summaryrefslogtreecommitdiff
path: root/debian/patches
diff options
context:
space:
mode:
authorAron Xu <aron@debian.org>2015-09-21 22:55:14 +0800
committerAron Xu <aron@debian.org>2015-09-21 22:55:14 +0800
commitd5d6ab20a82566c3b9e20a626df186fe4e670c70 (patch)
tree1e38fd2ee69a0e0e33a0ed8d6a7bb89aa084fd51 /debian/patches
parentd548c999ade382febb424b26743b3c4d63159ae0 (diff)
downloadlibxml2-d5d6ab20a82566c3b9e20a626df186fe4e670c70.tar.gz
Revert "Revert "Remove no-longer-needed upstream patches""
This reverts commit 3b14c3fd6410716d407178e48972b1c1bea48c29.
Diffstat (limited to 'debian/patches')
-rw-r--r--debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch27
-rw-r--r--debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch21
-rw-r--r--debian/patches/0005-xmllint-memory-should-fail-on-empty-files.patch27
-rw-r--r--debian/patches/0006-properly-quote-the-namespace-uris-written-out-during.patch32
-rw-r--r--debian/patches/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch57
-rw-r--r--debian/patches/0008-missing-else-in-xlink.c.patch22
-rw-r--r--debian/patches/0009-Catch-malloc-error-and-exit-accordingly.patch24
-rw-r--r--debian/patches/0010-Fix-handling-of-mmap-errors.patch51
-rw-r--r--debian/patches/0011-Avoid-crash-if-allocation-fails.patch25
-rw-r--r--debian/patches/0012-Fix-a-possible-NULL-dereference.patch30
-rw-r--r--debian/patches/0013-Clear-up-a-potential-NULL-dereference.patch26
-rw-r--r--debian/patches/0014-Fix-XPath-optimization-with-predicates.patch27
-rw-r--r--debian/patches/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch34
-rw-r--r--debian/patches/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch45
-rw-r--r--debian/patches/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch26
-rw-r--r--debian/patches/0018-Fix-pointer-dereferenced-before-null-check.patch25
-rw-r--r--debian/patches/0019-Fix-a-bug-loading-some-compressed-files.patch69
-rw-r--r--debian/patches/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch57
-rw-r--r--debian/patches/0021-Fix-a-couple-of-missing-NULL-checks.patch29
-rw-r--r--debian/patches/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch148
-rw-r--r--debian/patches/0023-Handling-of-XPath-function-arguments-in-error-case.patch41
-rw-r--r--debian/patches/0024-Missing-initialization-for-the-catalog-module.patch22
-rw-r--r--debian/patches/0025-Fix-an-fd-leak-in-an-error-case.patch24
-rw-r--r--debian/patches/0026-fixing-a-ptotential-uninitialized-access.patch21
-rw-r--r--debian/patches/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch29
-rw-r--r--debian/patches/0028-Avoid-a-possible-NULL-pointer-dereference.patch22
-rw-r--r--debian/patches/0029-Do-not-fetch-external-parameter-entities.patch35
-rw-r--r--debian/patches/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch32
-rw-r--r--debian/patches/0031-xmllint-was-not-parsing-the-c14n11-flag.patch22
-rw-r--r--debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch58
-rw-r--r--debian/patches/series31
31 files changed, 1 insertions, 1138 deletions
diff --git a/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch b/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch
deleted file mode 100644
index 03bf447..0000000
--- a/debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Alexander Pastukhov <pastuchov@yandex.ru>
-Date: Tue, 23 Apr 2013 05:02:11 +0000
-Subject: Fix an error in xmlCleanupParser
-
-https://bugzilla.gnome.org/show_bug.cgi?id=698582
-
-xmlCleanupParser calls xmlCleanupGlobals() and then
-xmlResetLastError() but the later reallocate the global
-data freed by previous call. Just swap the two calls.
----
- parser.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/parser.c b/parser.c
-index ee429f3..b9df6d8 100644
---- a/parser.c
-+++ b/parser.c
-@@ -14763,8 +14763,8 @@ xmlCleanupParser(void) {
- xmlSchemaCleanupTypes();
- xmlRelaxNGCleanupTypes();
- #endif
-- xmlCleanupGlobals();
- xmlResetLastError();
-+ xmlCleanupGlobals();
- xmlCleanupThreads(); /* must be last if called not from the main thread */
- xmlCleanupMemory();
- xmlParserInitialized = 0;
diff --git a/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch b/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch
deleted file mode 100644
index cff8b72..0000000
--- a/debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From: dcb <dcb314@hotmail.com>
-Date: Thu, 2 May 2013 08:11:46 +0000
-Subject: Fix missing break on last() function for attributes
-
-pointed out by cppcheck
----
- python/libxml.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/python/libxml.c b/python/libxml.c
-index 03cfb9f..3338b83 100644
---- a/python/libxml.c
-+++ b/python/libxml.c
-@@ -2683,6 +2683,7 @@ libxml_last(ATTRIBUTE_UNUSED PyObject * self, PyObject * args)
- xmlAttrPtr attr = (xmlAttrPtr) cur;
-
- res = attr->last;
-+ break;
- }
- default:
- res = NULL;
diff --git a/debian/patches/0005-xmllint-memory-should-fail-on-empty-files.patch b/debian/patches/0005-xmllint-memory-should-fail-on-empty-files.patch
deleted file mode 100644
index e1a2197..0000000
--- a/debian/patches/0005-xmllint-memory-should-fail-on-empty-files.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Wed, 8 May 2013 05:45:48 +0000
-Subject: xmllint --memory should fail on empty files
-
-Exposed by https://bugzilla.gnome.org/show_bug.cgi?id=699896
-when doing analysis but a priori unrelated.
