diff options
author | Michael Stahl <Michael.Stahl@cib.de> | 2019-11-20 15:08:24 +0100 |
---|---|---|
committer | Michael Stahl <michael.stahl@cib.de> | 2019-11-21 12:34:34 +0100 |
commit | e9ea24cc004a8b9a5856f2f268bd40433c504db1 (patch) | |
tree | df6fa3f015a5c5c03c5020e0664433f0c58427b3 /external | |
parent | 342a5890dbcddccb4013e201e3ff3d9e6967e733 (diff) |
libxslt: upgrade to release 1.1.34
Fixes CVE-2019-18197.
Remove obsolete e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1.
Change-Id: I95cf498e245083528f98bfef8cdd240bbe2211b9
Reviewed-on: https://gerrit.libreoffice.org/83312
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
Diffstat (limited to 'external')
5 files changed, 83 insertions, 134 deletions
diff --git a/external/libxslt/UnpackedTarball_libxslt.mk b/external/libxslt/UnpackedTarball_libxslt.mk index beb591b8b2a8..b035e99f0a79 100644 --- a/external/libxslt/UnpackedTarball_libxslt.mk +++ b/external/libxslt/UnpackedTarball_libxslt.mk @@ -19,7 +19,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,libxslt,\ external/libxslt/libxslt-msvc.patch.2 \ external/libxslt/libxslt-1.1.26-memdump.patch \ external/libxslt/rpath.patch.0 \ - external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 \ + external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 \ )) # vim: set noet sw=4 ts=4: diff --git a/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 b/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 deleted file mode 100644 index 260f35d1a35e..000000000000 --- a/external/libxslt/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch.1 +++ /dev/null @@ -1,120 +0,0 @@ -From e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Sun, 24 Mar 2019 09:51:39 +0100 -Subject: [PATCH] Fix security framework bypass - -xsltCheckRead and xsltCheckWrite return -1 in case of error but callers -don't check for this condition and allow access. With a specially -crafted URL, xsltCheckRead could be tricked into returning an error -because of a supposedly invalid URL that would still be loaded -succesfully later on. - -Fixes #12. - -Thanks to Felix Wilhelm for the report. ---- - libxslt/documents.c | 18 ++++++++++-------- - libxslt/imports.c | 9 +++++---- - libxslt/transform.c | 9 +++++---- - libxslt/xslt.c | 9 +++++---- - 4 files changed, 25 insertions(+), 20 deletions(-) - -diff --git a/libxslt/documents.c b/libxslt/documents.c -index 3f3a7312..4aad11bb 100644 ---- a/libxslt/documents.c -+++ b/libxslt/documents.c -@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) { - int res; - - res = xsltCheckRead(ctxt->sec, ctxt, URI); -- if (res == 0) { -- xsltTransformError(ctxt, NULL, NULL, -- "xsltLoadDocument: read rights for %s denied\n", -- URI); -+ if (res <= 0) { -+ if (res == 0) -+ xsltTransformError(ctxt, NULL, NULL, -+ "xsltLoadDocument: read rights for %s denied\n", -+ URI); - return(NULL); - } - } -@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) { - int res; - - res = xsltCheckRead(sec, NULL, URI); -- if (res == 0) { -- xsltTransformError(NULL, NULL, NULL, -- "xsltLoadStyleDocument: read rights for %s denied\n", -- URI); -+ if (res <= 0) { -+ if (res == 0) -+ xsltTransformError(NULL, NULL, NULL, -+ "xsltLoadStyleDocument: read rights for %s denied\n", -+ URI); - return(NULL); - } - } -diff --git a/libxslt/imports.c b/libxslt/imports.c -index 874870cc..3783b247 100644 ---- a/libxslt/imports.c -+++ b/libxslt/imports.c -@@ -130,10 +130,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) { - int secres; - - secres = xsltCheckRead(sec, NULL, URI); -- if (secres == 0) { -- xsltTransformError(NULL, NULL, NULL, -- "xsl:import: read rights for %s denied\n", -- URI); -+ if (secres <= 0) { -+ if (secres == 0) -+ xsltTransformError(NULL, NULL, NULL, -+ "xsl:import: read rights for %s denied\n", -+ URI); - goto error; - } - } -diff --git a/libxslt/transform.c b/libxslt/transform.c -index 13793914..0636dbd0 100644 ---- a/libxslt/transform.c -+++ b/libxslt/transform.c -@@ -3493,10 +3493,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node, - */ - if (ctxt->sec != NULL) { - ret = xsltCheckWrite(ctxt->sec, ctxt, filename); -- if (ret == 0) { -- xsltTransformError(ctxt, NULL, inst, -- "xsltDocumentElem: write rights for %s denied\n", -- filename); -+ if (ret <= 0) { -+ if (ret == 0) -+ xsltTransformError(ctxt, NULL, inst, -+ "xsltDocumentElem: write rights for %s denied\n", -+ filename); - xmlFree(URL); - xmlFree(filename); - return; -diff --git a/libxslt/xslt.c b/libxslt/xslt.c -index 780a5ad7..a234eb79 100644 ---- a/libxslt/xslt.c -+++ b/libxslt/xslt.c -@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) { - int res; - - res = xsltCheckRead(sec, NULL, filename); -- if (res == 0) { -- xsltTransformError(NULL, NULL, NULL, -- "xsltParseStylesheetFile: read rights for %s denied\n", -- filename); -+ if (res <= 0) { -+ if (res == 0) -+ xsltTransformError(NULL, NULL, NULL, -+ "xsltParseStylesheetFile: read rights for %s denied\n", -+ filename); - return(NULL); - } - } --- -2.18.1 - diff --git a/external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 b/external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 new file mode 100644 index 000000000000..f82c2e4f77ee --- /dev/null +++ b/external/libxslt/e2584eed1c84c18f16e42188c30d2c3d8e3e8853.patch.1 @@ -0,0 +1,69 @@ +From e2584eed1c84c18f16e42188c30d2c3d8e3e8853 Mon Sep 17 00:00:00 2001 +From: Chun-wei Fan <fanchunwei@src.gnome.org> +Date: Tue, 12 Nov 2019 17:37:05 +0800 +Subject: [PATCH] win32: Add configuration for profiler + +Without this the generated xsltconfig.h will not be complete as there +will be a configuration variable that is left in the header, breaking +builds. + +This will allow one to enable or disable profiler support in Windows +builds, and the default is to enable this. +--- + win32/configure.js | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/win32/configure.js b/win32/configure.js +index 56694cce..12c99f30 100644 +--- a/win32/configure.js ++++ b/win32/configure.js +@@ -47,6 +47,7 @@ var withIconv = true; + var withZlib = false; + var withCrypto = true; + var withModules = false; ++var withProfiler = true; + /* Win32 build options. */ + var dirSep = "\\"; + var compiler = "msvc"; +@@ -106,6 +107,7 @@ function usage() + txt += " zlib: Use zlib library (" + (withZlib? "yes" : "no") + ")\n"; + txt += " crypto: Enable Crypto support (" + (withCrypto? "yes" : "no") + ")\n"; + txt += " modules: Enable Module support (" + (withModules? "yes" : "no") + ")\n"; ++ txt += " profiler: Enable Profiler support (" + (withProfiler? "yes" : "no") + ")\n"; + txt += "\nWin32 build options, default value given in parentheses:\n\n"; + txt += " compiler: Compiler to be used [msvc|mingw] (" + compiler + ")\n"; + txt += " cruntime: C-runtime compiler option (only