Update libxml2 to 2.9.4.

Pkgsrc changes:
 * Add some casts to match types and format strings, plus
   fix value range of toupper() operation.
 * Merge patch-ag into the new patch-encoding.c.
 * Add comments to existing patches which lacked comments.

Upstream changes to libxml2-2.9.4: May 23 2016

Security:

   CVE-2016-3627 Avoid building recursive entities
   CVE-2016-1833 Heap-based buffer overread in htmlCurrentChar
   CVE-2016-1835 Heap use-after-free in xmlSAX2AttributeNs
   CVE-2016-1837 Heap use-after-free in htmlParsePubidLiteral
   	      	 and htmlParseSystemiteral
   CVE-2016-1836 Bug 759398: Heap use-after-free in xmlDictComputeFastKey
   CVE-2016-1839 Bug 758605: Heap-based buffer overread in xmlDictAddString
   CVE-2016-1838 Bug 758588: Heap-based buffer overread in
	      	 xmlParserPrintFileContextInternal
   CVE-2016-1840 Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup
   CVE-2016-4483 Avoid an out of bound access when serializing
   		 malformed strings
   CVE-2016-1834 Bug 763071: heap-buffer-overflow in xmlStrncat
   CVE-2016-3705 Add missing increments of recursion depth counter to
   		 XML parser.
   CVE-2016-1762 Heap-based buffer overread in xmlNextChar

   More format string warnings with possible format string vulnerability
   Heap-based buffer-underreads due to xmlParseName
   Fix some format string warnings with possible format string vulnerability
   Unsigned addition may overflow in xmlMallocAtomicLoc()

Other bugfixes:

   Detect change of encoding when parsing HTML names
   Fix inappropriate fetch of entities content
   Correct the usage of LDFLAGS
   Revert the use of SAVE_LDFLAGS in configure.ac
   libxml2 hardcodes -L/lib in zlib/lzma tests which breaks cross-compiles
   Add more debugging info to runtest
   Implement "runtest -u" mode
   Integer signed/unsigned type mismatch in xmlParserInputGrow()
   Integer overflow parsing port number in URI
   Fix apibuild for a recently added constructv2.9.4-rc2
   Use pkg-config to locate zlib when possible
   Use pkg-config to locate ICU when possible
   Fix an error with regexp on nullable counted char transition
   Fix memory leak with XPath namespace nodes
   Fix namespace axis traversal
   Add a make rule to rebuild for ASAN
   Fix null pointer deref in docs with no root element
   Portability to non C99 compliant compilers
   dict.h: Move xmlDictPtr definition before includes to allow direct
     inclusion.
   Fix XSD validation of URIs with ampersands
   xmlschemastypes.c: accept endOfDayFrag Times set to "24:00:00" mean
     "end of day" and should not cause an error. v2.9.4-rc1
   os400: tell about xmllint and xmlcatalog in README400.
   os400: properly process SGML add in XMLCATALOG command.
   os400: implement CL command XMLCATALOG.
   os400: compile and install program xmlcatalog (qshell-only).
   xmlcatalog: flush stdout before interactive shell input.
   os400: expand tabs in sources, strip trailing blanks.
   os400: implement CL command XMLLINT.
   os400: compile and install program xmllint (qshell-only).
   os400: initscript make_module(): Use options instead of
     positional parameters.
   xmllint: flush stdout before interactive shell input.
   os400: c14n.rpgle: allow *omit for nullable reference parameters.
   os400: use like() for double type.
   os400: use like() for int type.
   os400: use like() for unsigned int type.
   os400: use like() for enum types.
   Add xz to xml2-config --libs output
   Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression
   Fix namespace::node() XPath expression
   Fix OOB write in xmlXPathEmptyNodeSet
   Fix parsing of NCNames in XPath
   Fix OOB read with invalid UTF-8 in xmlUTF8Strsize
   Do normalize string-based datatype value in RelaxNG facet checking
   Fix typo: s{ ec -> cr }cipt
   Fix typos: dictio{ nn -> n }ar{y,ies}
   Fix typos: PATH_{ SEAPARATOR -> SEPARATOR }
   Correct a typo.
   Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix
     for "xmlSaveUri() incorrectly recomposes URIs with rootless paths"
   Bug 760861: REGRESSION (bf9c1dad): Missing results for
     test/schemas/regexp-char-ref_[01].xsd
   error.c: *input->cur == 0 does not mean no error
   Add missing RNG test files
   Bug 760190: configure.ac should be able to build --with-icu without
     icu-config tool
   Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus
     UTF-8 encoding error when multi-byte character in large CDATA
     section is split across buffer
   Bug 758572: ASAN crash in make check
   Bug 721158: Missing ICU string when doing --version on xmllint
   python 3: libxml2.c wrappers create Unicode str already
   win32\VC10\config.h and VS 2015
   Add autogen.sh to distrib
   Add configure maintainer mode