----
- xmllint.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/xmllint.c b/xmllint.c
-index 26d8db1..c0196ab 100644
---- a/xmllint.c
-+++ b/xmllint.c
-@@ -2338,8 +2338,11 @@ static void parseAndPrintFile(char *filename, xmlParserCtxtPtr rectxt) {
- if ((fd = open(filename, O_RDONLY)) < 0)
- return;
- base = mmap(NULL, info.st_size, PROT_READ, MAP_SHARED, fd, 0) ;
-- if (base == (void *) MAP_FAILED)
-+ if (base == (void *) MAP_FAILED) {
-+ fprintf(stderr, "mmap failure for file %s\n", filename);
-+ progresult = XMLLINT_ERR_RDFILE;
- return;
-+ }
-
- if (rectxt == NULL)
- doc = xmlReadMemory((char *) base, info.st_size,
diff --git a/debian/patches/0006-properly-quote-the-namespace-uris-written-out-during.patch b/debian/patches/0006-properly-quote-the-namespace-uris-written-out-during.patch
deleted file mode 100644
index 6f4c4c8..0000000
--- a/debian/patches/0006-properly-quote-the-namespace-uris-written-out-during.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From: Aleksey Sanin <aleksey@aleksey.com>
-Date: Thu, 9 May 2013 16:02:16 +0000
-Subject: properly quote the namespace uris written out during c14n
-
----
- c14n.c | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/c14n.c b/c14n.c
-index afd95b3..ca77f92 100644
---- a/c14n.c
-+++ b/c14n.c
-@@ -547,14 +547,15 @@ xmlC14NPrintNamespaces(const xmlNsPtr ns, xmlC14NCtxPtr ctx)
- if (ns->prefix != NULL) {
- xmlOutputBufferWriteString(ctx->buf, " xmlns:");
- xmlOutputBufferWriteString(ctx->buf, (const char *) ns->prefix);
-- xmlOutputBufferWriteString(ctx->buf, "=\"");
-+ xmlOutputBufferWriteString(ctx->buf, "=");
- } else {
-- xmlOutputBufferWriteString(ctx->buf, " xmlns=\"");
-+ xmlOutputBufferWriteString(ctx->buf, " xmlns=");
- }
- if(ns->href != NULL) {
-- xmlOutputBufferWriteString(ctx->buf, (const char *) ns->href);
-+ xmlBufWriteQuotedString(ctx->buf->buffer, ns->href);
-+ } else {
-+ xmlOutputBufferWriteString(ctx->buf, "\"\"");
- }
-- xmlOutputBufferWriteString(ctx->buf, "\"");
- return (1);
- }
-
diff --git a/debian/patches/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch b/debian/patches/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch
deleted file mode 100644
index 442fd11..0000000
--- a/debian/patches/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Wed, 22 May 2013 20:56:45 +0000
-Subject: Fix a parsing bug on non-ascii element and CR/LF usage
-
-https://bugzilla.gnome.org/show_bug.cgi?id=698550
-
-Somehow the behaviour of the internal parser routine changed
-slightly when encountering CR/LF, which led to a bug when
-parsing document with non-ascii Names
----
- parser.c | 6 +++++-
- 1 file changed, 5 insertions(+), 1 deletion(-)
-
-diff --git a/parser.c b/parser.c
-index b9df6d8..dd00399 100644
---- a/parser.c
-+++ b/parser.c
-@@ -3404,6 +3404,7 @@ xmlParseNCNameComplex(xmlParserCtxtPtr ctxt) {
- int len = 0, l;
- int c;
- int count = 0;
-+ const xmlChar *end; /* needed because CUR_CHAR() can move cur on \r\n */
-
- #ifdef DEBUG
- nbParseNCNameComplex++;
-@@ -3413,6 +3414,7 @@ xmlParseNCNameComplex(xmlParserCtxtPtr ctxt) {
- * Handler for more complex cases
- */
- GROW;
-+ end = ctxt->input->cur;
- c = CUR_CHAR(l);
- if ((c == ' ') || (c == '>') || (c == '/') || /* accelerators */
- (!xmlIsNameStartChar(ctxt, c) || (c == ':'))) {
-@@ -3434,12 +3436,14 @@ xmlParseNCNameComplex(xmlParserCtxtPtr ctxt) {
- }
- len += l;
- NEXTL(l);
-+ end = ctxt->input->cur;
- c = CUR_CHAR(l);
- if (c == 0) {
- count = 0;
- GROW;
- if (ctxt->instate == XML_PARSER_EOF)
- return(NULL);
-+ end = ctxt->input->cur;
- c = CUR_CHAR(l);
- }
- }
-@@ -3448,7 +3452,7 @@ xmlParseNCNameComplex(xmlParserCtxtPtr ctxt) {
- xmlFatalErr(ctxt, XML_ERR_NAME_TOO_LONG, "NCName");
- return(NULL);
- }
-- return(xmlDictLookup(ctxt->dict, ctxt->input->cur - len, len));
-+ return(xmlDictLookup(ctxt->dict, end - len, len));
- }
-
- /**
diff --git a/debian/patches/0008-missing-else-in-xlink.c.patch b/debian/patches/0008-missing-else-in-xlink.c.patch
deleted file mode 100644
index 88a4e86..0000000
--- a/debian/patches/0008-missing-else-in-xlink.c.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From: Ami Fischman <fischman@google.com>
-Date: Tue, 2 Jul 2013 09:47:26 +0800
-Subject: missing else in xlink.c
-
-Obviously forgotten
----
- xlink.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/xlink.c b/xlink.c
-index 3566e06..c0e4ff3 100644
---- a/xlink.c
-+++ b/xlink.c
-@@ -150,7 +150,7 @@ xlinkIsLink (xmlDocPtr doc, xmlNodePtr node) {
- if (type != NULL) {
- if (xmlStrEqual(type, BAD_CAST "simple")) {
- ret = XLINK_TYPE_SIMPLE;
-- } if (xmlStrEqual(type, BAD_CAST "extended")) {
-+ } else if (xmlStrEqual(type, BAD_CAST "extended")) {
- role = xmlGetNsProp(node, BAD_CAST "role", XLINK_NAMESPACE);
- if (role != NULL) {
- xmlNsPtr xlink;
diff --git a/debian/patches/0009-Catch-malloc-error-and-exit-accordingly.patch b/debian/patches/0009-Catch-malloc-error-and-exit-accordingly.patch
deleted file mode 100644
index 3f93a57..0000000
--- a/debian/patches/0009-Catch-malloc-error-and-exit-accordingly.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Thu, 11 Jul 2013 15:41:22 +0800
-Subject: Catch malloc error and exit accordingly
-
-As pointed privately by Bill Parker <wp02855@gmail.com>
----
- xmllint.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/xmllint.c b/xmllint.c
-index c0196ab..4d464e4 100644
---- a/xmllint.c
-+++ b/xmllint.c
-@@ -3090,6 +3090,10 @@ static void usage(const char *name) {
- static void registerNode(xmlNodePtr node)
- {
- node->_private = malloc(sizeof(long));
-+ if (node->_private == NULL) {
-+ fprintf(stderr, "Out of memory in xmllint:registerNode()\n");
-+ exit(XMLLINT_ERR_MEM);
-+ }
- *(long*)node->_private = (long) 0x81726354;
- nbregister++;
- }
