aboutsummaryrefslogtreecommitdiffstats
path: root/main/libxml2
diff options
context:
space:
mode:
Diffstat (limited to 'main/libxml2')
-rw-r--r--main/libxml2/APKBUILD14
-rw-r--r--main/libxml2/cve-2012-0841.patch291
-rw-r--r--main/libxml2/largefile64.patch12
-rw-r--r--main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch101
4 files changed, 4 insertions, 414 deletions
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD
index b3160ee179..df42cfb7ad 100644
--- a/main/libxml2/APKBUILD
+++ b/main/libxml2/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=libxml2
-pkgver=2.7.8
-pkgrel=8
+pkgver=2.8.0
+pkgrel=0
pkgdesc="XML parsing library, version 2"
url="http://www.xmlsoft.org/"
arch="all"
@@ -11,10 +11,7 @@ depends=
depends_dev="zlib-dev python-dev"
makedepends="zlib-dev python-dev"
subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils"
-source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz
- largefile64.patch
- libxml2-2.7.8-CVE-2011-1944.patch
- cve-2012-0841.patch"
+source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz"
options="!strip"
@@ -61,7 +58,4 @@ utils() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-md5sums="8127a65e8c3b08856093099b52599c86 libxml2-2.7.8.tar.gz
-5ad4915665608ebfa5b89f7908467a72 largefile64.patch
-49cba5245dfa6f2ec710324df947fff9 libxml2-2.7.8-CVE-2011-1944.patch
-045c7f25e46de3127a6061e273de3f7b cve-2012-0841.patch"
+md5sums="c62106f02ee00b6437f0fb9d370c1093 libxml2-2.8.0.tar.gz"
diff --git a/main/libxml2/cve-2012-0841.patch b/main/libxml2/cve-2012-0841.patch
deleted file mode 100644
index 9b6f440d18..0000000000
--- a/main/libxml2/cve-2012-0841.patch
+++ /dev/null
@@ -1,291 +0,0 @@
-From 8973d58b7498fa5100a876815476b81fd1a2412a Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Sat, 04 Feb 2012 11:07:44 +0000
-Subject: Add hash randomization to hash and dict structures
-
-Following http://www.ocert.org/advisories/ocert-2011-003.html
-it seems that having hash randomization might be a good idea
-when using XML with untrusted data
-* configure.in: lookup for rand, srand and time
-* dict.c: add randomization to dictionaries hash tables
-* hash.c: add randomization to normal hash tables
----
-diff --git a/configure.in b/configure.in
-index fa80375..828b66a 100644
---- a/configure.in
-+++ b/configure.in
-@@ -512,6 +512,7 @@ AC_CHECK_FUNCS(strdup strndup strerror)
- AC_CHECK_FUNCS(finite isnand fp_class class fpclass)
- AC_CHECK_FUNCS(strftime localtime gettimeofday ftime)
- AC_CHECK_FUNCS(stat _stat signal)
-+AC_CHECK_FUNCS(rand srand time)
-
- dnl Checking the standard string functions availability
- AC_CHECK_FUNCS(printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf,,
-diff --git a/dict.c b/dict.c
-index 3eff231..ae4966b 100644
---- a/dict.c
-+++ b/dict.c
-@@ -2,7 +2,7 @@
- * dict.c: dictionary of reusable strings, just used to avoid allocation
- * and freeing operations.
- *
-- * Copyright (C) 2003 Daniel Veillard.
-+ * Copyright (C) 2003-2012 Daniel Veillard.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
-@@ -19,6 +19,28 @@
- #define IN_LIBXML
- #include "libxml.h"
-
-+#ifdef HAVE_STDLIB_H
-+#include <stdlib.h>
-+#endif
-+#ifdef HAVE_TIME_H
-+#include <time.h>
-+#endif
-+
-+/*
-+ * Following http://www.ocert.org/advisories/ocert-2011-003.html
-+ * it seems that having hash randomization might be a good idea
-+ * when using XML with untrusted data
-+ * Note1: that it works correctly only if compiled with WITH_BIG_KEY
-+ * which is the default.
