diff options
Diffstat (limited to 'main/libxml2')
-rw-r--r-- | main/libxml2/APKBUILD | 14 | ||||
-rw-r--r-- | main/libxml2/cve-2012-0841.patch | 291 | ||||
-rw-r--r-- | main/libxml2/largefile64.patch | 12 | ||||
-rw-r--r-- | main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch | 101 |
4 files changed, 4 insertions, 414 deletions
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD index b3160ee179..df42cfb7ad 100644 --- a/main/libxml2/APKBUILD +++ b/main/libxml2/APKBUILD @@ -1,8 +1,8 @@ # Contributor: Carlo Landmeter <clandmeter@gmail.com> # Maintainer: Carlo Landmeter <clandmeter@gmail.com> pkgname=libxml2 -pkgver=2.7.8 -pkgrel=8 +pkgver=2.8.0 +pkgrel=0 pkgdesc="XML parsing library, version 2" url="http://www.xmlsoft.org/" arch="all" @@ -11,10 +11,7 @@ depends= depends_dev="zlib-dev python-dev" makedepends="zlib-dev python-dev" subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils" -source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz - largefile64.patch - libxml2-2.7.8-CVE-2011-1944.patch - cve-2012-0841.patch" +source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz" options="!strip" @@ -61,7 +58,4 @@ utils() { mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ } -md5sums="8127a65e8c3b08856093099b52599c86 libxml2-2.7.8.tar.gz -5ad4915665608ebfa5b89f7908467a72 largefile64.patch -49cba5245dfa6f2ec710324df947fff9 libxml2-2.7.8-CVE-2011-1944.patch -045c7f25e46de3127a6061e273de3f7b cve-2012-0841.patch" +md5sums="c62106f02ee00b6437f0fb9d370c1093 libxml2-2.8.0.tar.gz" diff --git a/main/libxml2/cve-2012-0841.patch b/main/libxml2/cve-2012-0841.patch deleted file mode 100644 index 9b6f440d18..0000000000 --- a/main/libxml2/cve-2012-0841.patch +++ /dev/null @@ -1,291 +0,0 @@ -From 8973d58b7498fa5100a876815476b81fd1a2412a Mon Sep 17 00:00:00 2001 -From: Daniel Veillard <veillard@redhat.com> -Date: Sat, 04 Feb 2012 11:07:44 +0000 -Subject: Add hash randomization to hash and dict structures - -Following http://www.ocert.org/advisories/ocert-2011-003.html -it seems that having hash randomization might be a good idea -when using XML with untrusted data -* configure.in: lookup for rand, srand and time -* dict.c: add randomization to dictionaries hash tables -* hash.c: add randomization to normal hash tables ---- -diff --git a/configure.in b/configure.in -index fa80375..828b66a 100644 ---- a/configure.in -+++ b/configure.in -@@ -512,6 +512,7 @@ AC_CHECK_FUNCS(strdup strndup strerror) - AC_CHECK_FUNCS(finite isnand fp_class class fpclass) - AC_CHECK_FUNCS(strftime localtime gettimeofday ftime) - AC_CHECK_FUNCS(stat _stat signal) -+AC_CHECK_FUNCS(rand srand time) - - dnl Checking the standard string functions availability - AC_CHECK_FUNCS(printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf,, -diff --git a/dict.c b/dict.c -index 3eff231..ae4966b 100644 ---- a/dict.c -+++ b/dict.c -@@ -2,7 +2,7 @@ - * dict.c: dictionary of reusable strings, just used to avoid allocation - * and freeing operations. - * -- * Copyright (C) 2003 Daniel Veillard. -+ * Copyright (C) 2003-2012 Daniel Veillard. