	}
45	}
46	@@ -151830,10 +151828,10 @@ static void whereAddLimitExpr(
47	** exist only so that they may be passed to the xBestIndex method of the
48	** single virtual table in the FROM clause of the SELECT.
49	*/
50	-SQLITE_PRIVATE void sqlite3WhereAddLimit(WhereClause pWC, Select p){
51	- assert( p==0 \|\| (p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0) );
52	- if( (p && p->pLimit) /* 1 */
53	- && (p->selFlags & (SF_Distinct\|SF_Aggregate))==0 /* 2 */
54	+SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause pWC, Select p){
55	+ assert( p!=0 && p->pLimit!=0 ); /* 1 -- checked by caller */
56	+ assert( p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0 );
57	+ if( (p->selFlags & (SF_Distinct\|SF_Aggregate))==0 /* 2 */
58	&& (p->pSrc->nSrc==1 && IsVirtual(p->pSrc->a[0].pTab)) /* 3 */
59	){
60	ExprList *pOrderBy = p->pOrderBy;
61	@@ -157427,7 +157425,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
62	Expr pWhere, / The WHERE clause */
63	ExprList pOrderBy, / An ORDER BY (or GROUP BY) clause, or NULL */
64	ExprList pResultSet, / Query result set. Req'd for DISTINCT */
65	- Select pLimit, / Use this LIMIT/OFFSET clause, if any */
66	+ Select pSelect, / The entire SELECT statement */
67	u16 wctrlFlags, /* The WHERE_* flags defined in sqliteInt.h */
68	int iAuxArg /* If WHERE_OR_SUBCLAUSE is set, index cursor number
69	** If WHERE_USE_LIMIT, then the limit amount */
70	@@ -157504,9 +157502,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
71	pWInfo->wctrlFlags = wctrlFlags;
72	pWInfo->iLimit = iAuxArg;
73	pWInfo->savedNQueryLoop = pParse->nQueryLoop;
74	-#ifndef SQLITE_OMIT_VIRTUALTABLE
75	- pWInfo->pLimit = pLimit;
76	-#endif
77	+ pWInfo->pSelect = pSelect;
78	memset(&pWInfo->nOBSat, 0,
79	offsetof(WhereInfo,sWC) - offsetof(WhereInfo,nOBSat));
80	memset(&pWInfo->a[0], 0, sizeof(WhereLoop)+nTabList*sizeof(WhereLevel));
81	@@ -157575,7 +157571,9 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
82
83	/* Analyze all of the subexpressions. */
84	sqlite3WhereExprAnalyze(pTabList, &pWInfo->sWC);
85	- sqlite3WhereAddLimit(&pWInfo->sWC, pLimit);
86	+ if( pSelect && pSelect->pLimit ){
87	+ sqlite3WhereAddLimit(&pWInfo->sWC, pSelect);
88	+ }
89	if( db->mallocFailed ) goto whereBeginError;
90
91	/* Special case: WHERE terms that do not refer to any tables in the join


diff --git a/meta/recipes-support/sqlite/files/CVE-2025-7458.patch b/meta/recipes-support/sqlite/files/CVE-2025-7458.patch deleted file mode 100644 index 6b041d9332..0000000000 --- a/meta/recipes-support/sqlite/files/CVE-2025-7458.patch +++ /dev/null
@@ -1,32 +0,0 @@
1	From b816ca9994e03a8bc829b49452b8158a731e81a9 Mon Sep 17 00:00:00 2001
2	From: drh <>
3	Date: Thu, 16 Mar 2023 20:54:29 +0000
4	Subject: [PATCH] Correctly handle SELECT DISTINCT ... ORDER BY when all of the
5	result set terms are constant and there are more result set terms than ORDER
6	BY terms. Fix for these tickets: [c36cdb4afd504dc1], [4051a7f931d9ba24],
7	[d6fd512f50513ab7].
8
9	FossilOrigin-Name: 12ad822d9b827777526ca5ed5bf3e678d600294fc9b5c25482dfff2a021328a4
10
11	CVE: CVE-2025-7458
12	Upstream-Status: Backport [github.com/sqlite/sqlite/commit/b816ca9994e03a8bc829b49452b8158a731e81a9]
13	Signed-off-by: Peter Marko <peter.marko@siemens.com>
14	---
15	sqlite3.c \| 4 ++++
16	1 file changed, 4 insertions(+)
17
18	diff --git a/sqlite3.c b/sqlite3.c
19	index 19d0438..6d92184 100644
20	--- a/sqlite3.c
21	+++ b/sqlite3.c
22	@@ -156989,6 +156989,10 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
23	if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
24	pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
25	}
26	+ if( pWInfo->pSelect->pOrderBy
27	+ && pWInfo->nOBSat > pWInfo->pSelect->pOrderBy->nExpr ){
28	+ pWInfo->nOBSat = pWInfo->pSelect->pOrderBy->nExpr;
29	+ }
30	}else{
31	pWInfo->nOBSat = pFrom->isOrdered;
32	pWInfo->revMask = pFrom->revLoop;


diff --git a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb index 280342204a..acdd80022e 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.38.5.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.38.5.bb
@@ -10,8 +10,6 @@ SRC_URI = "http://www.sqlite.org/2022/sqlite-autoconf-${SQLITE_PV}.tar.gz \
10	file://CVE-2023-7104.patch \	10	file://CVE-2023-7104.patch \
11	file://CVE-2025-29088.patch \	11	file://CVE-2025-29088.patch \
12	file://CVE-2025-6965.patch \	12	file://CVE-2025-6965.patch \
13	file://0001-This-branch-attempts-to-improve-the-detection-of-cov.patch \
14	file://CVE-2025-7458.patch \
15	"	13	"
16	SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"	14	SRC_URI[sha256sum] = "5af07de982ba658fd91a03170c945f99c971f6955bc79df3266544373e39869c"
17		15