Date: Wed, 16 Jun 2021 15:28:45 GMT From: Gleb Popov <arrowd@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 3d6deee359ce - main - textproc/libxslt: Backport compatibility patches. Message-ID: <202106161528.15GFSjhh029320@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by arrowd: URL: https://cgit.FreeBSD.org/ports/commit/?id=3d6deee359ce10ae7da4bb1ffe40fd0ce312d9b7 commit 3d6deee359ce10ae7da4bb1ffe40fd0ce312d9b7 Author: Daniel Engberg <daniel.engberg.lists@pyret.net> AuthorDate: 2021-06-16 15:17:27 +0000 Commit: Gleb Popov <arrowd@FreeBSD.org> CommitDate: 2021-06-16 15:23:03 +0000 textproc/libxslt: Backport compatibility patches. These patches are required for the new textproc/libxml2. PR: 256617 Reviewed by: arrowd Tested by: arrowd --- textproc/libxslt/Makefile | 36 +++++------ ...git-01-9ae2f94df1721e002941b40665efb762aefcea1a | 37 ++++++++++++ ...git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 | 42 +++++++++++++ ...git-03-77c26bad0433541f486b1e7ced44ca9979376908 | 70 ++++++++++++++++++++++ 4 files changed, 167 insertions(+), 18 deletions(-) diff --git a/textproc/libxslt/Makefile b/textproc/libxslt/Makefile index c9f65f75b241..3f37ccbbf28b 100644 --- a/textproc/libxslt/Makefile +++ b/textproc/libxslt/Makefile @@ -2,39 +2,39 @@ PORTNAME= libxslt DISTVERSION= 1.1.34 -PORTREVISION= 1 -CATEGORIES?= textproc gnome +PORTREVISION= 2 +CATEGORIES= textproc gnome MASTER_SITES= http://xmlsoft.org/sources/ \ https://mirror.umd.edu/xbmc/build-deps/sources/ DIST_SUBDIR= gnome2 -MAINTAINER?= desktop@FreeBSD.org -COMMENT?= The XSLT C library for GNOME +MAINTAINER= desktop@FreeBSD.org +COMMENT= XML stylesheet transformation library -USES+= cpe gmake gnome localbase libtool pathfix +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/COPYING + +USES= cpe gmake gnome localbase libtool pathfix CPE_VENDOR= xmlsoft GNU_CONFIGURE= yes -INSTALL_TARGET= install-strip +USE_GNOME= libxml2 USE_LDCONFIG= yes -USE_GNOME?= libxml2 -CONFIGURE_ARGS?=--with-html-dir=${PREFIX}/share/doc \ - --without-python -LICENSE= MIT +CONFIGURE_ARGS= --with-html-dir=${PREFIX}/share/doc \ + --without-python -.if defined(MASTERDIR) -_SLAVE_PORT= yes -.else +INSTALL_TARGET= install-strip +TEST_TARGET= check -OPTIONS_DEFINE= MEM_DEBUG CRYPTO +OPTIONS_DEFINE= CRYPTO MEM_DEBUG OPTIONS_DEFAULT=CRYPTO + +CRYPTO_DESC= Enable crypto support MEM_DEBUG_DESC= Enable memory debugging -CRYPTO_DESC= Enable crypto support for exslt -.endif -MEM_DEBUG_CONFIGURE_ON= --with-mem-debug -CRYPTO_CONFIGURE_WITH= crypto CRYPTO_LIB_DEPENDS= libgcrypt.so:security/libgcrypt +CRYPTO_CONFIGURE_WITH= crypto +MEM_DEBUG_CONFIGURE_ON= --with-mem-debug post-patch: @${REINPLACE_CMD} -e '/^install-data-am:/ s|install-data-local||' \ diff --git a/textproc/libxslt/files/patch-git-01-9ae2f94df1721e002941b40665efb762aefcea1a b/textproc/libxslt/files/patch-git-01-9ae2f94df1721e002941b40665efb762aefcea1a new file mode 100644 index 000000000000..eca5e6ee4e3b --- /dev/null +++ b/textproc/libxslt/files/patch-git-01-9ae2f94df1721e002941b40665efb762aefcea1a @@ -0,0 +1,37 @@ +From 9ae2f94df1721e002941b40665efb762aefcea1a Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Mon, 17 Aug 2020 03:42:11 +0200 +Subject: [PATCH] Stop using maxParserDepth XPath limit + +This will be removed again from libxml2. +--- + tests/fuzz/fuzz.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c +index f502ca2c..75234ad6 100644 +--- tests/fuzz/fuzz.c ++++ tests/fuzz/fuzz.c +@@ -183,8 +183,7 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + xpctxt = tctxt->xpathCtxt; + + /* Resource limits to avoid timeouts and call stack overflows */ +- xpctxt->maxParserDepth = 15; +- xpctxt->maxDepth = 100; ++ xpctxt->maxDepth = 500; + xpctxt->opLimit = 500000; + + /* Test namespaces used in xpath.xml */ +@@ -317,8 +316,7 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + + static void + xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { +- ctxt->maxParserDepth = 15; +- ctxt->maxDepth = 100; ++ ctxt->maxDepth = 200; + ctxt->opLimit = 100000; + } + +-- +GitLab + diff --git a/textproc/libxslt/files/patch-git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 b/textproc/libxslt/files/patch-git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 new file mode 100644 index 000000000000..77ee92c51427 --- /dev/null +++ b/textproc/libxslt/files/patch-git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 @@ -0,0 +1,42 @@ +From 824657768aea2cce9c23e72ba8085cb5e44350c7 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Mon, 17 Aug 2020 04:27:13 +0200 +Subject: [PATCH] Transfer XPath limits to XPtr context + +Expressions like document('doc.xml#xpointer(evil_expr)') ignored the +XPath limits. +--- + libxslt/functions.