Date: Mon, 29 Aug 2016 06:20:13 +0000 (UTC) From: Koop Mast <kwm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r421043 - in branches/2016Q3/textproc: libxml2 libxml2/files py-libxml2 py3-libxml2 Message-ID: <201608290620.u7T6KD6S069564@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kwm Date: Mon Aug 29 06:20:13 2016 New Revision: 421043 URL: https://svnweb.freebsd.org/changeset/ports/421043 Log: MFH: r421031 Update libxml2 to 2.9.4. Add license block. Pull extra patch to fix NULL pointer deref. [1] Changelog: https://mail.gnome.org/archives/xml/2016-May/msg00023.html PR: 209806 Submitted by: pi@ Obtained from: upstream [1] Security: e195679d-045b-4953-bb33-be0073ba2ac6 Approved by: ports-secteam (junovitch@) Added: branches/2016Q3/textproc/libxml2/files/patch-d8083bf - copied unchanged from r421031, head/textproc/libxml2/files/patch-d8083bf Modified: branches/2016Q3/textproc/libxml2/Makefile branches/2016Q3/textproc/libxml2/distinfo branches/2016Q3/textproc/py-libxml2/Makefile branches/2016Q3/textproc/py3-libxml2/Makefile Directory Properties: branches/2016Q3/ (props changed) Modified: branches/2016Q3/textproc/libxml2/Makefile ============================================================================== --- branches/2016Q3/textproc/libxml2/Makefile Mon Aug 29 03:52:02 2016 (r421042) +++ branches/2016Q3/textproc/libxml2/Makefile Mon Aug 29 06:20:13 2016 (r421043) @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= libxml2 -PORTVERSION= 2.9.3 +PORTVERSION= 2.9.4 PORTREVISION?= 0 CATEGORIES?= textproc gnome MASTER_SITES= ftp://xmlsoft.org/libxml2/ \ @@ -13,6 +13,9 @@ DIST_SUBDIR= gnome2 MAINTAINER?= gnome@FreeBSD.org COMMENT?= XML parser library for GNOME +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/COPYING + .if !defined(REFERENCE_PORT) GNU_CONFIGURE= yes Modified: branches/2016Q3/textproc/libxml2/distinfo ============================================================================== --- branches/2016Q3/textproc/libxml2/distinfo Mon Aug 29 03:52:02 2016 (r421042) +++ branches/2016Q3/textproc/libxml2/distinfo Mon Aug 29 06:20:13 2016 (r421043) @@ -1,2 +1,3 @@ -SHA256 (gnome2/libxml2-2.9.3.tar.gz) = 4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d -SIZE (gnome2/libxml2-2.9.3.tar.gz) = 5477112 +TIMESTAMP = 1472161994 +SHA256 (gnome2/libxml2-2.9.4.tar.gz) = ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c +SIZE (gnome2/libxml2-2.9.4.tar.gz) = 5374830 Copied: branches/2016Q3/textproc/libxml2/files/patch-d8083bf (from r421031, head/textproc/libxml2/files/patch-d8083bf) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2016Q3/textproc/libxml2/files/patch-d8083bf Mon Aug 29 06:20:13 2016 (r421043, copy of r421031, head/textproc/libxml2/files/patch-d8083bf) @@ -0,0 +1,57 @@ +From d8083bf77955b7879c1290f0c0a24ab8cc70f7fb Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Sat, 25 Jun 2016 12:35:50 +0200 +Subject: Fix NULL pointer deref in XPointer range-to + +- Check for errors after evaluating first operand. +- Add sanity check for empty stack. + +Found with afl-fuzz. +--- + result/XPath/xptr/viderror | 4 ++++ + test/XPath/xptr/viderror | 1 + + xpath.c | 7 ++++++- + 3 files changed, 11 insertions(+), 1 deletion(-) + create mode 100644 result/XPath/xptr/viderror + create mode 100644 test/XPath/xptr/viderror + +diff --git a/result/XPath/xptr/viderror b/result/XPath/xptr/viderror +new file mode 100644 +index 0000000..d589882 +--- /dev/null ++++ result/XPath/xptr/viderror +@@ -0,0 +1,4 @@ ++ ++======================== ++Expression: xpointer(non-existing-fn()/range-to(id('chapter2'))) ++Object is empty (NULL) +diff --git a/test/XPath/xptr/viderror b/test/XPath/xptr/viderror +new file mode 100644 +index 0000000..da8c53b +--- /dev/null ++++ test/XPath/xptr/viderror +@@ -0,0 +1 @@ ++xpointer(non-existing-fn()/range-to(id('chapter2'))) +diff --git a/xpath.c b/xpath.c +index 113bce6..751665b 100644 +--- xpath.c ++++ xpath.c +@@ -14005,9 +14005,14 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) + xmlNodeSetPtr oldset; + int i, j; + +- if (op->ch1 != -1) ++ if (op->ch1 != -1) { + total += + xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]); ++ CHECK_ERROR0; ++ } ++ if (ctxt->value == NULL) { ++ XP_ERROR0(XPATH_INVALID_OPERAND); ++ } + if (op->ch2 == -1) + return (total); + +-- +cgit v0.12 + Modified: branches/2016Q3/textproc/py-libxml2/Makefile ============================================================================== --- branches/2016Q3/textproc/py-libxml2/Makefile Mon Aug 29 03:52:02 2016 (r421042) +++ branches/2016Q3/textproc/py-libxml2/Makefile Mon Aug 29 06:20:13 2016 (r421043) @@ -15,7 +15,7 @@ DESCR= ${.CURDIR}/pkg-descr PLIST= ${.CURDIR}/pkg-plist USE_GNOME+= libxml2 -USES+= python:2 +USES+= python:2 gettext-runtime USE_PYTHON= autoplist distutils CPPFLAGS+= `${PYTHON_VERSION}-config --cflags` Modified: branches/2016Q3/textproc/py3-libxml2/Makefile ============================================================================== --- branches/2016Q3/textproc/py3-libxml2/Makefile Mon Aug 29 03:52:02 2016 (r421042) +++ branches/2016Q3/textproc/py3-libxml2/Makefile Mon Aug 29 06:20:13 2016 (r421043) @@ -15,7 +15,7 @@ DESCR= ${.CURDIR}/pkg-descr PLIST= ${.CURDIR}/pkg-plist USE_GNOME+= libxml2 -USES= python:3 +USES= python:3 gettext-runtime USE_PYTHON= autoplist distutils CPPFLAGS+= `${PYTHON_VERSION}-config --cflags`
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201608290620.u7T6KD6S069564>