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above -@@ -19,6 +19,28 @@ - #define IN_LIBXML - #include "libxml.h" - -+#ifdef HAVE_STDLIB_H -+#include <stdlib.h> -+#endif -+#ifdef HAVE_TIME_H -+#include <time.h> -+#endif -+ -+/* -+ * Following http://www.ocert.org/advisories/ocert-2011-003.html -+ * it seems that having hash randomization might be a good idea -+ * when using XML with untrusted data -+ * Note1: that it works correctly only if compiled with WITH_BIG_KEY -+ * which is the default. -+ * Note2: the fast function used for a small dict won't protect very -+ * well but since the attack is based on growing a very big hash -+ * list we will use the BigKey algo as soon as the hash size grows -+ * over MIN_DICT_SIZE so this actually works -+ */ -+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) -+#define DICT_RANDOMIZATION -+#endif -+ - #include <string.h> - #ifdef HAVE_STDINT_H - #include <stdint.h> -@@ -44,23 +66,23 @@ typedef unsigned __int32 uint32_t; - #define WITH_BIG_KEY - - #ifdef WITH_BIG_KEY --#define xmlDictComputeKey(dict, name, len) \ -- (((dict)->size == MIN_DICT_SIZE) ? \ -- xmlDictComputeFastKey(name, len) : \ -- xmlDictComputeBigKey(name, len)) -- --#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ -- (((prefix) == NULL) ? \ -- (xmlDictComputeKey(dict, name, len)) : \ -- (((dict)->size == MIN_DICT_SIZE) ? \ -- xmlDictComputeFastQKey(prefix, plen, name, len) : \ -- xmlDictComputeBigQKey(prefix, plen, name, len))) -+#define xmlDictComputeKey(dict, name, len) \ -+ (((dict)->size == MIN_DICT_SIZE) ? \ -+ xmlDictComputeFastKey(name, len, (dict)->seed) : \ -+ xmlDictComputeBigKey(name, len, (dict)->seed)) -+ -+#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ -+ (((prefix) == NULL) ? \ -+ (xmlDictComputeKey(dict, name, len)) : \ -+ (((dict)->size == MIN_DICT_SIZE) ? \ -+ xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) : \ -+ xmlDictComputeBigQKey(prefix, plen, name, len, (dict)->seed))) - - #else /* !WITH_BIG_KEY */ --#define xmlDictComputeKey(dict, name, len) \ -- xmlDictComputeFastKey(name, len) --#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ -- xmlDictComputeFastQKey(prefix, plen, name, len) -+#define xmlDictComputeKey(dict, name, len) \ -+ xmlDictComputeFastKey(name, len, (dict)->seed) -+#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ -+ xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) - #endif /* WITH_BIG_KEY */ - - /* -@@ -98,6 +120,8 @@ struct _xmlDict { - xmlDictStringsPtr strings; - - struct _xmlDict *subdict; -+ /* used for randomization */ -+ int seed; - }; - - /* -@@ -125,6 +149,9 @@ static int xmlInitializeDict(void) { - if ((xmlDictMutex = xmlNewRMutex()) == NULL) - return(0); - -+#ifdef DICT_RANDOMIZATION -+ srand(time(NULL)); -+#endif - xmlDictInitialized = 1; - return(1); - } -@@ -277,13 +304,13 @@ found_pool: - */ - - static uint32_t --xmlDictComputeBigKey(const xmlChar* data, int namelen) { -+xmlDictComputeBigKey(const xmlChar* data, int namelen, int seed) { - uint32_t hash; - int i; - - if (namelen <= 0 || data == NULL) return(0); - -- hash = 0; -+ hash = seed; - - for (i = 0;i < namelen; i++) { - hash += data[i]; -@@ -310,12 +337,12 @@ xmlDictComputeBigKey(const xmlChar* data, int namelen) { - */ - static unsigned long - xmlDictComputeBigQKey(const xmlChar *prefix, int plen, -- const xmlChar *name, int len) -+ const xmlChar *name, int len, int seed) - { - uint32_t hash; - int i; - -- hash = 0; -+ hash = seed; - - for (i = 0;i < plen; i++) { - hash += prefix[i]; -@@ -346,8 +373,8 @@ xmlDictComputeBigQKey(const xmlChar *prefix, int plen, - * for low hash table fill. - */ - static unsigned long --xmlDictComputeFastKey(const xmlChar *name, int namelen) { -- unsigned long value = 0L; -+xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) { -+ unsigned long value = seed; - - if (name == NULL) return(0); - value = *name; -@@ -381,9 +408,9 @@ xmlDictComputeFastKey(const xmlChar *name, int namelen) { - */ - static unsigned long - xmlDictComputeFastQKey(const xmlChar *prefix, int plen, -- const xmlChar *name, int len) -+ const xmlChar *name, int len, int seed) - { -- unsigned long value = 0L; -+ unsigned long value = (unsigned long) seed; - - if (plen == 0) - value += 30 * (unsigned long) ':'; -@@ -460,6 +487,11 @@ xmlDictCreate(void) { - dict->subdict = NULL; - if (dict->dict) { - memset(dict->dict, 0, MIN_DICT_SIZE * sizeof(xmlDictEntry)); -+#ifdef DICT_RANDOMIZATION -+ dict->seed = rand(); -+#else -+ dict->seed = 0; -+#endif - return(dict); - } - xmlFree(dict); -@@ -486,6 +518,7 @@ xmlDictCreateSub(xmlDictPtr sub) { - #ifdef DICT_DEBUG_PATTERNS - fprintf(stderr, "R"); - #endif -+ dict->seed = sub->seed; - dict->subdict = sub; - xmlDictReference(dict->subdict); - } -diff --git a/hash.c b/hash.c -index b78bc2d..fe1424f 100644 ---- a/hash.c -+++ b/hash.c -@@ -3,7 +3,7 @@ - * - * Reference: Your favorite introductory book on algorithms - * -- * Copyright (C) 2000 Bjorn Reese and Daniel Veillard. -+ * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard. - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above -@@ -21,6 +21,22 @@ - #include "libxml.h" - - #include <string.h> -+#ifdef HAVE_STDLIB_H -+#include <stdlib.h> -+#endif -+#ifdef HAVE_TIME_H -+#include <time.h> -+#endif -+ -+/* -+ * Following http://www.ocert.org/advisories/ocert-2011-003.html -+ * it seems that having hash randomization might be a good idea -+ * when using XML with untrusted data -+ */ -+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) -+#define HASH_RANDOMIZATION -+#endif -+ - #include <libxml/parser.h> - #include <libxml/hash.h> - #include <libxml/xmlmemory.h> -@@ -31,6 +47,10 @@ - - /* #define DEBUG_GROW */ - -+#ifdef HASH_RANDOMIZATION -+static int hash_initialized = 0; -+#endif -+ - /* - * A single entry in the hash table - */ -@@ -53,6 +73,9 @@ struct _xmlHashTable { - int size; - int nbElems; - xmlDictPtr dict; -+#ifdef HASH_RANDOMIZATION -+ int random_seed; -+#endif - }; - - /* -@@ -65,6 +88,9 @@ xmlHashComputeKey(xmlHashTablePtr table, const xmlChar *name, - unsigned long value = 0L; - char ch; - -+#ifdef HASH_RANDOMIZATION -+ value = table->random_seed; -+#endif - if (name != NULL) { - value += 30 * (*name); - while ((ch = *name++) != 0) { -@@ -92,6 +118,9 @@ xmlHashComputeQKey(xmlHashTablePtr table, - unsigned long value = 0L; - char ch; - -+#ifdef HASH_RANDOMIZATION -+ value = table->random_seed; -+#endif - if (prefix != NULL) - value += 30 * (*prefix); - else -@@ -156,6 +185,13 @@ xmlHashCreate(int size) { - table->table = xmlMalloc(size * sizeof(xmlHashEntry)); - if (table->table) { - memset(table->table, 0, size * sizeof(xmlHashEntry)); -+#ifdef HASH_RANDOMIZATION -+ if (!hash_initialized) { -+ srand(time(NULL)); -+ hash_initialized = 1; -+ } -+ table->random_seed = rand(); -+#endif - return(table); - } - xmlFree(table); --- -cgit v0.9.0.2 diff --git a/main/libxml2/largefile64.patch b/main/libxml2/largefile64.patch deleted file mode 100644 index 29be82760f..0000000000 --- a/main/libxml2/largefile64.