-+ * Note2: the fast function used for a small dict won't protect very
-+ * well but since the attack is based on growing a very big hash
-+ * list we will use the BigKey algo as soon as the hash size grows
-+ * over MIN_DICT_SIZE so this actually works
-+ */
-+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)
-+#define DICT_RANDOMIZATION
-+#endif
-+
- #include <string.h>
- #ifdef HAVE_STDINT_H
- #include <stdint.h>
-@@ -44,23 +66,23 @@ typedef unsigned __int32 uint32_t;
- #define WITH_BIG_KEY
-
- #ifdef WITH_BIG_KEY
--#define xmlDictComputeKey(dict, name, len) \
-- (((dict)->size == MIN_DICT_SIZE) ? \
-- xmlDictComputeFastKey(name, len) : \
-- xmlDictComputeBigKey(name, len))
--
--#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
-- (((prefix) == NULL) ? \
-- (xmlDictComputeKey(dict, name, len)) : \
-- (((dict)->size == MIN_DICT_SIZE) ? \
-- xmlDictComputeFastQKey(prefix, plen, name, len) : \
-- xmlDictComputeBigQKey(prefix, plen, name, len)))
-+#define xmlDictComputeKey(dict, name, len) \
-+ (((dict)->size == MIN_DICT_SIZE) ? \
-+ xmlDictComputeFastKey(name, len, (dict)->seed) : \
-+ xmlDictComputeBigKey(name, len, (dict)->seed))
-+
-+#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
-+ (((prefix) == NULL) ? \
-+ (xmlDictComputeKey(dict, name, len)) : \
-+ (((dict)->size == MIN_DICT_SIZE) ? \
-+ xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) : \
-+ xmlDictComputeBigQKey(prefix, plen, name, len, (dict)->seed)))
-
- #else /* !WITH_BIG_KEY */
--#define xmlDictComputeKey(dict, name, len) \
-- xmlDictComputeFastKey(name, len)
--#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
-- xmlDictComputeFastQKey(prefix, plen, name, len)
-+#define xmlDictComputeKey(dict, name, len) \
-+ xmlDictComputeFastKey(name, len, (dict)->seed)
-+#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
-+ xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed)
- #endif /* WITH_BIG_KEY */
-
- /*
-@@ -98,6 +120,8 @@ struct _xmlDict {
- xmlDictStringsPtr strings;
-
- struct _xmlDict *subdict;
-+ /* used for randomization */
-+ int seed;
- };
-
- /*
-@@ -125,6 +149,9 @@ static int xmlInitializeDict(void) {
- if ((xmlDictMutex = xmlNewRMutex()) == NULL)
- return(0);
-
-+#ifdef DICT_RANDOMIZATION
-+ srand(time(NULL));
-+#endif
- xmlDictInitialized = 1;
- return(1);
- }
-@@ -277,13 +304,13 @@ found_pool:
- */
-
- static uint32_t
--xmlDictComputeBigKey(const xmlChar* data, int namelen) {
-+xmlDictComputeBigKey(const xmlChar* data, int namelen, int seed) {
- uint32_t hash;
- int i;
-
- if (namelen <= 0 || data == NULL) return(0);
-
-- hash = 0;
-+ hash = seed;
-
- for (i = 0;i < namelen; i++) {
- hash += data[i];
-@@ -310,12 +337,12 @@ xmlDictComputeBigKey(const xmlChar* data, int namelen) {
- */
- static unsigned long
- xmlDictComputeBigQKey(const xmlChar *prefix, int plen,
-- const xmlChar *name, int len)
-+ const xmlChar *name, int len, int seed)
- {
- uint32_t hash;
- int i;
-
-- hash = 0;
-+ hash = seed;
-
- for (i = 0;i < plen; i++) {
- hash += prefix[i];
-@@ -346,8 +373,8 @@ xmlDictComputeBigQKey(const xmlChar *prefix, int plen,
- * for low hash table fill.
