Date: Sun, 28 Aug 2016 19:18:20 +0000 (UTC) From: Koop Mast <kwm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r421031 - in head/textproc: libxml2 libxml2/files py-libxml2 py3-libxml2 Message-ID: <201608281918.u7SJIKrT020302@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kwm Date: Sun Aug 28 19:18:20 2016 New Revision: 421031 URL: https://svnweb.freebsd.org/changeset/ports/421031 Log: Update libxml2 to 2.9.4. Add license block. Pull extra patch to fix NULL pointer deref. [1] Changelog: https://mail.gnome.org/archives/xml/2016-May/msg00023.html PR: 209806 Submitted by: pi@ Obtained from: upstream [1] MFH: 2016Q3 Security: e195679d-045b-4953-bb33-be0073ba2ac6 Added: head/textproc/libxml2/files/patch-d8083bf (contents, props changed) Modified: head/textproc/libxml2/Makefile head/textproc/libxml2/distinfo head/textproc/py-libxml2/Makefile head/textproc/py3-libxml2/Makefile Modified: head/textproc/libxml2/Makefile ============================================================================== --- head/textproc/libxml2/Makefile Sun Aug 28 17:53:49 2016 (r421030) +++ head/textproc/libxml2/Makefile Sun Aug 28 19:18:20 2016 (r421031) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= libxml2 -PORTVERSION= 2.9.3 +PORTVERSION= 2.9.4 PORTREVISION?= 0 CATEGORIES?= textproc gnome MASTER_SITES= ftp://xmlsoft.org/libxml2/ \ @@ -13,6 +13,9 @@ DIST_SUBDIR= gnome2 MAINTAINER?= gnome@FreeBSD.org COMMENT?= XML parser library for GNOME +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/COPYING + .if !defined(REFERENCE_PORT) GNU_CONFIGURE= yes Modified: head/textproc/libxml2/distinfo ============================================================================== --- head/textproc/libxml2/distinfo Sun Aug 28 17:53:49 2016 (r421030) +++ head/textproc/libxml2/distinfo Sun Aug 28 19:18:20 2016 (r421031) @@ -1,2 +1,3 @@ -SHA256 (gnome2/libxml2-2.9.3.tar.gz) = 4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d -SIZE (gnome2/libxml2-2.9.3.tar.gz) = 5477112 +TIMESTAMP = 1472161994 +SHA256 (gnome2/libxml2-2.9.4.tar.gz) = ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c +SIZE (gnome2/libxml2-2.9.4.tar.gz) = 5374830 Added: head/textproc/libxml2/files/patch-d8083bf ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/libxml2/files/patch-d8083bf Sun Aug 28 19:18:20 2016 (r421031) @@ -0,0 +1,57 @@ +From d8083bf77955b7879c1290f0c0a24ab8cc70f7fb Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Sat, 25 Jun 2016 12:35:50 +0200 +Subject: Fix NULL pointer deref in XPointer range-to + +- Check for errors after evaluating first operand. +- Add sanity check for empty stack. + +Found with afl-fuzz. +--- + result/XPath/xptr/viderror | 4 ++++ + test/XPath/xptr/viderror | 1 + + xpath.c | 7 ++++++- + 3 files changed, 11 insertions(+), 1 deletion(-) + create mode 100644 result/XPath/xptr/viderror + create mode 100644 test/XPath/xptr/viderror + +diff --git a/result/XPath/xptr/viderror b/result/XPath/xptr/viderror +new file mode 100644 +index 0000000..d589882 +--- /dev/null ++++ result/XPath/xptr/viderror +@@ -0,0 +1,4 @@ ++ ++======================== ++Expression: xpointer(non-existing-fn()/range-to(id('chapter2'))) ++Object is empty (NULL) +diff --git a/test/XPath/xptr/viderror b/test/XPath/xptr/viderror +new file mode 100644 +index 0000000..da8c53b +--- /dev/null ++++ test/XPath/xptr/viderror +@@ -0,0 +1 @@ ++xpointer(non-existing-fn()/range-to(id('chapter2'))) +diff --git a/xpath.c b/xpath.c +index 113bce6..751665b 100644 +--- xpath.c ++++ xpath.c +@@ -14005,9 +14005,14 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) + xmlNodeSetPtr oldset; + int i, j; + +- if (op->ch1 != -1) ++ if (op->ch1 != -1) { + total += + xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]); ++ CHECK_ERROR0; ++ } ++ if (ctxt->value == NULL) { ++ XP_ERROR0(XPATH_INVALID_OPERAND); ++ } + if (op->ch2 == -1) + return (total); + +-- +cgit v0.12 + Modified: head/textproc/py-libxml2/Makefile ============================================================================== --- head/textproc/py-libxml2/Makefile Sun Aug 28 17:53:49 2016 (r421030) +++ head/textproc/py-libxml2/Makefile Sun Aug 28 19:18:20 2016 (r421031) @@ -15,7 +15,7 @@ DESCR= ${.CURDIR}/pkg-descr PLIST= ${.CURDIR}/pkg-plist USE_GNOME+= libxml2 -USES+= python:2 +USES+= python:2 gettext-runtime USE_PYTHON= autoplist distutils CPPFLAGS+= `${PYTHON_VERSION}-config --cflags` Modified: head/textproc/py3-libxml2/Makefile ============================================================================== --- head/textproc/py3-libxml2/Makefile Sun Aug 28 17:53:49 2016 (r421030) +++ head/textproc/py3-libxml2/Makefile Sun Aug 28 19:18:20 2016 (r421031) @@ -15,7 +15,7 @@ DESCR= ${.CURDIR}/pkg-descr PLIST= ${.CURDIR}/pkg-plist USE_GNOME+= libxml2 -USES= python:3 +USES= python:3 gettext-runtime USE_PYTHON= autoplist distutils CPPFLAGS+= `${PYTHON_VERSION}-config --cflags`
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608281918.u7SJIKrT020302>