13 files changed, 189 insertions, 32 deletions

diff --git a/textproc/libxml2/Makefile b/textproc/libxml2/Makefile
index c33c27dc9b5..002fcb6511e 100644
--- a/textproc/libxml2/Makefile
+++ b/textproc/libxml2/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.140 2016/02/26 10:32:47 jperkin Exp $
+# $NetBSD: Makefile,v 1.141 2016/05/24 12:00:08 he Exp $
 
-DISTNAME=	libxml2-2.9.3
+DISTNAME=	libxml2-2.9.4
 CATEGORIES=	textproc
 MASTER_SITES=	ftp://xmlsoft.org/libxml2/ \
 		http://xmlsoft.org/sources/
diff --git a/textproc/libxml2/distinfo b/textproc/libxml2/distinfo
index c89fcec8598..f5721178a3d 100644
--- a/textproc/libxml2/distinfo
+++ b/textproc/libxml2/distinfo
@@ -1,12 +1,16 @@
-$NetBSD: distinfo,v 1.109 2015/11/22 23:49:03 wiz Exp $
+$NetBSD: distinfo,v 1.110 2016/05/24 12:00:08 he Exp $
 
-SHA1 (libxml2-2.9.3.tar.gz) = 0301ce933637e0ceda049047dbefd18714f59b6e
-RMD160 (libxml2-2.9.3.tar.gz) = 8ffed136daaf3595c306b76c5600ce67b5984e61
-SHA512 (libxml2-2.9.3.tar.gz) = 078afa65229de4f23e6538767253fb4f9f61d96cb72e445179c71d536b224d54922f22972a2b71434796f83f8c99f6a46c3b8813cb4582ad9fca696d141e0abb
-Size (libxml2-2.9.3.tar.gz) = 5477112 bytes
-SHA1 (patch-aa) = 7d1213079cc78c9a28476c49f1283ab1c6af3b34
-SHA1 (patch-ab) = bf8983fcde35edf0e450209bf07f0fa628f7bd9e
-SHA1 (patch-ac) = 015a5903a86793bd770f16f251b94e5b2562b3f7
-SHA1 (patch-ad) = fe255e93f9aefd5403d646cd45d9fbdcbd100bd6
-SHA1 (patch-ae) = d479d5a0c8b906de3cbe1c30b100c6f8b1bb9c43
-SHA1 (patch-ag) = f037f13ccc4047d4bf824a2091e60ac89b172558
+SHA1 (libxml2-2.9.4.tar.gz) = 958ae70baf186263a4bd801a81dd5d682aedd1db
+RMD160 (libxml2-2.9.4.tar.gz) = bb59656e0683d64a38a2f1a45ca9d918837e1e56
+SHA512 (libxml2-2.9.4.tar.gz) = f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9
+Size (libxml2-2.9.4.tar.gz) = 5374830 bytes
+SHA1 (patch-aa) = e687eaa9805b855b0c8a944ec5c597bd34954472
+SHA1 (patch-ab) = 5bb6b5002518538ef8daf42b5220072958efa6a8
+SHA1 (patch-ac) = 34afe787f6012b460a85be993048e133907a1621
+SHA1 (patch-ad) = d65b7e3be9694147e96ce4bb70a1739e2279ba81
+SHA1 (patch-ae) = 4eede9719724f94402e850ee6d6043a74aaf62b2
+SHA1 (patch-encoding.c) = 518515e5cf2b3c3d32ee3377abd78fba8abf998b
+SHA1 (patch-runtest.c) = ec0dc7605ba82ea0da9c4a5c4c9f5d237efd6a66
+SHA1 (patch-testlimits.c) = 951e395dde957df7b1b012146ccb46e3e1f6b485
+SHA1 (patch-timsort.h) = 10bf93d92457bd74fd0004400ee47381e96706d8
+SHA1 (patch-xmlIO.c) = b8bd8baa8ddbccf321c16ec548e9a9f3e44a83d5
diff --git a/textproc/libxml2/patches/patch-aa b/textproc/libxml2/patches/patch-aa
index 871e2af38be..6573c530585 100644
--- a/textproc/libxml2/patches/patch-aa
+++ b/textproc/libxml2/patches/patch-aa
@@ -1,4 +1,6 @@
-$NetBSD: patch-aa,v 1.28 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-aa,v 1.29 2016/05/24 12:00:08 he Exp $
+
+Move EXAMPLES_DIR to fit pkgsrc.
 