diff --git a/debian/patches/0010-Fix-handling-of-mmap-errors.patch b/debian/patches/0010-Fix-handling-of-mmap-errors.patch
deleted file mode 100644
index 0c55cfe..0000000
--- a/debian/patches/0010-Fix-handling-of-mmap-errors.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 12 Jul 2013 12:08:40 +0800
-Subject: Fix handling of mmap errors
-
-https://bugzilla.gnome.org/show_bug.cgi?id=702320
-
-as raised by Gaurav <ya1gaurav@gmail.com>
----
- xmllint.c | 13 +++++++++++--
- 1 file changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/xmllint.c b/xmllint.c
-index 4d464e4..92e6b03 100644
---- a/xmllint.c
-+++ b/xmllint.c
-@@ -1837,8 +1837,12 @@ static void streamFile(char *filename) {
- if ((fd = open(filename, O_RDONLY)) < 0)
- return;
- base = mmap(NULL, info.st_size, PROT_READ, MAP_SHARED, fd, 0) ;
-- if (base == (void *) MAP_FAILED)
-+ if (base == (void *) MAP_FAILED) {
-+ close(fd);
-+ fprintf(stderr, "mmap failure for file %s\n", filename);
-+ progresult = XMLLINT_ERR_RDFILE;
- return;
-+ }
-
- reader = xmlReaderForMemory(base, info.st_size, filename,
- NULL, options);
-@@ -2223,8 +2227,12 @@ static void parseAndPrintFile(char *filename, xmlParserCtxtPtr rectxt) {
- if ((fd = open(filename, O_RDONLY)) < 0)
- return;
- base = mmap(NULL, info.st_size, PROT_READ, MAP_SHARED, fd, 0) ;
-- if (base == (void *) MAP_FAILED)
-+ if (base == (void *) MAP_FAILED) {
-+ close(fd);
-+ fprintf(stderr, "mmap failure for file %s\n", filename);
-+ progresult = XMLLINT_ERR_RDFILE;
- return;
-+ }
-
- doc = htmlReadMemory((char *) base, info.st_size, filename,
- NULL, options);
-@@ -2339,6 +2347,7 @@ static void parseAndPrintFile(char *filename, xmlParserCtxtPtr rectxt) {
- return;
- base = mmap(NULL, info.st_size, PROT_READ, MAP_SHARED, fd, 0) ;
- if (base == (void *) MAP_FAILED) {
-+ close(fd);
- fprintf(stderr, "mmap failure for file %s\n", filename);
- progresult = XMLLINT_ERR_RDFILE;
- return;
diff --git a/debian/patches/0011-Avoid-crash-if-allocation-fails.patch b/debian/patches/0011-Avoid-crash-if-allocation-fails.patch
deleted file mode 100644
index e4e7206..0000000
--- a/debian/patches/0011-Avoid-crash-if-allocation-fails.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Mon, 22 Jul 2013 14:28:20 +0800
-Subject: Avoid crash if allocation fails
-
-https://bugzilla.gnome.org/show_bug.cgi?id=704527
-xmlSchemaNewValue() may fail on OOM error
----
- xmlschemastypes.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/xmlschemastypes.c b/xmlschemastypes.c
-index a9edc03..ec403e8 100644
---- a/xmlschemastypes.c
-+++ b/xmlschemastypes.c
-@@ -242,6 +242,10 @@ xmlSchemaNewMinLengthFacet(int value)
- }
- ret->type = XML_SCHEMA_FACET_MINLENGTH;
- ret->val = xmlSchemaNewValue(XML_SCHEMAS_NNINTEGER);
-+ if (ret->val == NULL) {
-+ xmlFree(ret);
-+ return(NULL);
-+ }
- ret->val->value.decimal.lo = value;
- return (ret);
- }
diff --git a/debian/patches/0012-Fix-a-possible-NULL-dereference.patch b/debian/patches/0012-Fix-a-possible-NULL-dereference.patch
deleted file mode 100644
index 9a7cf6f..0000000
--- a/debian/patches/0012-Fix-a-possible-NULL-dereference.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From: Gaurav <g.gupta@40samsung.com>
-Date: Sat, 3 Aug 2013 22:16:02 +0800
-Subject: Fix a possible NULL dereference
-
-https://bugzilla.gnome.org/show_bug.cgi?id=705400
-In case of allocation error the pointer was dereferenced before the
-test for a failure
----
- SAX2.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/SAX2.c b/SAX2.c
-index 4adf202..33d167e 100644
---- a/SAX2.c
-+++ b/SAX2.c
-@@ -994,12 +994,12 @@ xmlSAX2StartDocument(void *ctx)
- #ifdef LIBXML_HTML_ENABLED
- if (ctxt->myDoc == NULL)
- ctxt->myDoc = htmlNewDocNoDtD(NULL, NULL);
-- ctxt->myDoc->properties = XML_DOC_HTML;
-- ctxt->myDoc->parseFlags = ctxt->options;
- if (ctxt->myDoc == NULL) {
- xmlSAX2ErrMemory(ctxt, "xmlSAX2StartDocument");
- return;
- }
-+ ctxt->myDoc->properties = XML_DOC_HTML;
-+ ctxt->myDoc->parseFlags = ctxt->options;
- #else
- xmlGenericError(xmlGenericErrorContext,
- "libxml2 built without HTML support\n");
diff --git a/debian/patches/0013-Clear-up-a-potential-NULL-dereference.patch b/debian/patches/0013-Clear-up-a-potential-NULL-dereference.patch
deleted file mode 100644
index a18dfaf..0000000
--- a/debian/patches/0013-Clear-up-a-potential-NULL-dereference.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Sat, 3 Aug 2013 22:25:13 +0800
-Subject: Clear up a potential NULL dereference
-
-https://bugzilla.gnome.org/show_bug.cgi?id=705399
-
-if ctxt->node_seq.buffer is null then ctxt->node_seq.maximum ought
-to be zero but it's better to clarify the check in the code directly.
----
- parserInternals.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/parserInternals.c b/parserInternals.c
-index f8a7041..98a5836 100644
---- a/parserInternals.c
-+++ b/parserInternals.c
-@@ -1990,7 +1990,8 @@ xmlParserAddNodeInfo(xmlParserCtxtPtr ctxt,
-
- /* Otherwise, we need to add new node to buffer */
- else {
-- if (ctxt->node_seq.length + 1 > ctxt->node_seq.maximum) {
-+ if ((ctxt->node_seq.length + 1 > ctxt->node_seq.maximum) ||
-+ (ctxt->node_seq.buffer == NULL)) {
- xmlParserNodeInfo *tmp_buffer;
- unsigned int byte_size;
-
diff --git a/debian/patches/0014-Fix-XPath-optimization-with-predicates.patch b/debian/patches/0014-Fix-XPath-optimization-with-predicates.patch
deleted file mode 100644
index f24424a..0000000
--- a/debian/patches/0014-Fix-XPath-optimization-with-predicates.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sun, 4 Aug 2013 22:15:11 +0000
-Subject: Fix XPath '//' optimization with predicates
-
-My attempt to optimize XPath expressions containing '//' caused a
-regression reported in bug #695699. This commit disables the
-optimization for expressions of the form '//foo[predicate]'.
