rpms/libxml2/F-9 libxml2-2.6.32.entities.patch, NONE, 1.1 libxml2.spec, 1.54, 1.55
Daniel Veillard
veillard at fedoraproject.org
Mon Aug 25 16:04:12 UTC 2008
- Previous message (by thread): rpms/mapnik/F-9 gcc43-warnings.patch, NONE, 1.1 import.log, NONE, 1.1 mapnik-data.license, NONE, 1.1 mapnik.spec, NONE, 1.1 no_date_footer.html, NONE, 1.1 use-system-fonts.patch, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/mapnik/F-8 gcc43-warnings.patch, NONE, 1.1 import.log, NONE, 1.1 mapnik-data.license, NONE, 1.1 mapnik.spec, NONE, 1.1 no_date_footer.html, NONE, 1.1 use-system-fonts.patch, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: veillard
Update of /cvs/pkgs/rpms/libxml2/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1499
Modified Files:
libxml2.spec
Added Files:
libxml2-2.6.32.entities.patch
Log Message:
- fix for entities recursion problem
- Resolve: rhbz#459713
Daniel
libxml2-2.6.32.entities.patch:
--- NEW FILE libxml2-2.6.32.entities.patch ---
Index: include/libxml/parser.h
===================================================================
--- include/libxml/parser.h (revision 3771)
+++ include/libxml/parser.h (working copy)
@@ -297,6 +297,7 @@ struct _xmlParserCtxt {
*/
xmlError lastError;
xmlParserMode parseMode; /* the parser mode */
+ unsigned long nbentities; /* number of entities references */
};
/**
Index: parserInternals.c
===================================================================
--- parserInternals.c (revision 3771)
+++ parserInternals.c (working copy)
@@ -1670,6 +1670,7 @@ xmlInitParserCtxt(xmlParserCtxtPtr ctxt)
ctxt->depth = 0;
ctxt->charset = XML_CHAR_ENCODING_UTF8;
ctxt->catalogs = NULL;
+ ctxt->nbentities = 0;
xmlInitNodeInfoSeq(&ctxt->node_seq);
return(0);
}
Index: SAX2.c
===================================================================
--- SAX2.c (revision 3772)
+++ SAX2.c (working copy)
@@ -580,7 +580,8 @@ xmlSAX2GetEntity(void *ctx, const xmlCha
return(NULL);
}
ret->owner = 1;
- ret->checked = 1;
+ if (ret->checked == 0)
+ ret->checked = 1;
}
return(ret);
}
--- parser.c.orig 2008-04-08 16:47:58.000000000 +0200
+++ parser.c 2008-08-25 17:55:30.000000000 +0200
@@ -2344,7 +2344,7 @@ xmlStringLenDecodeEntities(xmlParserCtxt
return(NULL);
last = str + len;
- if (ctxt->depth > 40) {
+ if ((ctxt->depth > 40) || (ctxt->nbentities >= 500000)) {
xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
return(NULL);
}
@@ -2382,6 +2382,11 @@ xmlStringLenDecodeEntities(xmlParserCtxt
"String decoding Entity Reference: %.30s\n",
str);
ent = xmlParseStringEntityRef(ctxt, &str);
+ if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP)
+ goto int_error;
+ ctxt->nbentities++;
+ if (ent != NULL)
+ ctxt->nbentities += ent->checked;
if ((ent != NULL) &&
(ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
if (ent->content != NULL) {
@@ -2427,6 +2432,11 @@ xmlStringLenDecodeEntities(xmlParserCtxt
xmlGenericError(xmlGenericErrorContext,
"String decoding PE Reference: %.30s\n", str);
ent = xmlParseStringPEReference(ctxt, &str);
+ if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP)
+ goto int_error;
+ ctxt->nbentities++;
+ if (ent != NULL)
+ ctxt->nbentities += ent->checked;
if (ent != NULL) {
if (ent->content == NULL) {
if (xmlLoadEntityContent(ctxt, ent) < 0) {
@@ -2466,6 +2476,7 @@ xmlStringLenDecodeEntities(xmlParserCtxt
mem_error:
xmlErrMemory(ctxt, NULL);
+int_error:
if (rep != NULL)
xmlFree(rep);
if (buffer != NULL)
@@ -3280,6 +3291,9 @@ xmlParseAttValueComplex(xmlParserCtxtPtr
}
} else {
ent = xmlParseEntityRef(ctxt);
+ ctxt->nbentities++;
+ if (ent != NULL)
+ ctxt->nbentities += ent->checked;
if ((ent != NULL) &&
(ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
if (len > buf_size - 10) {
@@ -4566,6 +4580,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt
int isParameter = 0;
xmlChar *orig = NULL;
int skipped;
+ unsigned long oldnbent = ctxt->nbentities;
/* GROW; done in the caller */
if (CMP8(CUR_PTR, '<', '!', 'E', 'N', 'T', 'I', 'T', 'Y')) {
@@ -4783,6 +4798,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt
}
}
if (cur != NULL) {
+ cur->checked = ctxt->nbentities - oldnbent;
if (cur->orig != NULL)
xmlFree(orig);
else
@@ -6189,6 +6205,11 @@ xmlParseReference(xmlParserCtxtPtr ctxt)
if (ent == NULL) return;
if (!ctxt->wellFormed)
return;
+ ctxt->nbentities++;
+ if (ctxt->nbentities >= 500000) {
+ xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
+ return;
+ }
was_checked = ent->checked;
if ((ent->name != NULL) &&