 --- Makefile.in.orig	2014-10-16 07:35:13.000000000 +0000
 +++ Makefile.in
diff --git a/textproc/libxml2/patches/patch-ab b/textproc/libxml2/patches/patch-ab
index 6f5ca6c3d4f..ec6e6ed0faf 100644
--- a/textproc/libxml2/patches/patch-ab
+++ b/textproc/libxml2/patches/patch-ab
@@ -1,4 +1,10 @@
-$NetBSD: patch-ab,v 1.28 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ab,v 1.29 2016/05/24 12:00:08 he Exp $
+
+Various configure fixes:
+ * Add run-path to XML_LIBDIR
+ * Fix handling of pthreads
+ * Add portability to OpenBSD, MirBSD, FreeBSD, NetBSD and DragonFly
+ * Fix test for SAX
 
 --- configure.orig	2014-10-16 07:35:12.000000000 +0000
 +++ configure
diff --git a/textproc/libxml2/patches/patch-ac b/textproc/libxml2/patches/patch-ac
index 0af00c13f5f..5a988fad232 100644
--- a/textproc/libxml2/patches/patch-ac
+++ b/textproc/libxml2/patches/patch-ac
@@ -1,4 +1,6 @@
-$NetBSD: patch-ac,v 1.8 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ac,v 1.9 2016/05/24 12:00:08 he Exp $
+
+Parametrize XML and SGML catalog directories.
 
 --- catalog.c.orig	2014-10-03 11:28:05.000000000 +0000
 +++ catalog.c
diff --git a/textproc/libxml2/patches/patch-ad b/textproc/libxml2/patches/patch-ad
index ad1ca8f88b7..812399cd405 100644
--- a/textproc/libxml2/patches/patch-ad
+++ b/textproc/libxml2/patches/patch-ad
@@ -1,4 +1,6 @@
-$NetBSD: patch-ad,v 1.18 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ad,v 1.19 2016/05/24 12:00:08 he Exp $
+
+Parametrize SGML catalog directory.
 
 --- xmlcatalog.c.orig	2014-10-03 11:28:06.000000000 +0000
 +++ xmlcatalog.c
diff --git a/textproc/libxml2/patches/patch-ae b/textproc/libxml2/patches/patch-ae
index c9141e779c7..2ec1375d717 100644
--- a/textproc/libxml2/patches/patch-ae
+++ b/textproc/libxml2/patches/patch-ae
@@ -1,4 +1,6 @@
-$NetBSD: patch-ae,v 1.14 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ae,v 1.15 2016/05/24 12:00:08 he Exp $
+
+Don't install html files.
 