----
- xpath.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/xpath.c b/xpath.c
-index 97410e7..a676989 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -14719,8 +14719,9 @@ xmlXPathOptimizeExpression(xmlXPathCompExprPtr comp, xmlXPathStepOpPtr op)
- * internal representation.
- */
-
-- if ((op->ch1 != -1) &&
-- (op->op == XPATH_OP_COLLECT /* 11 */))
-+ if ((op->op == XPATH_OP_COLLECT /* 11 */) &&
-+ (op->ch1 != -1) &&
-+ (op->ch2 == -1 /* no predicate */))
- {
- xmlXPathStepOpPtr prevop = &comp->steps[op->ch1];
-
diff --git a/debian/patches/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch b/debian/patches/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch
deleted file mode 100644
index b910c3a..0000000
--- a/debian/patches/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Tim Galeckas <tim@galeckas.com>
-Date: Thu, 29 Aug 2013 16:44:33 +0800
-Subject: xmllint --pretty crashed without following numeric argument
-
-https://bugzilla.gnome.org/show_bug.cgi?id=674789
-
-We need to check for NULL argument before calling atoi()
----
- xmllint.c | 12 +++++++-----
- 1 file changed, 7 insertions(+), 5 deletions(-)
-
-diff --git a/xmllint.c b/xmllint.c
-index 92e6b03..d69722c 100644
---- a/xmllint.c
-+++ b/xmllint.c
-@@ -3388,11 +3388,13 @@ main(int argc, char **argv) {
- (!strcmp(argv[i], "--pretty"))) {
- i++;
- #ifdef LIBXML_OUTPUT_ENABLED
-- format = atoi(argv[i]);
-- if (format == 1) {
-- noblanks++;
-- xmlKeepBlanksDefault(0);
-- }
-+ if (argv[i] != NULL) {
-+ format = atoi(argv[i]);
-+ if (format == 1) {
-+ noblanks++;
-+ xmlKeepBlanksDefault(0);
-+ }
-+ }
- #endif /* LIBXML_OUTPUT_ENABLED */
- }
- #ifdef LIBXML_READER_ENABLED
diff --git a/debian/patches/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch b/debian/patches/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch
deleted file mode 100644
index fa8a176..0000000
--- a/debian/patches/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From: Gaurav <g.gupta@samsung.com>
-Date: Wed, 11 Sep 2013 14:59:06 +0800
-Subject: Fix potential NULL pointer dereferences in regexp code
-
-https://bugzilla.gnome.org/show_bug.cgi?id=707749
-
-Fix 3 cases where we might dereference NULL
----
- xmlregexp.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/xmlregexp.c b/xmlregexp.c
-index 1f9911c..8e63d74 100644
---- a/xmlregexp.c
-+++ b/xmlregexp.c
-@@ -3162,8 +3162,10 @@ xmlFARegExecRollBack(xmlRegExecCtxtPtr exec) {
- exec->status = -6;
- return;
- }
-- memcpy(exec->counts, exec->rollbacks[exec->nbRollbacks].counts,
-+ if (exec->counts) {
-+ memcpy(exec->counts, exec->rollbacks[exec->nbRollbacks].counts,
- exec->comp->nbCounters * sizeof(int));
-+ }
- }
-
- #ifdef DEBUG_REGEXP_EXEC
-@@ -4091,7 +4093,7 @@ rollback:
- */
- exec->determinist = 0;
- xmlFARegExecRollBack(exec);
-- if (exec->status == 0) {
-+ if ((exec->inputStack != NULL ) && (exec->status == 0)) {
- value = exec->inputStack[exec->index].value;
- data = exec->inputStack[exec->index].data;
- #ifdef DEBUG_PUSH
-@@ -4306,7 +4308,7 @@ xmlRegExecGetValues(xmlRegExecCtxtPtr exec, int err,
- (*nbval)++;
- }
- } else {
-- if ((exec->comp->states[trans->to] != NULL) &&
-+ if ((exec->comp != NULL) && (exec->comp->states[trans->to] != NULL) &&
- (exec->comp->states[trans->to]->type !=
- XML_REGEXP_SINK_STATE)) {
- if (atom->neg)
diff --git a/debian/patches/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch b/debian/patches/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch
deleted file mode 100644
index 2c55813..0000000
--- a/debian/patches/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Wed, 11 Sep 2013 15:11:27 +0800
-Subject: Fix a potential NULL dereference in tree code
-
-https://bugzilla.gnome.org/show_bug.cgi?id=707750
-
-Also reported by Gaurav, simple fix to check the pointer before
-dereference
----
- tree.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/tree.c b/tree.c
-index 7e5af26..efc3ca2 100644
---- a/tree.c
-+++ b/tree.c
-@@ -9780,7 +9780,8 @@ leave_node:
- if (clone->parent != NULL)
- clone->parent->last = clone;
- clone = clone->parent;
-- parentClone = clone->parent;
-+ if (clone != NULL)
-+ parentClone = clone->parent;
- /*
- * Process parent --> next;
- */
diff --git a/debian/patches/0018-Fix-pointer-dereferenced-before-null-check.patch b/debian/patches/0018-Fix-pointer-dereferenced-before-null-check.patch
deleted file mode 100644
index 3ae1c59..0000000
--- a/debian/patches/0018-Fix-pointer-dereferenced-before-null-check.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From: Gaurav <g.gupta@samsung.com>
-Date: Mon, 30 Sep 2013 10:43:47 +0800
-Subject: Fix pointer dereferenced before null check
-
-for https://bugzilla.gnome.org/show_bug.cgi?id=708364
-
-xmlValidateElementContent is a private function but should still
-check the ctxt argument before dereferencing
----
- valid.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/valid.c b/valid.c
-index 6e53a76..e0832e7 100644
---- a/valid.c
-+++ b/valid.c
-@@ -5236,7 +5236,7 @@ xmlValidateElementContent(xmlValidCtxtPtr ctxt, xmlNodePtr child,
- xmlElementContentPtr cont;
- const xmlChar *name;
-
-- if ((elemDecl == NULL) || (parent == NULL))
-+ if ((elemDecl == NULL) || (parent == NULL) || (ctxt == NULL))
- return(-1);
- cont = elemDecl->content;
- name = elemDecl->name;
diff --git a/debian/patches/0019-Fix-a-bug-loading-some-compressed-files.patch b/debian/patches/0019-Fix-a-bug-loading-some-compressed-files.patch
deleted file mode 100644
index 48b4fa4..0000000
--- a/debian/patches/0019-Fix-a-bug-loading-some-compressed-files.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From: Mike Alexander <mta@umich.edu>
-Date: Thu, 28 Nov 2013 23:21:23 +0800
-Subject: Fix a bug loading some compressed files
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=712528
-Related to https://bugzilla.redhat.com/show_bug.cgi?id=877567
-
-There is a bug in xzlib.c which causes certain compressed XML files to fail to
-load correctly. The code in xz_decomp which attempts to verify the checksum
-and length of the expanded data fails if the checksum or length at the end of
-the file crosses a 1024 byte boundary. It calls gz_next4 to get those two
-values. This function uses the stream state in state->zstrm, but calls
-xz_avail which uses the state->strm stream info. This causes gz_next4 to
-signal a premature EOF if the data it is fetching crosses a 1024 byte boundary.