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- libxml2-2.6.32.dfsg.orig/libxml.h -+++ libxml2-2.6.32.dfsg/libxml.h -@@ -13,6 +13,9 @@ - #ifndef _LARGEFILE_SOURCE - #define _LARGEFILE_SOURCE - #endif -+#ifndef _LARGEFILE64_SOURCE -+#define _LARGEFILE64_SOURCE -+#endif - #ifndef _FILE_OFFSET_BITS - #define _FILE_OFFSET_BITS 64 - #endif diff --git a/main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch b/main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch deleted file mode 100644 index 8fa7c8b9cc..0000000000 --- a/main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch +++ /dev/null @@ -1,101 +0,0 @@ -From d7958b21e7f8c447a26bb2436f08402b2c308be4 Mon Sep 17 00:00:00 2001 -From: Chris Evans <scarybeasts@gmail.com> -Date: Wed, 23 Mar 2011 00:13:06 +0000 -Subject: Fix some potential problems on reallocation failures - -The count was incremented before the allocation -and not fixed in case of failure -* xpath.c: corrects a few instances where the available count of some - structure is updated before we know the allocation actually - succeeds ---- -diff --git a/xpath.c b/xpath.c -index 8b56189..608fe00 100644 ---- a/xpath.c -+++ b/xpath.c -@@ -3522,13 +3522,13 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur, xmlNodePtr node, xmlNsPtr ns) { - } else if (cur->nodeNr == cur->nodeMax) { - xmlNodePtr *temp; - -- cur->nodeMax *= 2; -- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * -+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * - sizeof(xmlNodePtr)); - if (temp == NULL) { - xmlXPathErrMemory(NULL, "growing nodeset\n"); - return; - } -+ cur->nodeMax *= 2; - cur->nodeTab = temp; - } - cur->nodeTab[cur->nodeNr++] = xmlXPathNodeSetDupNs(node, ns); -@@ -3627,14 +3627,14 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr cur, xmlNodePtr val) { - } else if (cur->nodeNr == cur->nodeMax) { - xmlNodePtr *temp; - -- cur->nodeMax *= 2; -- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * -+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * - sizeof(xmlNodePtr)); - if (temp == NULL) { - xmlXPathErrMemory(NULL, "growing nodeset\n"); - return; - } - cur->nodeTab = temp; -+ cur->nodeMax *= 2; - } - if (val->type == XML_NAMESPACE_DECL) { - xmlNsPtr ns = (xmlNsPtr) val; -@@ -3738,14 +3738,14 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1, xmlNodeSetPtr val2) { - } else if (val1->nodeNr == val1->nodeMax) { - xmlNodePtr *temp; - -- val1->nodeMax *= 2; -- temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * -+ temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 2 * - sizeof(xmlNodePtr)); - if (temp == NULL) { - xmlXPathErrMemory(NULL, "merging nodeset\n"); - return(NULL); - } - val1->nodeTab = temp; -+ val1->nodeMax *= 2; - } - if (n2->type == XML_NAMESPACE_DECL) { - xmlNsPtr ns = (xmlNsPtr) n2; -@@ -3907,14 +3907,14 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetPtr set1, xmlNodeSetPtr set2, - } else if (set1->nodeNr >= set1->nodeMax) { - xmlNodePtr *temp; - -- set1->nodeMax *= 2; - temp = (xmlNodePtr *) xmlRealloc( -- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr)); -+ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); - if (temp == NULL) { - xmlXPathErrMemory(NULL, "merging nodeset\n"); - return(NULL); - } - set1->nodeTab = temp; -+ set1->nodeMax *= 2; - } - if (n2->type == XML_NAMESPACE_DECL) { - xmlNsPtr ns = (xmlNsPtr) n2; -@@ -3991,14 +3991,14 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlNodeSetPtr set1, xmlNodeSetPtr set2, - } else if (set1->nodeNr >= set1->nodeMax) { - xmlNodePtr *temp; - -- set1->nodeMax *= 2; - temp = (xmlNodePtr *) xmlRealloc( -- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr)); -+ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); - if (temp == NULL) { - xmlXPathErrMemory(NULL, "merging nodeset\n"); - return(NULL); - } - set1->nodeTab = temp; -+ set1->nodeMax *= 2; - } - set1->nodeTab[set1->nodeNr++] = n2; - } --- -cgit v0.9.0.2 |