@@ -, +, @@ 
    - Fixes: CVE-2019-18197
---
 textproc/libxslt/Makefile                     |  4 +-
 .../libxslt/files/patch-libxslt_transform.c   | 46 ++++++++++++-------
 2 files changed, 31 insertions(+), 19 deletions(-)
--- b/textproc/libxslt/Makefile	
+++ b/textproc/libxslt/Makefile	
@@ -3,9 +3,9 @@ 
 
 PORTNAME=	libxslt
 PORTVERSION=	1.1.33
+PORTREVISION=	1
 CATEGORIES?=	textproc gnome
-MASTER_SITES=	http://xmlsoft.org/sources/ \
-		https://mirror.umd.edu/xbmc/build-deps/sources/
+MASTER_SITES=	https://ftp.osuosl.org/pub/blfs/conglomeration/libxslt/
 DIST_SUBDIR=	gnome2
 
 MAINTAINER?=	gnome@FreeBSD.org
--- b/textproc/libxslt/files/patch-libxslt_transform.c	
+++ b/textproc/libxslt/files/patch-libxslt_transform.c	
@@ -1,18 +1,30 @@ 
---- libxslt/transform.c.orig	2017-10-30 07:49:55 UTC
+From ee31512213544a869418a06a819e9cb9a7346f65 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sat, 17 Aug 2019 16:51:53 +0200
+Subject: [PATCH] Fix dangling pointer in xsltCopyText
+
+xsltCopyText didn't reset ctxt->lasttext in some cases which could
+lead to various memory errors in relation with CDATA sections in input
+documents.
+
+Found by OSS-Fuzz.
+---
+ libxslt/transform.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libxslt/transform.c b/libxslt/transform.c
+index ed5afacb..477265c2 100644
+--- libxslt/transform.c
 +++ libxslt/transform.c
-@@ -3485,10 +3485,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNode
-      */
-     if (ctxt->sec != NULL) {
- 	ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
--	if (ret == 0) {
--	    xsltTransformError(ctxt, NULL, inst,
--		 "xsltDocumentElem: write rights for %s denied\n",
--			     filename);
-+	if (ret <= 0) {
-+            if (ret == 0)
-+                xsltTransformError(ctxt, NULL, inst,
-+                     "xsltDocumentElem: write rights for %s denied\n",
-+                                 filename);
- 	    xmlFree(URL);
- 	    xmlFree(filename);
- 	    return;
+@@ -1090,6 +1090,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr target,
+ 	    if ((copy->content = xmlStrdup(cur->content)) == NULL)
+ 		return NULL;
+ 	}
++
++	ctxt->lasttext = NULL;
+     } else {
+         /*
+ 	 * normal processing. keep counters to extend the text node
+-- 
+2.23.0
+
--