 --- doc/examples/Makefile.in.orig	2014-10-16 07:35:13.000000000 +0000
 +++ doc/examples/Makefile.in
diff --git a/textproc/libxml2/patches/patch-ag b/textproc/libxml2/patches/patch-ag
deleted file mode 100644
index d64050c8437..00000000000
--- a/textproc/libxml2/patches/patch-ag
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD: patch-ag,v 1.12 2015/04/24 11:32:29 spz Exp $
-
---- encoding.c.orig	2014-10-03 11:53:06.000000000 +0000
-+++ encoding.c
-@@ -1433,6 +1433,9 @@ xmlInitCharEncodingHandlers(void) {
-     xmlRegisterCharEncodingHandlersISO8859x ();
- #endif
- #endif
-+#ifdef __NetBSD__ /* XXX needed by selftest */
-+    xmlAddEncodingAlias("CP1141", "IBM-1141");
-+#endif
- 
- }
- 
diff --git a/textproc/libxml2/patches/patch-encoding.c b/textproc/libxml2/patches/patch-encoding.c
new file mode 100644
index 00000000000..7cef5ae7ff6
--- /dev/null
+++ b/textproc/libxml2/patches/patch-encoding.c
@@ -0,0 +1,64 @@
+$NetBSD: patch-encoding.c,v 1.1 2016/05/24 12:00:08 he Exp $
+
+Avoid potential undefined behaviour by casting arg to toupper()
+to an appropriate value range.
+
+Also, on NetBSD, add CP1141 encoding alias.
+
+--- encoding.c.orig	2016-05-23 07:25:25.000000000 +0000
++++ encoding.c
+@@ -1018,7 +1018,7 @@ xmlGetEncodingAlias(const char *alias) {
+ 	return(NULL);
+ 
+     for (i = 0;i < 99;i++) {
+-        upper[i] = toupper(alias[i]);
++        upper[i] = toupper((unsigned char)alias[i]);
+ 	if (upper[i] == 0) break;
+     }
+     upper[i] = 0;
+@@ -1053,7 +1053,7 @@ xmlAddEncodingAlias(const char *name, co
+ 	return(-1);
+ 
+     for (i = 0;i < 99;i++) {
+-        upper[i] = toupper(alias[i]);
++        upper[i] = toupper((unsigned char)alias[i]);
+ 	if (upper[i] == 0) break;
+     }
+     upper[i] = 0;
+@@ -1155,7 +1155,7 @@ xmlParseCharEncoding(const char* name)
+ 	name = alias;
+ 
+     for (i = 0;i < 499;i++) {
+-        upper[i] = toupper(name[i]);
++        upper[i] = toupper((unsigned char)name[i]);
+ 	if (upper[i] == 0) break;
+     }
+     upper[i] = 0;
+@@ -1331,7 +1331,7 @@ xmlNewCharEncodingHandler(const char *na
+ 	return(NULL);
+     }
+     for (i = 0;i < 499;i++) {
+-        upper[i] = toupper(name[i]);
++        upper[i] = toupper((unsigned char)name[i]);
+ 	if (upper[i] == 0) break;
+     }
+     upper[i] = 0;
+@@ -1433,6 +1433,9 @@ xmlInitCharEncodingHandlers(void) {
+     xmlRegisterCharEncodingHandlersISO8859x ();
+ #endif
+ #endif
++#ifdef __NetBSD__ /* XXX needed by selftest */
++    xmlAddEncodingAlias("CP1141", "IBM-1141");
++#endif
+ 
+ }
+ 
+@@ -1660,7 +1663,7 @@ xmlFindCharEncodingHandler(const char *n
+      * Check first for directly registered encoding names
+      */
+     for (i = 0;i < 99;i++) {
+-        upper[i] = toupper(name[i]);
++        upper[i] = toupper((unsigned char)name[i]);
+ 	if (upper[i] == 0) break;
+     }
+     upper[i] = 0;
diff --git a/textproc/libxml2/patches/patch-runtest.c b/textproc/libxml2/patches/patch-runtest.c
new file mode 100644
index 00000000000..9bad4766411
--- /dev/null
+++ b/textproc/libxml2/patches/patch-runtest.c
@@ -0,0 +1,16 @@
+$NetBSD$
+
+Since this is built with C90, and %zu isn't supported then, cast
+the size_t argument to long to match the format.
+
+--- runtest.c.orig	2016-05-23 07:25:25.000000000 +0000
++++ runtest.c
+@@ -688,7 +688,7 @@ static int compareFileMem(const char *fi
+     }
+     if (info.st_size != size) {
+         fprintf(stderr, "file %s is %ld bytes, result is %d bytes\n",
+-	        filename, info.st_size, size);