- */
- static unsigned long
--xmlDictComputeFastKey(const xmlChar *name, int namelen) {
-- unsigned long value = 0L;
-+xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) {
-+ unsigned long value = seed;
-
- if (name == NULL) return(0);
- value = *name;
-@@ -381,9 +408,9 @@ xmlDictComputeFastKey(const xmlChar *name, int namelen) {
- */
- static unsigned long
- xmlDictComputeFastQKey(const xmlChar *prefix, int plen,
-- const xmlChar *name, int len)
-+ const xmlChar *name, int len, int seed)
- {
-- unsigned long value = 0L;
-+ unsigned long value = (unsigned long) seed;
-
- if (plen == 0)
- value += 30 * (unsigned long) ':';
-@@ -460,6 +487,11 @@ xmlDictCreate(void) {
- dict->subdict = NULL;
- if (dict->dict) {
- memset(dict->dict, 0, MIN_DICT_SIZE * sizeof(xmlDictEntry));
-+#ifdef DICT_RANDOMIZATION
-+ dict->seed = rand();
-+#else
-+ dict->seed = 0;
-+#endif
- return(dict);
- }
- xmlFree(dict);
-@@ -486,6 +518,7 @@ xmlDictCreateSub(xmlDictPtr sub) {
- #ifdef DICT_DEBUG_PATTERNS
- fprintf(stderr, "R");
- #endif
-+ dict->seed = sub->seed;
- dict->subdict = sub;
- xmlDictReference(dict->subdict);
- }
-diff --git a/hash.c b/hash.c
-index b78bc2d..fe1424f 100644
---- a/hash.c
-+++ b/hash.c
-@@ -3,7 +3,7 @@
- *
- * Reference: Your favorite introductory book on algorithms
- *
-- * Copyright (C) 2000 Bjorn Reese and Daniel Veillard.
-+ * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard.
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
-@@ -21,6 +21,22 @@
- #include "libxml.h"
-
- #include <string.h>
-+#ifdef HAVE_STDLIB_H
-+#include <stdlib.h>
-+#endif
-+#ifdef HAVE_TIME_H
-+#include <time.h>
-+#endif
-+
-+/*
-+ * Following http://www.ocert.org/advisories/ocert-2011-003.html
-+ * it seems that having hash randomization might be a good idea
-+ * when using XML with untrusted data
-+ */
-+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)
-+#define HASH_RANDOMIZATION
-+#endif
-+
- #include <libxml/parser.h>
- #include <libxml/hash.h>
- #include <libxml/xmlmemory.h>
-@@ -31,6 +47,10 @@
-
- /* #define DEBUG_GROW */
-
-+#ifdef HASH_RANDOMIZATION
-+static int hash_initialized = 0;
-+#endif
-+
- /*
- * A single entry in the hash table
- */
-@@ -53,6 +73,9 @@ struct _xmlHashTable {
- int size;
- int nbElems;
- xmlDictPtr dict;
-+#ifdef HASH_RANDOMIZATION
-+ int random_seed;
-+#endif
- };
-
- /*
-@@ -65,6 +88,9 @@ xmlHashComputeKey(xmlHashTablePtr table, const xmlChar *name,
- unsigned long value = 0L;
- char ch;
-
-+#ifdef HASH_RANDOMIZATION
-+ value = table->random_seed;
-+#endif
- if (name != NULL) {
- value += 30 * (*name);
- while ((ch = *name++) != 0) {
-@@ -92,6 +118,9 @@ xmlHashComputeQKey(xmlHashTablePtr table,
- unsigned long value = 0L;
- char ch;
-
-+#ifdef HASH_RANDOMIZATION
-+ value = table->random_seed;
-+#endif
- if (prefix != NULL)
- value += 30 * (*prefix);
- else
-@@ -156,6 +185,13 @@ xmlHashCreate(int size) {
- table->table = xmlMalloc(size * sizeof(xmlHashEntry));
- if (table->table) {
- memset(table->table, 0, size * sizeof(xmlHashEntry));
-+#ifdef HASH_RANDOMIZATION
-+ if (!hash_initialized) {
-+ srand(time(NULL));
-+ hash_initialized = 1;
-+ }
-+ table->random_seed = rand();
-+#endif
- return(table);
- }
- xmlFree(table);
---
-cgit v0.9.0.2
diff --git a/main/libxml2/largefile64.patch b/main/libxml2/largefile64.patch
deleted file mode 100644
index 29be82760f..0000000000
--- a/main/libxml2/largefile64.patch
+++ /dev/null
@@ -1,12 +0,0 @@
---- libxml2-2.6.32.dfsg.orig/libxml.h
-+++ libxml2-2.6.32.dfsg/libxml.h
-@@ -13,6 +13,9 @@
- #ifndef _LARGEFILE_SOURCE
- #define _LARGEFILE_SOURCE
- #endif
-+#ifndef _LARGEFILE64_SOURCE
-+#define _LARGEFILE64_SOURCE
-+#endif
