diff options
| author | drochner <drochner@pkgsrc.org> | 2012-01-12 11:25:10 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2012-01-12 11:25:10 +0000 |
| commit | b76d34622c1d1b6b85385e53767e57d8ebfb9e3d (patch) | |
| tree | 795668021381c76927f9acc86a7b5a9502d660a9 /textproc | |
| parent | c0fa1b823eef7e57a29964e23467813bbd501142 (diff) | |
| download | pkgsrc-b76d34622c1d1b6b85385e53767e57d8ebfb9e3d.tar.gz | |
add 2 patches from upstream:
-fix buffer overflow on entity references with long name (CVE-2011-3919)
-fix error handling on realloc() failure
bump PKGREV
Diffstat (limited to 'textproc')
| -rw-r--r-- | textproc/libxml2/Makefile | 4 | ||||
| -rw-r--r-- | textproc/libxml2/distinfo | 4 | ||||
| -rw-r--r-- | textproc/libxml2/patches/patch-al | 35 |
3 files changed, 36 insertions, 7 deletions
diff --git a/textproc/libxml2/Makefile b/textproc/libxml2/Makefile index d802e801707..13447a230a9 100644 --- a/textproc/libxml2/Makefile +++ b/textproc/libxml2/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.110 2011/11/01 19:21:06 spz Exp $ +# $NetBSD: Makefile,v 1.111 2012/01/12 11:25:10 drochner Exp $ DISTNAME= libxml2-2.7.8 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= textproc MASTER_SITES= ftp://xmlsoft.org/libxml2/ \ http://xmlsoft.org/sources/ diff --git a/textproc/libxml2/distinfo b/textproc/libxml2/distinfo index accc6155da4..08e7703cae6 100644 --- a/textproc/libxml2/distinfo +++ b/textproc/libxml2/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.84 2011/11/01 19:21:06 spz Exp $ +$NetBSD: distinfo,v 1.85 2012/01/12 11:25:10 drochner Exp $ SHA1 (libxml2-2.7.8.tar.gz) = 859dd535edbb851cc15b64740ee06551a7a17d40 RMD160 (libxml2-2.7.8.tar.gz) = 30709622cfe3e2175e73d6701b7e19a25ab5ac47 @@ -11,6 +11,6 @@ SHA1 (patch-ae) = b8d8e0275cab3caafd98275ac22b63951fc4b5fd SHA1 (patch-ag) = ab4aeeb8ca696b88285274760ab3ef08800773a0 SHA1 (patch-aj) = 24eb4a08ea4c40be6d75a72cd0bb5280514f73d4 SHA1 (patch-ak) = 5e0e9807d7ae0bc93a5583a61bb88a49ec1751e8 -SHA1 (patch-al) = e5be144291a46c1b5e9720ac9d02c1fb00c6ea20 +SHA1 (patch-al) = a52bde60a5f42758036639f069df64e8ff7e4b11 SHA1 (patch-include_libxml_xpath.h) = 3fc74551a7843668cf9ffee19b1f20ccb674e153 SHA1 (patch-xpointer.c) = fa720fd515bab3f99bb11bf56320b3ad8e5fb211 diff --git a/textproc/libxml2/patches/patch-al b/textproc/libxml2/patches/patch-al index 1e45675c7d1..6e6250b86c9 100644 --- a/textproc/libxml2/patches/patch-al +++ b/textproc/libxml2/patches/patch-al @@ -1,10 +1,39 @@ -$NetBSD: patch-al,v 1.1 2011/06/06 12:09:01 drochner Exp $ +$NetBSD: patch-al,v 1.2 2012/01/12 11:25:10 drochner Exp $ -from gnome git: Fix memory corruption +-from gnome git: Fix some potential problems on reallocation failures +-CVE-2011-3919 +-from gnome git: Fix memory corruption --- parser.c.orig 2010-11-04 15:55:45.000000000 +0000 +++ parser.c -@@ -6992,6 +6992,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) +@@ -1819,15 +1819,14 @@ namePush(xmlParserCtxtPtr ctxt, const xm + + if (ctxt->nameNr >= ctxt->nameMax) { + const xmlChar * *tmp; +- ctxt->nameMax *= 2; + tmp = (const xmlChar * *) xmlRealloc((xmlChar * *)ctxt->nameTab, +- ctxt->nameMax * ++ ctxt->nameMax * 2 * + sizeof(ctxt->nameTab[0])); + if (tmp == NULL) { +- ctxt->nameMax /= 2; + goto mem_error; + } + ctxt->nameTab = tmp; ++ ctxt->nameMax *= 2; + } + ctxt->nameTab[ctxt->nameNr] = value; + ctxt->name = value; +@@ -2709,7 +2708,7 @@ xmlStringLenDecodeEntities(xmlParserCtxt + + buffer[nbchars++] = '&'; + if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) { +- growBuffer(buffer, XML_PARSER_BUFFER_SIZE); ++ growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE); + } + for (;i > 0;i--) + buffer[nbchars++] = *cur++; +@@ -6992,6 +6991,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) ent->owner = 1; while (list != NULL) { list->parent = (xmlNodePtr) ent; |