++	        filename, (long)info.st_size, size);
+         return(-1);
+     }
+     fd = open(filename, RD_FLAGS);
diff --git a/textproc/libxml2/patches/patch-testlimits.c b/textproc/libxml2/patches/patch-testlimits.c
new file mode 100644
index 00000000000..f841cb82d32
--- /dev/null
+++ b/textproc/libxml2/patches/patch-testlimits.c
@@ -0,0 +1,42 @@
+$NetBSD$
+
+Since this is built with C90, and %zu isn't supported then, cast
+the size_t argument to unsigned long to match the format.
+
+--- testlimits.c.orig	2016-02-09 10:17:34.000000000 +0000
++++ testlimits.c
+@@ -1284,13 +1284,14 @@ saxTest(const char *filename, size_t lim
+         if (fail)
+             res = 0;
+         else {
+-            fprintf(stderr, "Failed to parse '%s' %lu\n", filename, limit);
++            fprintf(stderr, "Failed to parse '%s' %lu\n", filename,
++		    (unsigned long)limit);
+             res = 1;
+         }
+     } else {
+         if (fail) {
+             fprintf(stderr, "Failed to get failure for '%s' %lu\n",
+-                    filename, limit);
++                    filename, (unsigned long)limit);
+             res = 1;
+         } else
+             res = 0;
+@@ -1339,7 +1340,7 @@ readerTest(const char *filename, size_t 
+                         filename, crazy_indx);
+             else
+                 fprintf(stderr, "Failed to parse '%s' %lu\n",
+-                        filename, limit);
++                        filename, (unsigned long)limit);
+             res = 1;
+         }
+     } else {
+@@ -1349,7 +1350,7 @@ readerTest(const char *filename, size_t 
+                         filename, crazy_indx);
+             else
+                 fprintf(stderr, "Failed to get failure for '%s' %lu\n",
+-                        filename, limit);
++                        filename, (unsigned long)limit);
+             res = 1;
+         } else
+             res = 0;
diff --git a/textproc/libxml2/patches/patch-timsort.h b/textproc/libxml2/patches/patch-timsort.h
new file mode 100644
index 00000000000..0a5ef3f01b1
--- /dev/null
+++ b/textproc/libxml2/patches/patch-timsort.h
@@ -0,0 +1,15 @@
+$NetBSD$
+
+Cast argument (gcc says "unsigned int") to match %lu format.
+
+--- timsort.h.orig	2016-02-09 10:17:34.000000000 +0000
++++ timsort.h
+@@ -323,7 +323,7 @@ static void TIM_SORT_RESIZE(TEMP_STORAGE
+     SORT_TYPE *tempstore = (SORT_TYPE *)realloc(store->storage, new_size * sizeof(SORT_TYPE));
+     if (tempstore == NULL)
+     {
+-      fprintf(stderr, "Error allocating temporary storage for tim sort: need %lu bytes", sizeof(SORT_TYPE) * new_size);
++      fprintf(stderr, "Error allocating temporary storage for tim sort: need %lu bytes", (unsigned long)(sizeof(SORT_TYPE) * new_size));
+       exit(1);
+     }
+     store->storage = tempstore;
diff --git a/textproc/libxml2/patches/patch-xmlIO.c b/textproc/libxml2/patches/patch-xmlIO.c
new file mode 100644
index 00000000000..7079727e8b9
--- /dev/null
+++ b/textproc/libxml2/patches/patch-xmlIO.c
@@ -0,0 +1,16 @@
+$NetBSD$
+
+Since this is built with C90, and %zu isn't supported then, cast
+the size_t argument to unsigned long to match the format.
+
+--- xmlIO.c.orig	2016-05-23 07:25:25.000000000 +0000
++++ xmlIO.c
+@@ -1674,7 +1674,7 @@ xmlZMemBuffExtend( xmlZMemBuffPtr buff, 
+ 	xmlStrPrintf(msg, 500,
+ 		    "xmlZMemBuffExtend:  %s %lu bytes.\n",
+ 		    "Allocation failure extending output buffer to",
+-		    new_size );
++		    (unsigned long)new_size );
+ 	xmlIOErr(XML_IO_WRITE, (const char *) msg);
+     }
+