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/libxslt/functions.c b/libxslt/functions.c +index b350545a..975ea790 100644 +--- libxslt/functions.c ++++ libxslt/functions.c +@@ -178,10 +178,22 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) + goto out_fragment; + } + ++#if LIBXML_VERSION >= 20911 || \ ++ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) ++ xptrctxt->opLimit = ctxt->context->opLimit; ++ xptrctxt->opCount = ctxt->context->opCount; ++ xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; ++ ++ resObj = xmlXPtrEval(fragment, xptrctxt); ++ ++ ctxt->context->opCount = xptrctxt->opCount; ++#else + resObj = xmlXPtrEval(fragment, xptrctxt); +- xmlXPathFreeContext(xptrctxt); + #endif + ++ xmlXPathFreeContext(xptrctxt); ++#endif /* LIBXML_XPTR_ENABLED */ ++ + if (resObj == NULL) + goto out_fragment; + +-- +GitLab + diff --git a/textproc/libxslt/files/patch-git-03-77c26bad0433541f486b1e7ced44ca9979376908 b/textproc/libxslt/files/patch-git-03-77c26bad0433541f486b1e7ced44ca9979376908 new file mode 100644 index 000000000000..157dd444ba89 --- /dev/null +++ b/textproc/libxslt/files/patch-git-03-77c26bad0433541f486b1e7ced44ca9979376908 @@ -0,0 +1,70 @@ +From 77c26bad0433541f486b1e7ced44ca9979376908 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Wed, 26 Aug 2020 00:34:38 +0200 +Subject: [PATCH] Don't set maxDepth in XPath contexts + +The maximum recursion depth is hardcoded in libxml2 now. +--- + libxslt/functions.c | 2 +- + tests/fuzz/fuzz.c | 11 ++--------- + 2 files changed, 3 insertions(+), 10 deletions(-) + +diff --git a/libxslt/functions.c b/libxslt/functions.c +index 975ea790..7887dda7 100644 +--- libxslt/functions.c ++++ libxslt/functions.c +@@ -182,7 +182,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) + defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) + xptrctxt->opLimit = ctxt->context->opLimit; + xptrctxt->opCount = ctxt->context->opCount; +- xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; ++ xptrctxt->depth = ctxt->context->depth; + + resObj = xmlXPtrEval(fragment, xptrctxt); + +diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c +index 75234ad6..780c2d41 100644 +--- tests/fuzz/fuzz.c ++++ tests/fuzz/fuzz.c +@@ -183,7 +183,6 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + xpctxt = tctxt->xpathCtxt; + + /* Resource limits to avoid timeouts and call stack overflows */ +- xpctxt->maxDepth = 500; + xpctxt->opLimit = 500000; + + /* Test namespaces used in xpath.xml */ +@@ -314,12 +313,6 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + return 0; + } + +-static void +-xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { +- ctxt->maxDepth = 200; +- ctxt->opLimit = 100000; +-} +- + xmlChar * + xsltFuzzXslt(const char *data, size_t size) { + xmlDocPtr xsltDoc; +@@ -349,7 +342,7 @@ xsltFuzzXslt(const char *data, size_t size) { + xmlFreeDoc(xsltDoc); + return NULL; + } +- xsltSetXPathResourceLimits(sheet->xpathCtxt); ++ sheet->xpathCtxt->opLimit = 100000; + sheet->xpathCtxt->opCount = 0; + if (xsltParseStylesheetUser(sheet, xsltDoc) != 0) { + xsltFreeStylesheet(sheet); +@@ -361,7 +354,7 @@ xsltFuzzXslt(const char *data, size_t size) { + xsltSetCtxtSecurityPrefs(sec, ctxt); + ctxt->maxTemplateDepth = 100; + ctxt->opLimit = 20000; +- xsltSetXPathResourceLimits(ctxt->xpathCtxt); ++ ctxt->xpathCtxt->opLimit = 100000; + ctxt->xpathCtxt->opCount = sheet->xpathCtxt->opCount; + + result = xsltApplyStylesheetUser(sheet, doc, NULL, NULL, NULL, ctxt); +-- +GitLab +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202106161528.15GFSjhh029320>