----
- xzlib.c | 26 ++++++++++++++++++++++----
- 1 file changed, 22 insertions(+), 4 deletions(-)
-
-diff --git a/xzlib.c b/xzlib.c
-index 928bd17..cd045fa 100644
---- a/xzlib.c
-+++ b/xzlib.c
-@@ -245,6 +245,20 @@ xz_avail(xz_statep state)
- return 0;
- }
-
-+#ifdef HAVE_ZLIB_H
-+static int
-+xz_avail_zstrm(xz_statep state)
-+{
-+ int ret;
-+ state->strm.avail_in = state->zstrm.avail_in;
-+ state->strm.next_in = state->zstrm.next_in;
-+ ret = xz_avail(state);
-+ state->zstrm.avail_in = (uInt) state->strm.avail_in;
-+ state->zstrm.next_in = (Bytef *) state->strm.next_in;
-+ return ret;
-+}
-+#endif
-+
- static int
- is_format_xz(xz_statep state)
- {
-@@ -314,6 +328,10 @@ is_format_lzma(xz_statep state)
- #define NEXT() ((strm->avail_in == 0 && xz_avail(state) == -1) ? -1 : \
- (strm->avail_in == 0 ? -1 : \
- (strm->avail_in--, *(strm->next_in)++)))
-+/* Same thing, but from zstrm */
-+#define NEXTZ() ((strm->avail_in == 0 && xz_avail_zstrm(state) == -1) ? -1 : \
-+ (strm->avail_in == 0 ? -1 : \
-+ (strm->avail_in--, *(strm->next_in)++)))
-
- /* Get a four-byte little-endian integer and return 0 on success and the value
- in *ret. Otherwise -1 is returned and *ret is not modified. */
-@@ -324,10 +342,10 @@ gz_next4(xz_statep state, unsigned long *ret)
- unsigned long val;
- z_streamp strm = &(state->zstrm);
-
-- val = NEXT();
-- val += (unsigned) NEXT() << 8;
-- val += (unsigned long) NEXT() << 16;
-- ch = NEXT();
-+ val = NEXTZ();
-+ val += (unsigned) NEXTZ() << 8;
-+ val += (unsigned long) NEXTZ() << 16;
-+ ch = NEXTZ();
- if (ch == -1)
- return -1;
- val += (unsigned long) ch << 24;
diff --git a/debian/patches/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch b/debian/patches/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch
deleted file mode 100644
index ab0bde8..0000000
--- a/debian/patches/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From: Gaurav <g.gupta@samsung.com>
-Date: Fri, 29 Nov 2013 23:10:50 +0800
-Subject: Avoid a possibility of dangling encoding handler
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=711149
-
-In Function:
-int xmlCharEncCloseFunc(xmlCharEncodingHandler *handler)
-
-If the freed handler is any one of handlers[i] list, then it will make that
-hanldlers[i] as dangling. This may lead to crash issues at places where
-handlers is read.
----
- encoding.c | 16 ++++++++++++++--
- 1 file changed, 14 insertions(+), 2 deletions(-)
-
-diff --git a/encoding.c b/encoding.c
-index 7330e90..d4fc45f 100644
---- a/encoding.c
-+++ b/encoding.c
-@@ -2851,14 +2851,25 @@ int
- xmlCharEncCloseFunc(xmlCharEncodingHandler *handler) {
- int ret = 0;
- int tofree = 0;
-+ int i, handler_in_list = 0;
-+
- if (handler == NULL) return(-1);
- if (handler->name == NULL) return(-1);
-+ if (handlers != NULL) {
-+ for (i = 0;i < nbCharEncodingHandler; i++) {
-+ if (handler == handlers[i]) {
-+ handler_in_list = 1;
-+ break;
-+ }
-+ }
-+ }
- #ifdef LIBXML_ICONV_ENABLED
- /*
- * Iconv handlers can be used only once, free the whole block.
- * and the associated icon resources.
- */
-- if ((handler->iconv_out != NULL) || (handler->iconv_in != NULL)) {
-+ if ((handler_in_list == 0) &&
-+ ((handler->iconv_out != NULL) || (handler->iconv_in != NULL))) {
- tofree = 1;
- if (handler->iconv_out != NULL) {
- if (iconv_close(handler->iconv_out))
-@@ -2873,7 +2884,8 @@ xmlCharEncCloseFunc(xmlCharEncodingHandler *handler) {
- }
- #endif /* LIBXML_ICONV_ENABLED */
- #ifdef LIBXML_ICU_ENABLED
-- if ((handler->uconv_out != NULL) || (handler->uconv_in != NULL)) {
-+ if ((handler_in_list == 0) &&
-+ ((handler->uconv_out != NULL) || (handler->uconv_in != NULL))) {
- tofree = 1;
- if (handler->uconv_out != NULL) {
- closeIcuConverter(handler->uconv_out);
diff --git a/debian/patches/0021-Fix-a-couple-of-missing-NULL-checks.patch b/debian/patches/0021-Fix-a-couple-of-missing-NULL-checks.patch
deleted file mode 100644
index 6771dbb..0000000
--- a/debian/patches/0021-Fix-a-couple-of-missing-NULL-checks.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Gaurav <g.gupta@samsung.com>
-Date: Fri, 29 Nov 2013 23:28:21 +0800
-Subject: Fix a couple of missing NULL checks
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=708681
----
- tree.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/tree.c b/tree.c
-index efc3ca2..43c3c57 100644
---- a/tree.c
-+++ b/tree.c
-@@ -4294,6 +4294,7 @@ xmlStaticCopyNodeList(xmlNodePtr node, xmlDocPtr doc, xmlNodePtr parent) {
- }
- if (doc->intSubset == NULL) {
- q = (xmlNodePtr) xmlCopyDtd( (xmlDtdPtr) node );
-+ if (q == NULL) return(NULL);
- q->doc = doc;
- q->parent = parent;
- doc->intSubset = (xmlDtdPtr) q;
-@@ -4305,6 +4306,7 @@ xmlStaticCopyNodeList(xmlNodePtr node, xmlDocPtr doc, xmlNodePtr parent) {
- } else
- #endif /* LIBXML_TREE_ENABLED */
- q = xmlStaticCopyNode(node, doc, parent, 1);
-+ if (q == NULL) return(NULL);
- if (ret == NULL) {
- q->prev = NULL;
- ret = p = q;