(ent->etype != XML_INTERNAL_PREDEFINED_ENTITY)) {
@@ -6249,6 +6270,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt)
xmlFreeNodeList(list);
}
} else {
+ unsigned long oldnbent = ctxt->nbentities;
/*
* 4.3.2: An internal general parsed entity is well-formed
* if its replacement text matches the production labeled
@@ -6271,6 +6293,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt)
ret = xmlParseBalancedChunkMemoryInternal(ctxt,
value, user_data, &list);
ctxt->depth--;
+
} else if (ent->etype ==
XML_EXTERNAL_GENERAL_PARSED_ENTITY) {
ctxt->depth++;
@@ -6283,6 +6306,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt)
xmlErrMsgStr(ctxt, XML_ERR_INTERNAL_ERROR,
"invalid entity type found\n", NULL);
}
+ ent->checked = ctxt->nbentities - oldnbent;
if (ret == XML_ERR_ENTITY_LOOP) {
xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
return;
@@ -6339,8 +6363,10 @@ xmlParseReference(xmlParserCtxtPtr ctxt)
list = NULL;
}
}
- ent->checked = 1;
+ if (ent->checked == 0)
+ ent->checked = 1;
}
+ ctxt->nbentities += ent->checked;
if (ent->children == NULL) {
/*
@@ -6349,7 +6375,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt)
* though parsing for first checking go though the entity
* content to generate callbacks associated to the entity
*/
- if (was_checked == 1) {
+ if (was_checked != 0) {
void *user_data;
/*
* This is a bit hackish but this seems the best
@@ -11480,7 +11506,7 @@ xmlParseCtxtExternalEntity(xmlParserCtxt
if (ctx == NULL) return(-1);
- if (ctx->depth > 40) {
+ if ((ctx->depth > 40) || (ctx->nbentities >= 500000)) {
return(XML_ERR_ENTITY_LOOP);
}
@@ -11681,7 +11707,8 @@ xmlParseExternalEntityPrivate(xmlDocPtr
xmlChar start[4];
xmlCharEncoding enc;
- if (depth > 40) {
+ if ((depth > 40) ||
+ ((oldctxt != NULL) && (oldctxt->nbentities >= 500000))) {
return(XML_ERR_ENTITY_LOOP);
}
@@ -11824,6 +11851,7 @@ xmlParseExternalEntityPrivate(xmlDocPtr
oldctxt->node_seq.maximum = ctxt->node_seq.maximum;
oldctxt->node_seq.length = ctxt->node_seq.length;
oldctxt->node_seq.buffer = ctxt->node_seq.buffer;
+ oldctxt->nbentities += ctxt->nbentities;
ctxt->node_seq.maximum = 0;
ctxt->node_seq.length = 0;
ctxt->node_seq.buffer = NULL;
@@ -11924,7 +11952,7 @@ xmlParseBalancedChunkMemoryInternal(xmlP
int size;
xmlParserErrors ret = XML_ERR_OK;
- if (oldctxt->depth > 40) {
+ if ((oldctxt->depth > 40) || (oldctxt->nbentities >= 500000)) {
return(XML_ERR_ENTITY_LOOP);
}
@@ -12048,6 +12076,7 @@ xmlParseBalancedChunkMemoryInternal(xmlP
ctxt->myDoc->last = last;
}
+ oldctxt->nbentities += ctxt->nbentities;
ctxt->sax = oldsax;
ctxt->dict = NULL;
ctxt->attsDefault = NULL;
@@ -13363,6 +13392,7 @@ xmlCtxtReset(xmlParserCtxtPtr ctxt)
ctxt->depth = 0;
ctxt->charset = XML_CHAR_ENCODING_UTF8;
ctxt->catalogs = NULL;
+ ctxt->nbentities = 0;
xmlInitNodeInfoSeq(&ctxt->node_seq);
if (ctxt->attsDefault != NULL) {
Index: libxml2.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libxml2/F-9/libxml2.spec,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -r1.54 -r1.55
--- libxml2.spec 15 May 2008 10:47:26 -0000 1.54
+++ libxml2.spec 25 Aug 2008 16:03:41 -0000 1.55
@@ -1,7 +1,7 @@
Summary: Library providing XML and HTML support
Name: libxml2
Version: 2.6.32
-Release: 2%{?dist}%{?extra_release}
+Release: 3%{?dist}%{?extra_release}
License: MIT
Group: Development/Libraries
Source: ftp://xmlsoft.org/libxml2-%{version}.tar.gz
@@ -11,6 +11,7 @@
Prefix: %{_prefix}
Docdir: %{_docdir}
Patch0: multilib.patch
+Patch1: libxml2-2.6.32.entities.patch
%description
This library allows to manipulate XML files. It includes support
@@ -60,6 +61,7 @@
%prep
%setup -q
%patch0 -p1
+%patch1 -p0
%build
%configure
@@ -133,6 +135,10 @@
%doc doc/python.html
%changelog
+* Mon Aug 25 2008 Daniel Veillard <veillard at redhat.com> 2.6.31-3.fc9
+- fix for entities recursion problem
+- Resolve: rhbz#459713
+
* Thu May 15 2008 Daniel Veillard <veillard at redhat.com> 2.6.31-2.fc9
- try to fix multiarch problems like #440206
- Previous message (by thread): rpms/mapnik/F-9 gcc43-warnings.patch, NONE, 1.1 import.log, NONE, 1.1 mapnik-data.license, NONE, 1.1 mapnik.spec, NONE, 1.1 no_date_footer.html, NONE, 1.1 use-system-fonts.patch, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message (by thread): rpms/mapnik/F-8 gcc43-warnings.patch, NONE, 1.1 import.log, NONE, 1.1 mapnik-data.license, NONE, 1.1 mapnik.spec, NONE, 1.1 no_date_footer.html, NONE, 1.1 use-system-fonts.patch, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list