msvc) (" + cruntime + ")\n"; +@@ -192,6 +194,7 @@ function discoverVersion() + vf.WriteLine("WITH_ZLIB=" + (withZlib? "1" : "0")); + vf.WriteLine("WITH_CRYPTO=" + (withCrypto? "1" : "0")); + vf.WriteLine("WITH_MODULES=" + (withModules? "1" : "0")); ++ vf.WriteLine("WITH_PROFILER=" + (withProfiler? "1" : "0")); + vf.WriteLine("DEBUG=" + (buildDebug? "1" : "0")); + vf.WriteLine("STATIC=" + (buildStatic? "1" : "0")); + vf.WriteLine("PREFIX=" + buildPrefix); +@@ -240,6 +243,8 @@ function configureXslt() + of.WriteLine(s.replace(/\@WITH_DEBUGGER\@/, withDebugger? "1" : "0")); + } else if (s.search(/\@WITH_MODULES\@/) != -1) { + of.WriteLine(s.replace(/\@WITH_MODULES\@/, withModules? "1" : "0")); ++ } else if (s.search(/\@WITH_PROFILER\@/) != -1) { ++ of.WriteLine(s.replace(/\@WITH_PROFILER\@/, withProfiler? "1" : "0")); + } else if (s.search(/\@LIBXSLT_DEFAULT_PLUGINS_PATH\@/) != -1) { + of.WriteLine(s.replace(/\@LIBXSLT_DEFAULT_PLUGINS_PATH\@/, "NULL")); + } else +@@ -343,6 +348,8 @@ for (i = 0; (i < WScript.Arguments.length) && (error == 0); i++) { + withCrypto = strToBool(arg.substring(opt.length + 1, arg.length)); + else if (opt == "modules") + withModules = strToBool(arg.substring(opt.length + 1, arg.length)); ++ else if (opt == "profiler") ++ withProfiler = strToBool(arg.substring(opt.length + 1, arg.length)); + else if (opt == "compiler") + compiler = arg.substring(opt.length + 1, arg.length); + else if (opt == "cruntime") +@@ -477,6 +484,7 @@ txtOut += " Use iconv: " + boolToStr(withIconv) + "\n"; + txtOut += " With zlib: " + boolToStr(withZlib) + "\n"; + txtOut += " Crypto: " + boolToStr(withCrypto) + "\n"; + txtOut += " Modules: " + boolToStr(withModules) + "\n"; ++txtOut += " Profiler: " + boolToStr(withProfiler) + "\n"; + txtOut += "\n"; + txtOut += "Win32 build configuration\n"; + txtOut += "-------------------------\n"; diff --git a/external/libxslt/libxslt-config.patch.1 b/external/libxslt/libxslt-config.patch.1 index 5f9d107bd1e7..e4ce5d9e27cf 100644 --- a/external/libxslt/libxslt-config.patch.1 +++ b/external/libxslt/libxslt-config.patch.1 @@ -23,13 +23,13 @@ Hack the xslt-config to return paths into WORKDIR. usage() { -@@ -89,7 +95,8 @@ - shift - done +@@ -92,7 +98,8 @@ + libs="@XSLT_LIBDIR@ $libs" + fi --the_libs="@XSLT_LIBDIR@ @XSLT_LIBS@ @EXTRA_LIBS@" -+#the_libs="@XSLT_LIBDIR@ @XSLT_LIBS@ @EXTRA_LIBS@" -+the_libs="-L${libdir}/libxslt/.libs -L${libdir}/libexslt/.libs -lxslt -lm" - if test "$includedir" != "/usr/include"; then - the_flags="$the_flags -I$includedir `@XML_CONFIG@ --cflags`" - else +- libs="$libs @EXTRA_LIBS@" ++ #libs="$libs @EXTRA_LIBS@" ++ libs="-L${libdir}/libxslt/.libs -L${libdir}/libexslt/.libs -lxslt -lm" + ;; + + *) diff --git a/external/libxslt/libxslt-internal-symbols.patch.1 b/external/libxslt/libxslt-internal-symbols.patch.1 index 7b13e1007c00..84a15154d729 100644 --- a/external/libxslt/libxslt-internal-symbols.patch.1 +++ b/external/libxslt/libxslt-internal-symbols.patch.1 @@ -1,13 +1,13 @@ --- xslt/libxslt/libxslt.syms.orig 2017-09-05 16:25:50.504966267 +0200 +++ xslt/libxslt/libxslt.syms 2017-09-05 16:41:00.256895709 +0200 @@ -497,5 +497,10 @@ - # xsltInternals - xsltFlagRVTs; - xsltDecimalFormatGetByQName; + + # pattern + xsltCompMatchClearCache; + +# Solaris ld needs explicit auto-reduction (or, alternatively, "-B local") + local: + *; + - } LIBXML2_1.1.27; + } LIBXML2_1.1.30; |