diff --git a/debian/patches/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch b/debian/patches/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch
deleted file mode 100644
index 7820411..0000000
--- a/debian/patches/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch
+++ /dev/null
@@ -1,148 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Mon, 9 Dec 2013 15:23:40 +0800
-Subject: adding init calls to xml and html Read parsing entry points
-
-As pointed out by "Tassyns, Bram <BramT@enfocus.com>" on the list
-some call had it other didn't, clean it up and add to all missing
-ones
----
- HTMLparser.c | 6 ++++++
- parser.c | 10 ++++++++++
- 2 files changed, 16 insertions(+)
-
-diff --git a/HTMLparser.c b/HTMLparser.c
-index dd0c1ea..44c1a3c 100644
---- a/HTMLparser.c
-+++ b/HTMLparser.c
-@@ -6808,6 +6808,7 @@ htmlReadFd(int fd, const char *URL, const char *encoding, int options)
-
- if (fd < 0)
- return (NULL);
-+ xmlInitParser();
-
- xmlInitParser();
- input = xmlParserInputBufferCreateFd(fd, XML_CHAR_ENCODING_NONE);
-@@ -6898,6 +6899,7 @@ htmlCtxtReadDoc(htmlParserCtxtPtr ctxt, const xmlChar * cur,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- htmlCtxtReset(ctxt);
-
-@@ -6931,6 +6933,7 @@ htmlCtxtReadFile(htmlParserCtxtPtr ctxt, const char *filename,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- htmlCtxtReset(ctxt);
-
-@@ -6967,6 +6970,7 @@ htmlCtxtReadMemory(htmlParserCtxtPtr ctxt, const char *buffer, int size,
- return (NULL);
- if (buffer == NULL)
- return (NULL);
-+ xmlInitParser();
-
- htmlCtxtReset(ctxt);
-
-@@ -7009,6 +7013,7 @@ htmlCtxtReadFd(htmlParserCtxtPtr ctxt, int fd,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- htmlCtxtReset(ctxt);
-
-@@ -7053,6 +7058,7 @@ htmlCtxtReadIO(htmlParserCtxtPtr ctxt, xmlInputReadCallback ioread,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- htmlCtxtReset(ctxt);
-
-diff --git a/parser.c b/parser.c
-index dd00399..ad400f4 100644
---- a/parser.c
-+++ b/parser.c
-@@ -15217,6 +15217,7 @@ xmlReadDoc(const xmlChar * cur, const char *URL, const char *encoding, int optio
-
- if (cur == NULL)
- return (NULL);
-+ xmlInitParser();
-
- ctxt = xmlCreateDocParserCtxt(cur);
- if (ctxt == NULL)
-@@ -15239,6 +15240,7 @@ xmlReadFile(const char *filename, const char *encoding, int options)
- {
- xmlParserCtxtPtr ctxt;
-
-+ xmlInitParser();
- ctxt = xmlCreateURLParserCtxt(filename, options);
- if (ctxt == NULL)
- return (NULL);
-@@ -15262,6 +15264,7 @@ xmlReadMemory(const char *buffer, int size, const char *URL, const char *encodin
- {
- xmlParserCtxtPtr ctxt;
-
-+ xmlInitParser();
- ctxt = xmlCreateMemoryParserCtxt(buffer, size);
- if (ctxt == NULL)
- return (NULL);
-@@ -15290,6 +15293,7 @@ xmlReadFd(int fd, const char *URL, const char *encoding, int options)
-
- if (fd < 0)
- return (NULL);
-+ xmlInitParser();
-
- input = xmlParserInputBufferCreateFd(fd, XML_CHAR_ENCODING_NONE);
- if (input == NULL)
-@@ -15333,6 +15337,7 @@ xmlReadIO(xmlInputReadCallback ioread, xmlInputCloseCallback ioclose,
-
- if (ioread == NULL)
- return (NULL);
-+ xmlInitParser();
-
- input = xmlParserInputBufferCreateIO(ioread, ioclose, ioctx,
- XML_CHAR_ENCODING_NONE);
-@@ -15379,6 +15384,7 @@ xmlCtxtReadDoc(xmlParserCtxtPtr ctxt, const xmlChar * cur,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- xmlCtxtReset(ctxt);
-
-@@ -15412,6 +15418,7 @@ xmlCtxtReadFile(xmlParserCtxtPtr ctxt, const char *filename,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- xmlCtxtReset(ctxt);
-
-@@ -15448,6 +15455,7 @@ xmlCtxtReadMemory(xmlParserCtxtPtr ctxt, const char *buffer, int size,
- return (NULL);
- if (buffer == NULL)
- return (NULL);
-+ xmlInitParser();
-
- xmlCtxtReset(ctxt);
-
-@@ -15492,6 +15500,7 @@ xmlCtxtReadFd(xmlParserCtxtPtr ctxt, int fd,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- xmlCtxtReset(ctxt);
-
-@@ -15537,6 +15546,7 @@ xmlCtxtReadIO(xmlParserCtxtPtr ctxt, xmlInputReadCallback ioread,
- return (NULL);
- if (ctxt == NULL)
- return (NULL);
-+ xmlInitParser();
-
- xmlCtxtReset(ctxt);
-
diff --git a/debian/patches/0023-Handling-of-XPath-function-arguments-in-error-case.patch b/debian/patches/0023-Handling-of-XPath-function-arguments-in-error-case.patch
deleted file mode 100644
index cc18db7..0000000
--- a/debian/patches/0023-Handling-of-XPath-function-arguments-in-error-case.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Fri, 20 Dec 2013 00:01:53 +0100
-Subject: Handling of XPath function arguments in error case
-
-The XPath engine tries to guarantee that every XPath function can pop
-'nargs' non-NULL values off the stack. libxslt, for example, relies on
-this assumption. But the check isn't thorough enough if there are errors
-during the evaluation of arguments. This can lead to segfaults:
-
-https://mail.gnome.org/archives/xslt/2013-December/msg00005.html
-
-This commit makes the handling of function arguments more robust.
-
-* Bail out early when evaluation of XPath function arguments fails.
-* Make sure that there are 'nargs' arguments in the current call frame.