- #ifndef _FILE_OFFSET_BITS
- #define _FILE_OFFSET_BITS 64
- #endif
diff --git a/main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch b/main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch
deleted file mode 100644
index 8fa7c8b9cc..0000000000
--- a/main/libxml2/libxml2-2.7.8-CVE-2011-1944.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From d7958b21e7f8c447a26bb2436f08402b2c308be4 Mon Sep 17 00:00:00 2001
-From: Chris Evans <scarybeasts@gmail.com>
-Date: Wed, 23 Mar 2011 00:13:06 +0000
-Subject: Fix some potential problems on reallocation failures
-
-The count was incremented before the allocation
-and not fixed in case of failure
-* xpath.c: corrects a few instances where the available count of some
- structure is updated before we know the allocation actually
- succeeds
----
-diff --git a/xpath.c b/xpath.c
-index 8b56189..608fe00 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -3522,13 +3522,13 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur, xmlNodePtr node, xmlNsPtr ns) {
- } else if (cur->nodeNr == cur->nodeMax) {
- xmlNodePtr *temp;
-
-- cur->nodeMax *= 2;
-- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax *
-+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 *
- sizeof(xmlNodePtr));
- if (temp == NULL) {
- xmlXPathErrMemory(NULL, "growing nodeset\n");
- return;
- }
-+ cur->nodeMax *= 2;
- cur->nodeTab = temp;
- }
- cur->nodeTab[cur->nodeNr++] = xmlXPathNodeSetDupNs(node, ns);
-@@ -3627,14 +3627,14 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr cur, xmlNodePtr val) {
- } else if (cur->nodeNr == cur->nodeMax) {
- xmlNodePtr *temp;
-
-- cur->nodeMax *= 2;
-- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax *
-+ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 *
- sizeof(xmlNodePtr));
- if (temp == NULL) {
- xmlXPathErrMemory(NULL, "growing nodeset\n");
- return;
- }
- cur->nodeTab = temp;
-+ cur->nodeMax *= 2;
- }
- if (val->type == XML_NAMESPACE_DECL) {
- xmlNsPtr ns = (xmlNsPtr) val;
-@@ -3738,14 +3738,14 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1, xmlNodeSetPtr val2) {
- } else if (val1->nodeNr == val1->nodeMax) {
- xmlNodePtr *temp;
-
-- val1->nodeMax *= 2;
-- temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax *
-+ temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 2 *
- sizeof(xmlNodePtr));
- if (temp == NULL) {
- xmlXPathErrMemory(NULL, "merging nodeset\n");
- return(NULL);
- }
- val1->nodeTab = temp;
-+ val1->nodeMax *= 2;
- }
- if (n2->type == XML_NAMESPACE_DECL) {
- xmlNsPtr ns = (xmlNsPtr) n2;
-@@ -3907,14 +3907,14 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetPtr set1, xmlNodeSetPtr set2,
- } else if (set1->nodeNr >= set1->nodeMax) {
- xmlNodePtr *temp;
-
-- set1->nodeMax *= 2;
- temp = (xmlNodePtr *) xmlRealloc(
-- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr));
-+ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr));
- if (temp == NULL) {
- xmlXPathErrMemory(NULL, "merging nodeset\n");
- return(NULL);
- }
- set1->nodeTab = temp;
-+ set1->nodeMax *= 2;
- }
- if (n2->type == XML_NAMESPACE_DECL) {
- xmlNsPtr ns = (xmlNsPtr) n2;
-@@ -3991,14 +3991,14 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlNodeSetPtr set1, xmlNodeSetPtr set2,
- } else if (set1->nodeNr >= set1->nodeMax) {
- xmlNodePtr *temp;
-
-- set1->nodeMax *= 2;
- temp = (xmlNodePtr *) xmlRealloc(
-- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr));
-+ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr));
- if (temp == NULL) {
- xmlXPathErrMemory(NULL, "merging nodeset\n");
- return(NULL);
- }
- set1->nodeTab = temp;
-+ set1->nodeMax *= 2;
- }
- set1->nodeTab[set1->nodeNr++] = n2;
- }
---
-cgit v0.9.0.2