diff options
Diffstat (limited to 'libxml2')
-rwxr-xr-x | libxml2/libxml2-2.6.31-mingw.patch | 24 | ||||
-rw-r--r-- | libxml2/libxml2-2.6.31.patch | 130 | ||||
-rw-r--r-- | libxml2/makefile.mk | 15 | ||||
-rw-r--r-- | libxml2/prj/build.lst | 2 |
4 files changed, 166 insertions, 5 deletions
diff --git a/libxml2/libxml2-2.6.31-mingw.patch b/libxml2/libxml2-2.6.31-mingw.patch new file mode 100755 index 000000000000..412db5bc244a --- /dev/null +++ b/libxml2/libxml2-2.6.31-mingw.patch @@ -0,0 +1,24 @@ +--- misc/libxml2-2.6.31/configure 2008-01-11 17:01:56.000000000 +0900 ++++ misc/build/libxml2-2.6.31/configure 2009-09-07 20:48:47.656250000 +0900 +@@ -27331,6 +27331,8 @@ + + if test "$with_modules" != "no" ; then + case "$host" in ++ *-*-mingw*) ++ ;; + *-*-cygwin*) + MODULE_EXTENSION=".dll" + { echo "$as_me:$LINENO: checking for dlopen in -lcygwin" >&5 +--- misc/libxml2-2.6.31/libxml.h 2007-11-23 19:47:23.000000000 +0900 ++++ misc/build/libxml2-2.6.31/libxml.h 2009-07-10 14:37:34.988250000 +0900 +@@ -30,6 +30,10 @@ + #include <libxml/xmlversion.h> + #else + #include "config.h" ++#ifdef __MINGW32__ ++#undef HAVE_LIBPTHREAD ++#undef HAVE_PTHREAD_H ++#endif + #include <libxml/xmlversion.h> + #endif + diff --git a/libxml2/libxml2-2.6.31.patch b/libxml2/libxml2-2.6.31.patch index 53f35c1915ee..31fcf72e8479 100644 --- a/libxml2/libxml2-2.6.31.patch +++ b/libxml2/libxml2-2.6.31.patch @@ -165,7 +165,7 @@ ;; --libs) -! echo -L${libdir} ${LIBXML2LIB} ${ZLIB3RDLIB} -lm +! echo -L${libdir} ${LIBXML2LIB} -lm ! # if [ "`uname`" = "Linux" ] ! # then ! # if [ "@XML_LIBDIR@" = "-L/usr/lib" -o "@XML_LIBDIR@" = "-L/usr/lib64" ] @@ -282,3 +282,131 @@ #define LIBXML_DEBUG_RUNTIME #endif +diff -r -cN misc/libxml2-2.6.31/changelog misc/build/libxml2-2.6.31/changelog +*** misc/libxml2-2.6.31/changelog +--- misc/build/libxml2-2.6.31/changelog +*************** +*** 0 **** +--- 1,10 ---- ++ libxml2 (2.6.32.dfsg-5+lenny1) stable-security; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * Fix multiple use-after-free flaws when parsing notation and ++ enumeration attribute types (CVE-2009-2416). ++ * Fix stack overflow when parsing root XML document element DTD ++ definition (CVE-2009-2414). ++ ++ -- Nico Golde <nion@debian.org> Thu, 06 Aug 2009 13:04:00 +0000 ++ +diff -r -cN misc/libxml2-2.6.31/parser.c misc/build/libxml2-2.6.31/parser.c +*** misc/libxml2-2.6.31/parser.c +--- misc/build/libxml2-2.6.31/parser.c +*************** +*** 4752,4761 **** + if (name == NULL) { + xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED, + "Name expected in NOTATION declaration\n"); +! return(ret); + } + cur = xmlCreateEnumeration(name); +! if (cur == NULL) return(ret); + if (last == NULL) ret = last = cur; + else { + last->next = cur; +--- 4752,4766 ---- + if (name == NULL) { + xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED, + "Name expected in NOTATION declaration\n"); +! xmlFreeEnumeration(ret); +! return(NULL); + } + cur = xmlCreateEnumeration(name); +! if (cur == NULL) { +! xmlFreeEnumeration(ret); +! return(NULL); +! } +! + if (last == NULL) ret = last = cur; + else { + last->next = cur; +*************** +*** 4765,4773 **** + } while (RAW == '|'); + if (RAW != ')') { + xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL); +! if ((last != NULL) && (last != ret)) +! xmlFreeEnumeration(last); +! return(ret); + } + NEXT; + return(ret); +--- 4770,4777 ---- + } while (RAW == '|'); + if (RAW != ')') { + xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL); +! xmlFreeEnumeration(ret); +! return(NULL); + } + NEXT; + return(ret); +*************** +*** 4808,4814 **** + } + cur = xmlCreateEnumeration(name); + xmlFree(name); +! if (cur == NULL) return(ret); + if (last == NULL) ret = last = cur; + else { + last->next = cur; +--- 4812,4822 ---- + } + cur = xmlCreateEnumeration(name); + xmlFree(name); +! if (cur == NULL) { +! xmlFreeEnumeration(ret); +! return(NULL); +! } +! + if (last == NULL) ret = last = cur; + else { + last->next = cur; +*************** +*** 5206,5211 **** +--- 5214,5226 ---- + const xmlChar *elem; + xmlChar type = 0; + ++ if (ctxt->depth > 128) { ++ xmlFatalErrMsgInt(ctxt, XML_ERR_ELEMCONTENT_NOT_FINISHED, ++ "xmlParseElementChildrenContentDecl : depth %d too deep\n", ++ ctxt->depth); ++ return(NULL); ++ } ++ + SKIP_BLANKS; + GROW; + if (RAW == '(') { +*************** +*** 5214,5220 **** +--- 5229,5237 ---- + /* Recurse on first child */ + NEXT; + SKIP_BLANKS; ++ ctxt->depth++; + cur = ret = xmlParseElementChildrenContentDecl(ctxt, inputid); ++ ctxt->depth--; + SKIP_BLANKS; + GROW; + } else { +*************** +*** 5344,5350 **** +--- 5361,5369 ---- + /* Recurse on second child */ + NEXT; + SKIP_BLANKS; ++ ctxt->depth++; + last = xmlParseElementChildrenContentDecl(ctxt, inputid); ++ ctxt->depth--; + SKIP_BLANKS; + } else { + elem = xmlParseName(ctxt); diff --git a/libxml2/makefile.mk b/libxml2/makefile.mk index 7ae2265271b8..a9c2336b16cc 100644 --- a/libxml2/makefile.mk +++ b/libxml2/makefile.mk @@ -59,9 +59,18 @@ PATCH_FILES=$(TARFILE_NAME).patch .IF "$(OS)"=="WNT" .IF "$(COM)"=="GCC" +PATCH_FILES+=$(TARFILE_NAME)-mingw.patch +xml2_CC=$(CC) +.IF "$(MINGW_SHARED_GCCLIB)"=="YES" +xml2_CC+=-shared-libgcc +.ENDIF +xml2_LIBS=-lws2_32 -lmingwthrd +.IF "$(MINGW_SHARED_GXXLIB)"=="YES" +xml2_LIBS+=-lstdc++_s +.ENDIF CONFIGURE_DIR= CONFIGURE_ACTION=.$/configure -CONFIGURE_FLAGS=--enable-ipv6=no --without-python --enable-static=no --without-debug --build=i586-pc-mingw32 --host=i586-pc-mingw32 lt_cv_cc_dll_switch="-shared" CFLAGS=-D_MT LDFLAGS="-no-undefined -Wl,--enable-runtime-pseudo-reloc -L$(ILIB:s/;/ -L/)" LIBS="-lws2_32 -lmingwthrd" OBJDUMP="$(WRAPCMD) objdump" +CONFIGURE_FLAGS=--enable-ipv6=no --without-python --without-zlib --enable-static=no --without-debug --build=i586-pc-mingw32 --host=i586-pc-mingw32 lt_cv_cc_dll_switch="-shared" CC="$(xml2_CC)" CFLAGS=-D_MT LDFLAGS="-no-undefined -Wl,--enable-runtime-pseudo-reloc -L$(ILIB:s/;/ -L/)" LIBS="$(xml2_LIBS)" OBJDUMP="$(WRAPCMD) objdump" BUILD_ACTION=$(GNUMAKE) BUILD_DIR=$(CONFIGURE_DIR) .ELSE @@ -90,10 +99,10 @@ xml2_LDFLAGS+=-Wl,-z,noexecstack CONFIGURE_DIR= .IF "$(OS)"=="OS2" CONFIGURE_ACTION=sh .$/configure -CONFIGURE_FLAGS=--enable-ipv6=no --without-python --enable-static=yes --with-sax1=yes ADDCFLAGS="$(xml2_CFLAGS)" CFLAGS="$(EXTRA_CFLAGS)" LDFLAGS="$(xml2_LDFLAGS) $(EXTRA_LINKFLAGS)" +CONFIGURE_FLAGS=--enable-ipv6=no --without-python --without-zlib --enable-static=yes --with-sax1=yes ADDCFLAGS="$(xml2_CFLAGS)" CFLAGS="$(EXTRA_CFLAGS)" LDFLAGS="$(xml2_LDFLAGS) $(EXTRA_LINKFLAGS)" .ELSE CONFIGURE_ACTION=.$/configure -CONFIGURE_FLAGS=--enable-ipv6=no --without-python --enable-static=no --with-sax1=yes ADDCFLAGS="$(xml2_CFLAGS) $(EXTRA_CFLAGS)" LDFLAGS="$(xml2_LDFLAGS) $(EXTRA_LINKFLAGS)" +CONFIGURE_FLAGS=--enable-ipv6=no --without-python --without-zlib --enable-static=no --with-sax1=yes ADDCFLAGS="$(xml2_CFLAGS) $(EXTRA_CFLAGS)" LDFLAGS="$(xml2_LDFLAGS) $(EXTRA_LINKFLAGS)" .ENDIF BUILD_ACTION=$(GNUMAKE) BUILD_FLAGS+= -j$(EXTMAXPROCESS) diff --git a/libxml2/prj/build.lst b/libxml2/prj/build.lst index 16c0b0d5e0b0..01d9b3fdee1b 100644 --- a/libxml2/prj/build.lst +++ b/libxml2/prj/build.lst @@ -1,3 +1,3 @@ -lx libxml2 : soltools ZLIB:zlib NULL +lx libxml2 : soltools NULL lx libxml2 usr1 - all lx_mkout NULL lx libxml2 nmake - all lx_libxml2 NULL |