----
- xpath.c | 9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-
-diff --git a/xpath.c b/xpath.c
-index a676989..a75df9b 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -13512,10 +13512,15 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- int frame;
-
- frame = xmlXPathSetFrame(ctxt);
-- if (op->ch1 != -1)
-+ if (op->ch1 != -1) {
- total +=
- xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
-- if (ctxt->valueNr < op->value) {
-+ if (ctxt->error != XPATH_EXPRESSION_OK) {
-+ xmlXPathPopFrame(ctxt, frame);
-+ return (total);
-+ }
-+ }
-+ if (ctxt->valueNr < ctxt->valueFrame + op->value) {
- xmlGenericError(xmlGenericErrorContext,
- "xmlXPathCompOpEval: parameter error\n");
- ctxt->error = XPATH_INVALID_OPERAND;
diff --git a/debian/patches/0024-Missing-initialization-for-the-catalog-module.patch b/debian/patches/0024-Missing-initialization-for-the-catalog-module.patch
deleted file mode 100644
index c5a5d16..0000000
--- a/debian/patches/0024-Missing-initialization-for-the-catalog-module.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Sun, 26 Jan 2014 15:02:25 +0100
-Subject: Missing initialization for the catalog module
-
----
- parser.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/parser.c b/parser.c
-index ad400f4..7381a78 100644
---- a/parser.c
-+++ b/parser.c
-@@ -14720,6 +14720,9 @@ xmlInitParser(void) {
- #ifdef LIBXML_XPATH_ENABLED
- xmlXPathInit();
- #endif
-+#ifdef LIBXML_CATALOG_ENABLED
-+ xmlInitializeCatalog();
-+#endif
- xmlParserInitialized = 1;
- #ifdef LIBXML_THREAD_ENABLED
- }
diff --git a/debian/patches/0025-Fix-an-fd-leak-in-an-error-case.patch b/debian/patches/0025-Fix-an-fd-leak-in-an-error-case.patch
deleted file mode 100644
index edf1752..0000000
--- a/debian/patches/0025-Fix-an-fd-leak-in-an-error-case.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Thu, 6 Feb 2014 10:38:00 +0100
-Subject: Fix an fd leak in an error case
-
----
- catalog.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/catalog.c b/catalog.c
-index 8e34cd2..56991da 100644
---- a/catalog.c
-+++ b/catalog.c
-@@ -994,6 +994,11 @@ xmlLoadFileContent(const char *filename)
- content = (xmlChar*)xmlMallocAtomic(size + 10);
- if (content == NULL) {
- xmlCatalogErrMemory("allocating catalog data");
-+#ifdef HAVE_STAT
-+ close(fd);
-+#else
-+ fclose(fd);
-+#endif
- return (NULL);
- }
- #ifdef HAVE_STAT
diff --git a/debian/patches/0026-fixing-a-ptotential-uninitialized-access.patch b/debian/patches/0026-fixing-a-ptotential-uninitialized-access.patch
deleted file mode 100644
index 65eae92..0000000
--- a/debian/patches/0026-fixing-a-ptotential-uninitialized-access.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Thu, 6 Feb 2014 10:47:20 +0100
-Subject: fixing a ptotential uninitialized access
-
----
- valid.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/valid.c b/valid.c
-index e0832e7..114bb72 100644
---- a/valid.c
-+++ b/valid.c
-@@ -6948,7 +6948,7 @@ xmlValidGetValidElements(xmlNode *prev, xmlNode *next, const xmlChar **names,
- int max) {
- xmlValidCtxt vctxt;
- int nb_valid_elements = 0;
-- const xmlChar *elements[256];
-+ const xmlChar *elements[256]={0};
- int nb_elements = 0, i;
- const xmlChar *name;
-
diff --git a/debian/patches/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch b/debian/patches/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch
deleted file mode 100644
index 22d206a..0000000
--- a/debian/patches/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Sat, 8 Feb 2014 02:22:35 +0800
-Subject: Fix xmlTextWriterWriteElement when a null content is given
-
----
- xmlwriter.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/xmlwriter.c b/xmlwriter.c
-index d3f29f8..27209b9 100644
---- a/xmlwriter.c
-+++ b/xmlwriter.c
-@@ -2238,10 +2238,12 @@ xmlTextWriterWriteElement(xmlTextWriterPtr writer, const xmlChar * name,
- if (count == -1)
- return -1;
- sum += count;
-- count = xmlTextWriterWriteString(writer, content);
-- if (count == -1)
-- return -1;
-- sum += count;
-+ if (content != NULL) {
-+ count = xmlTextWriterWriteString(writer, content);
-+ if (count == -1)
-+ return -1;
-+ sum += count;
-+ }
- count = xmlTextWriterEndElement(writer);
- if (count == -1)
- return -1;
diff --git a/debian/patches/0028-Avoid-a-possible-NULL-pointer-dereference.patch b/debian/patches/0028-Avoid-a-possible-NULL-pointer-dereference.patch
deleted file mode 100644
index 219d13a..0000000
--- a/debian/patches/0028-Avoid-a-possible-NULL-pointer-dereference.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From: Gaurav <g.gupta@samsung.com>
-Date: Tue, 18 Feb 2014 11:47:43 +0800
-Subject: Avoid a possible NULL pointer dereference
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=708355
----
- xmlmodule.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/xmlmodule.c b/xmlmodule.c
-index 7fe5bc2..50ed666 100644
---- a/xmlmodule.c
-+++ b/xmlmodule.c
-@@ -115,7 +115,7 @@ xmlModuleSymbol(xmlModulePtr module, const char *name, void **symbol)
- {
- int rc = -1;
-
-- if ((NULL == module) || (symbol == NULL)) {
-+ if ((NULL == module) || (symbol == NULL) || (name == NULL)) {
- __xmlRaiseError(NULL, NULL, NULL, NULL, NULL, XML_FROM_MODULE,
- XML_MODULE_OPEN, XML_ERR_FATAL, NULL, 0, 0,
- NULL, NULL, 0, 0, "null parameter\n");
diff --git a/debian/patches/0029-Do-not-fetch-external-parameter-entities.patch b/debian/patches/0029-Do-not-fetch-external-parameter-entities.patch
deleted file mode 100644
index 06ec27c..0000000
--- a/debian/patches/0029-Do-not-fetch-external-parameter-entities.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Tue, 22 Apr 2014 15:30:56 +0800
-Subject: Do not fetch external parameter entities
-
-Unless explicitely asked for when validating or replacing entities
-with their value. Problem pointed out by Daniel Berrange <berrange@redhat.com>
----
- parser.c | 14 ++++++++++++++
- 1 file changed, 14 insertions(+)
-
-diff --git a/parser.c b/parser.c
-index 7381a78..8aad7b4 100644
---- a/parser.c
-+++ b/parser.c
-@@ -2595,6 +2595,20 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
- xmlCharEncoding enc;
-
- /*
-+ * Note: external parsed entities will not be loaded, it is
-+ * not required for a non-validating parser, unless the
-+ * option of validating, or substituting entities were
-+ * given. Doing so is far more secure as the parser will
-+ * only process data coming from the document entity by
-+ * default.
