--- /dev/null
+From dd6c33d372f3b83f4fe57904c2bd5ebba5c38018 Mon Sep 17 00:00:00 2001
+From: drh <drh@noemail.net>
+Date: Sat, 23 May 2020 19:58:07 +0000
+Subject: [PATCH] Limit the "precision" of floating-point to text conversions
+ in the printf() function to 100,000,000. Fix for ticket [23439ea582241138].
+
+FossilOrigin-Name: d08d3405878d394e08e5d3af281246edfbd81ca74cc8d16458808591512fb93d
+
+Upstream-Status: Backport
+CVE: CVE-2020-13434
+
+Reference to upstream patch:
+https://github.com/sqlite/sqlite/commit/dd6c33d372f3b83f4fe57904c2bd5ebba5c38018
+
+Patch converted to amalgamation format
+
+Signed-off-by: Steve Sakoman <steve@sakoman.com>
+---
+diff --git a/sqlite3.c b/sqlite3.c
+index 55dc686..5ff2c14 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -28147,6 +28147,13 @@ static char *printfTempBuf(sqlite3_str *pAccum, sqlite3_int64 n){
+ #endif
+ #define etBUFSIZE SQLITE_PRINT_BUF_SIZE /* Size of the output buffer */
+
++/*
++** Hard limit on the precision of floating-point conversions.
++*/
++#ifndef SQLITE_PRINTF_PRECISION_LIMIT
++# define SQLITE_FP_PRECISION_LIMIT 100000000
++#endif
++
+ /*
+ ** Render a string given by "fmt" into the StrAccum object.
+ */
+@@ -28468,6 +28475,11 @@ SQLITE_API void sqlite3_str_vappendf(
+ length = 0;
+ #else
+ if( precision<0 ) precision = 6; /* Set default precision */
++#ifdef SQLITE_FP_PRECISION_LIMIT
++ if( precision>SQLITE_FP_PRECISION_LIMIT ){
++ precision = SQLITE_FP_PRECISION_LIMIT;
++ }
++#endif
+ if( realvalue<0.0 ){
+ realvalue = -realvalue;
+ prefix = '-';
file://CVE-2020-11656.patch \
file://CVE-2020-11655.patch \
file://CVE-2020-15358.patch \
+ file://CVE-2020-13434.patch \
"
SRC_URI[md5sum] = "2d0a553534c521504e3ac3ad3b90f125"
SRC_URI[sha256sum] = "62284efebc05a76f909c580ffa5c008a7d22a1287285d68b7825a2b6b51949ae"
