FreeBSD Bugzilla – Attachment 170093 Details for
Bug 209360
[patch] textproc/expat2: update to 2.1.1
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
expat2.patch (text/plain), 4.40 KB, created by
Tijl Coosemans
on 2016-05-07 12:58:04 UTC
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Tijl Coosemans
Created:
2016-05-07 12:58:04 UTC
Size:
4.40 KB
patch
obsolete
>Index: textproc/expat2/Makefile >=================================================================== >--- textproc/expat2/Makefile (revision 414591) >+++ textproc/expat2/Makefile (working copy) >@@ -2,8 +2,7 @@ > # $FreeBSD$ > > PORTNAME= expat >-PORTVERSION= 2.1.0 >-PORTREVISION= 3 >+PORTVERSION= 2.1.1 > CATEGORIES= textproc > MASTER_SITES= SF > >@@ -12,14 +11,9 @@ COMMENT= XML 1.0 parser written in C > > GNU_CONFIGURE= yes > ALL_TARGET= default >-USES= libtool pathfix >+USES= libtool pathfix tar:bz2 > USE_LDCONFIG= yes > >-EXTRA_PATCHES= ${FILESDIR}/CVE-2015-1283.patch:-p1 >- >-post-patch: >- @${REINPLACE_CMD} -e '/^DESTDIR =/d' ${WRKSRC}/Makefile.in >- > post-stage: > ${LN} -s libexpat.so.1 ${STAGEDIR}${PREFIX}/lib/libexpat.so.6 > >Index: textproc/expat2/distinfo >=================================================================== >--- textproc/expat2/distinfo (revision 414591) >+++ textproc/expat2/distinfo (working copy) >@@ -1,2 +1,2 @@ >-SHA256 (expat-2.1.0.tar.gz) = 823705472f816df21c8f6aa026dd162b280806838bb55b3432b0fb1fcca7eb86 >-SIZE (expat-2.1.0.tar.gz) = 562616 >+SHA256 (expat-2.1.1.tar.bz2) = aff584e5a2f759dcfc6d48671e9529f6afe1e30b0cd6a4cec200cbe3f793de67 >+SIZE (expat-2.1.1.tar.bz2) = 405103 >Index: textproc/expat2/files/CVE-2015-1283.patch >=================================================================== >--- textproc/expat2/files/CVE-2015-1283.patch (revision 414591) >+++ textproc/expat2/files/CVE-2015-1283.patch (nonexistent) >@@ -1,77 +0,0 @@ >-Found at https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c on 2015-07-27. Modified: replaced path parser/expat/lib/xmlparse.c with lib/xmlparse.c. >-diff --git a/lib/xmlparse.c b/lib/xmlparse.c >---- a/lib/xmlparse.c >-+++ b/lib/xmlparse.c >-@@ -1646,29 +1646,40 @@ XML_ParseBuffer(XML_Parser parser, int l >- XmlUpdatePosition(encoding, positionPtr, bufferPtr, &position); >- positionPtr = bufferPtr; >- return result; >- } >- >- void * XMLCALL >- XML_GetBuffer(XML_Parser parser, int len) >- { >-+/* BEGIN MOZILLA CHANGE (sanity check len) */ >-+ if (len < 0) { >-+ errorCode = XML_ERROR_NO_MEMORY; >-+ return NULL; >-+ } >-+/* END MOZILLA CHANGE */ >- switch (ps_parsing) { >- case XML_SUSPENDED: >- errorCode = XML_ERROR_SUSPENDED; >- return NULL; >- case XML_FINISHED: >- errorCode = XML_ERROR_FINISHED; >- return NULL; >- default: ; >- } >- >- if (len > bufferLim - bufferEnd) { >-- /* FIXME avoid integer overflow */ >- int neededSize = len + (int)(bufferEnd - bufferPtr); >-+/* BEGIN MOZILLA CHANGE (sanity check neededSize) */ >-+ if (neededSize < 0) { >-+ errorCode = XML_ERROR_NO_MEMORY; >-+ return NULL; >-+ } >-+/* END MOZILLA CHANGE */ >- #ifdef XML_CONTEXT_BYTES >- int keep = (int)(bufferPtr - buffer); >- >- if (keep > XML_CONTEXT_BYTES) >- keep = XML_CONTEXT_BYTES; >- neededSize += keep; >- #endif /* defined XML_CONTEXT_BYTES */ >- if (neededSize <= bufferLim - buffer) { >-@@ -1687,17 +1698,25 @@ XML_GetBuffer(XML_Parser parser, int len >- } >- else { >- char *newBuf; >- int bufferSize = (int)(bufferLim - bufferPtr); >- if (bufferSize == 0) >- bufferSize = INIT_BUFFER_SIZE; >- do { >- bufferSize *= 2; >-- } while (bufferSize < neededSize); >-+/* BEGIN MOZILLA CHANGE (prevent infinite loop on overflow) */ >-+ } while (bufferSize < neededSize && bufferSize > 0); >-+/* END MOZILLA CHANGE */ >-+/* BEGIN MOZILLA CHANGE (sanity check bufferSize) */ >-+ if (bufferSize <= 0) { >-+ errorCode = XML_ERROR_NO_MEMORY; >-+ return NULL; >-+ } >-+/* END MOZILLA CHANGE */ >- newBuf = (char *)MALLOC(bufferSize); >- if (newBuf == 0) { >- errorCode = XML_ERROR_NO_MEMORY; >- return NULL; >- } >- bufferLim = newBuf + bufferSize; >- #ifdef XML_CONTEXT_BYTES >- if (bufferPtr) { >- >- >- >- > >Property changes on: textproc/expat2/files/CVE-2015-1283.patch >___________________________________________________________________ >Deleted: fbsd:nokeywords >## -1 +0,0 ## >-yes >\ No newline at end of property >Deleted: svn:eol-style >## -1 +0,0 ## >-native >\ No newline at end of property >Deleted: svn:mime-type >## -1 +0,0 ## >-text/plain >\ No newline at end of property >Index: textproc/expat2/pkg-plist >=================================================================== >--- textproc/expat2/pkg-plist (revision 414591) >+++ textproc/expat2/pkg-plist (working copy) >@@ -1,5 +1,6 @@ > bin/xmlwf > include/expat.h >+include/expat_config.h > include/expat_external.h > lib/libexpat.a > lib/libexpat.so
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=170093">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 209360
: 170093