-+ */
-+ if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
-+ ((ctxt->options & XML_PARSE_NOENT) == 0) &&
-+ ((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
-+ (ctxt->validate == 0))
-+ return;
-+
-+ /*
- * handle the extra spaces added before and after
- * c.f. http://www.w3.org/TR/REC-xml#as-PE
- * this is done independently.
diff --git a/debian/patches/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch b/debian/patches/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch
deleted file mode 100644
index 8a84731..0000000
--- a/debian/patches/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From: Gaurav <g.gupta@samsung.com>
-Date: Fri, 9 May 2014 17:00:08 +0800
-Subject: Avoid Possible null pointer dereference in memory debug mode
-
-Fix a use before check on pointer
-For https://bugzilla.gnome.org/show_bug.cgi?id=729849
----
- xmlmemory.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/xmlmemory.c b/xmlmemory.c
-index 25d9318..37dcf3b 100644
---- a/xmlmemory.c
-+++ b/xmlmemory.c
-@@ -583,13 +583,15 @@ xmlMemBlocks(void) {
- static void
- xmlMemContentShow(FILE *fp, MEMHDR *p)
- {
-- int i,j,k,len = p->mh_size;
-- const char *buf = (const char *) HDR_2_CLIENT(p);
-+ int i,j,k,len;
-+ const char *buf;
-
- if (p == NULL) {
- fprintf(fp, " NULL");
- return;
- }
-+ len = p->mh_size;
-+ buf = (const char *) HDR_2_CLIENT(p);
-
- for (i = 0;i < len;i++) {
- if (buf[i] == 0) break;
diff --git a/debian/patches/0031-xmllint-was-not-parsing-the-c14n11-flag.patch b/debian/patches/0031-xmllint-was-not-parsing-the-c14n11-flag.patch
deleted file mode 100644
index 7b24f6b..0000000
--- a/debian/patches/0031-xmllint-was-not-parsing-the-c14n11-flag.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From: =?UTF-8?q?S=C3=A9rgio=20Batista?= <mail@se.rg.io>
-Date: Mon, 9 Jun 2014 22:10:15 +0800
-Subject: xmllint was not parsing the --c14n11 flag
-
-Cut and paste error, using the wrong variable
----
- xmllint.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/xmllint.c b/xmllint.c
-index d69722c..4a5d043 100644
---- a/xmllint.c
-+++ b/xmllint.c
-@@ -2573,7 +2573,7 @@ static void parseAndPrintFile(char *filename, xmlParserCtxtPtr rectxt) {
- fprintf(stderr, "Failed to canonicalize\n");
- progresult = XMLLINT_ERR_OUT;
- }
-- } else if (canonical) {
-+ } else if (canonical_11) {
- xmlChar *result = NULL;
- int size;
-
diff --git a/debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch b/debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch
deleted file mode 100644
index d9fc108..0000000
--- a/debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From: Daniel Veillard <veillard@redhat.com>
-Date: Wed, 11 Jun 2014 16:54:32 +0800
-Subject: Fix regressions introduced by CVE-2014-0191 patch
-
-A number of issues have been raised after the fix, and this patch
-tries to correct all of them, though most were related to
-postvalidation.
-https://bugzilla.gnome.org/show_bug.cgi?id=730290
-and other reports on list, off-list and on Red Hat bugzilla
----
- parser.c | 13 +++++++++++--
- 1 file changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/parser.c b/parser.c
-index 8aad7b4..ea0ea65 100644
---- a/parser.c
-+++ b/parser.c
-@@ -2595,8 +2595,8 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
- xmlCharEncoding enc;
-
- /*
-- * Note: external parsed entities will not be loaded, it is
-- * not required for a non-validating parser, unless the
-+ * Note: external parameter entities will not be loaded, it
-+ * is not required for a non-validating parser, unless the
- * option of validating, or substituting entities were
- * given. Doing so is far more secure as the parser will
- * only process data coming from the document entity by
-@@ -2605,6 +2605,9 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
- if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
- ((ctxt->options & XML_PARSE_NOENT) == 0) &&
- ((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
-+ ((ctxt->options & XML_PARSE_DTDLOAD) == 0) &&
-+ ((ctxt->options & XML_PARSE_DTDATTR) == 0) &&
-+ (ctxt->replaceEntities == 0) &&
- (ctxt->validate == 0))
- return;
-
-@@ -12609,6 +12612,9 @@ xmlIOParseDTD(xmlSAXHandlerPtr sax, xmlParserInputBufferPtr input,
- return(NULL);
- }
-
-+ /* We are loading a DTD */
-+ ctxt->options |= XML_PARSE_DTDLOAD;
-+
- /*
- * Set-up the SAX context
- */
-@@ -12736,6 +12742,9 @@ xmlSAXParseDTD(xmlSAXHandlerPtr sax, const xmlChar *ExternalID,
- return(NULL);
- }
-
-+ /* We are loading a DTD */
-+ ctxt->options |= XML_PARSE_DTDLOAD;
-+
- /*
- * Set-up the SAX context
- */
diff --git a/debian/patches/series b/debian/patches/series
index ce6e665..631a2bf 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,32 +1,3 @@
0001-modify-xml2-config-and-pkgconfig-behaviour.patch
0002-fix-python-multiarch-includes.patch
-0003-Fix-an-error-in-xmlCleanupParser.patch
-0004-Fix-missing-break-on-last-function-for-attributes.patch
-0005-xmllint-memory-should-fail-on-empty-files.patch
-0006-properly-quote-the-namespace-uris-written-out-during.patch
-0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch
-0008-missing-else-in-xlink.c.patch
-0009-Catch-malloc-error-and-exit-accordingly.patch
-0010-Fix-handling-of-mmap-errors.patch
-0011-Avoid-crash-if-allocation-fails.patch
-0012-Fix-a-possible-NULL-dereference.patch
-0013-Clear-up-a-potential-NULL-dereference.patch
-0014-Fix-XPath-optimization-with-predicates.patch
-0015-xmllint-pretty-crashed-without-following-numeric-arg.patch
-0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch
-0017-Fix-a-potential-NULL-dereference-in-tree-code.patch
-0018-Fix-pointer-dereferenced-before-null-check.patch
-0019-Fix-a-bug-loading-some-compressed-files.patch
-0020-Avoid-a-possibility-of-dangling-encoding-handler.patch
-0021-Fix-a-couple-of-missing-NULL-checks.patch
-0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch
-0023-Handling-of-XPath-function-arguments-in-error-case.patch
-0024-Missing-initialization-for-the-catalog-module.patch
-0025-Fix-an-fd-leak-in-an-error-case.patch
-0026-fixing-a-ptotential-uninitialized-access.patch
-0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch
-0028-Avoid-a-possible-NULL-pointer-dereference.patch
-0029-Do-not-fetch-external-parameter-entities.patch
-0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch
-0031-xmllint-was-not-parsing-the-c14n11-flag.patch
-0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch
+0003-Fix-missing-entities-after-CVE-2014-3660-fix.patch