Open
Description
Recently I have been studying OSS vulnerabilities and their existence in downstream projects. While reviewing CVEs in sqlite3, I noticed that comdb2 integrates sqlite in source form, and the sources lacked constant merging of upstream security patches.
** Scanned unfixed vulnerabilities **
Here is a list of vulnerabilities found with our tool and rules. Each item denotes the missing patch (upstream git commit fixing the defect) and the code context (function and location) in comdb2.
ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd/sqlite3Pragma-autogen.bqrs
| func | col1 | col2 |
+---------------+---------------------------------------------------------------------------+---------------------------+
| sqlite3Pragma | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/pragma.c | function startline is 329 |
a6c1a71cde082e09750465d5675699062922e387/selectExpander-autogen.bqrs
| func | col1 | col2 |
+----------------+---------------------------------------------------------------------------+----------------------------+
| selectExpander | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/select.c | function startline is 4956 |
8428b3b437569338a9d1e10c4cd8154acbe33089/multiSelect-autogen.bqrs
| func | col1 | col2 |
+-------------+---------------------------------------------------------------------------+----------------------------+
| multiSelect | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/select.c | function startline is 2591 |
926f796e8feec15f3836aa0a060ed906f8ae04d3/sqlite3CreateColumnExpr-autogen.bqrs
| func | col1 | col2 |
+-------------------------+----------------------------------------------------------------------------+---------------------------+
| sqlite3CreateColumnExpr | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/resolve.c | function startline is 618 |
0934d640456bb168a8888ae388643c5160afe501/sqlite3ExprCodeTarget-autogen.bqrs
| func | col1 | col2 |
+-----------------------+-------------------------------------------------------------------------+----------------------------+
| sqlite3ExprCodeTarget | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/expr.c | function startline is 3557 |
38096961c7cd109110ac21d3ed7dad7e0cb0ae06/sqlite3CreateView-autogen.bqrs
| func | col1 | col2 |
+-------------------+--------------------------------------------------------------------------+----------------------------+
| sqlite3CreateView | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/build.c | function startline is 2737 |
e59c562b3f6894f84c715772c4b116d7b5c01348/sqlite3Select-autogen.bqrs
| func | col1 | col2 |
+---------------+---------------------------------------------------------------------------+----------------------------+
| sqlite3Select | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/select.c | function startline is 5752 |
522ebfa7cee96fb325a22ea3a2464a63485886a8/lookupName-autogen.bqrs
| func | col1 | col2 |
+------------+----------------------------------------------------------------------------+---------------------------+
| lookupName | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/resolve.c | function startline is 185 |
1e9c47be1e81e94a67f788c98fd70e8bf70e3746/sqlite3EndTable-autogen.bqrs
| func | col1 | col2 |
+-----------------+--------------------------------------------------------------------------+----------------------------+
| sqlite3EndTable | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/build.c | function startline is 2428 |
396afe6f6aa90a31303c183e11b2b2d4b7956b35/flattenSubquery-autogen.bqrs
| func | col1 | col2 |
+-----------------+---------------------------------------------------------------------------+----------------------------+
| flattenSubquery | function relativepath is /opt/exp/sqlite-forks/comdb2/sqlite/src/select.c | function startline is 3754 |
** Notice **
I'm not quite familiar with comdb2 and its way using sqlite. It remains to be judged whether and how these vulnerabilities of sqlite module are exploitable.
Metadata
Metadata
Assignees
Labels
No labels