FreeBSD Bugzilla – Attachment 225823 Details for
Bug 256617
textproc/libxslt: Backport compatibility patches for libxml2 2.9.12
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for libxsl
libxsl-libxml2-compat.patch (text/plain), 7.43 KB, created by
Daniel Engberg
on 2021-06-15 11:26:33 UTC
(
hide
)
Description:
Patch for libxsl
Filename:
MIME Type:
Creator:
Daniel Engberg
Created:
2021-06-15 11:26:33 UTC
Size:
7.43 KB
patch
obsolete
>diff --git a/textproc/libxslt/Makefile b/textproc/libxslt/Makefile >index c9f65f75b241..3f37ccbbf28b 100644 >--- a/textproc/libxslt/Makefile >+++ b/textproc/libxslt/Makefile >@@ -2,39 +2,39 @@ > > PORTNAME= libxslt > DISTVERSION= 1.1.34 >-PORTREVISION= 1 >-CATEGORIES?= textproc gnome >+PORTREVISION= 2 >+CATEGORIES= textproc gnome > MASTER_SITES= http://xmlsoft.org/sources/ \ > https://mirror.umd.edu/xbmc/build-deps/sources/ > DIST_SUBDIR= gnome2 > >-MAINTAINER?= desktop@FreeBSD.org >-COMMENT?= The XSLT C library for GNOME >+MAINTAINER= desktop@FreeBSD.org >+COMMENT= XML stylesheet transformation library > >-USES+= cpe gmake gnome localbase libtool pathfix >+LICENSE= MIT >+LICENSE_FILE= ${WRKSRC}/COPYING >+ >+USES= cpe gmake gnome localbase libtool pathfix > CPE_VENDOR= xmlsoft > GNU_CONFIGURE= yes >-INSTALL_TARGET= install-strip >+USE_GNOME= libxml2 > USE_LDCONFIG= yes >-USE_GNOME?= libxml2 >-CONFIGURE_ARGS?=--with-html-dir=${PREFIX}/share/doc \ >- --without-python > >-LICENSE= MIT >+CONFIGURE_ARGS= --with-html-dir=${PREFIX}/share/doc \ >+ --without-python > >-.if defined(MASTERDIR) >-_SLAVE_PORT= yes >-.else >+INSTALL_TARGET= install-strip >+TEST_TARGET= check > >-OPTIONS_DEFINE= MEM_DEBUG CRYPTO >+OPTIONS_DEFINE= CRYPTO MEM_DEBUG > OPTIONS_DEFAULT=CRYPTO >+ >+CRYPTO_DESC= Enable crypto support > MEM_DEBUG_DESC= Enable memory debugging >-CRYPTO_DESC= Enable crypto support for exslt >-.endif > >-MEM_DEBUG_CONFIGURE_ON= --with-mem-debug >-CRYPTO_CONFIGURE_WITH= crypto > CRYPTO_LIB_DEPENDS= libgcrypt.so:security/libgcrypt >+CRYPTO_CONFIGURE_WITH= crypto >+MEM_DEBUG_CONFIGURE_ON= --with-mem-debug > > post-patch: > @${REINPLACE_CMD} -e '/^install-data-am:/ s|install-data-local||' \ >diff --git a/textproc/libxslt/files/patch-git-01-9ae2f94df1721e002941b40665efb762aefcea1a b/textproc/libxslt/files/patch-git-01-9ae2f94df1721e002941b40665efb762aefcea1a >new file mode 100644 >index 000000000000..eca5e6ee4e3b >--- /dev/null >+++ b/textproc/libxslt/files/patch-git-01-9ae2f94df1721e002941b40665efb762aefcea1a >@@ -0,0 +1,37 @@ >+From 9ae2f94df1721e002941b40665efb762aefcea1a Mon Sep 17 00:00:00 2001 >+From: Nick Wellnhofer <wellnhofer@aevum.de> >+Date: Mon, 17 Aug 2020 03:42:11 +0200 >+Subject: [PATCH] Stop using maxParserDepth XPath limit >+ >+This will be removed again from libxml2. >+--- >+ tests/fuzz/fuzz.c | 6 ++---- >+ 1 file changed, 2 insertions(+), 4 deletions(-) >+ >+diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c >+index f502ca2c..75234ad6 100644 >+--- tests/fuzz/fuzz.c >++++ tests/fuzz/fuzz.c >+@@ -183,8 +183,7 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, >+ xpctxt = tctxt->xpathCtxt; >+ >+ /* Resource limits to avoid timeouts and call stack overflows */ >+- xpctxt->maxParserDepth = 15; >+- xpctxt->maxDepth = 100; >++ xpctxt->maxDepth = 500; >+ xpctxt->opLimit = 500000; >+ >+ /* Test namespaces used in xpath.xml */ >+@@ -317,8 +316,7 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, >+ >+ static void >+ xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { >+- ctxt->maxParserDepth = 15; >+- ctxt->maxDepth = 100; >++ ctxt->maxDepth = 200; >+ ctxt->opLimit = 100000; >+ } >+ >+-- >+GitLab >+ >diff --git a/textproc/libxslt/files/patch-git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 b/textproc/libxslt/files/patch-git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 >new file mode 100644 >index 000000000000..77ee92c51427 >--- /dev/null >+++ b/textproc/libxslt/files/patch-git-02-824657768aea2cce9c23e72ba8085cb5e44350c7 >@@ -0,0 +1,42 @@ >+From 824657768aea2cce9c23e72ba8085cb5e44350c7 Mon Sep 17 00:00:00 2001 >+From: Nick Wellnhofer <wellnhofer@aevum.de> >+Date: Mon, 17 Aug 2020 04:27:13 +0200 >+Subject: [PATCH] Transfer XPath limits to XPtr context >+ >+Expressions like document('doc.xml#xpointer(evil_expr)') ignored the >+XPath limits. >+--- >+ libxslt/functions.c | 14 +++++++++++++- >+ 1 file changed, 13 insertions(+), 1 deletion(-) >+ >+diff --git a/libxslt/functions.c b/libxslt/functions.c >+index b350545a..975ea790 100644 >+--- libxslt/functions.c >++++ libxslt/functions.c >+@@ -178,10 +178,22 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) >+ goto out_fragment; >+ } >+ >++#if LIBXML_VERSION >= 20911 || \ >++ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) >++ xptrctxt->opLimit = ctxt->context->opLimit; >++ xptrctxt->opCount = ctxt->context->opCount; >++ xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; >++ >++ resObj = xmlXPtrEval(fragment, xptrctxt); >++ >++ ctxt->context->opCount = xptrctxt->opCount; >++#else >+ resObj = xmlXPtrEval(fragment, xptrctxt); >+- xmlXPathFreeContext(xptrctxt); >+ #endif >+ >++ xmlXPathFreeContext(xptrctxt); >++#endif /* LIBXML_XPTR_ENABLED */ >++ >+ if (resObj == NULL) >+ goto out_fragment; >+ >+-- >+GitLab >+ >diff --git a/textproc/libxslt/files/patch-git-03-77c26bad0433541f486b1e7ced44ca9979376908 b/textproc/libxslt/files/patch-git-03-77c26bad0433541f486b1e7ced44ca9979376908 >new file mode 100644 >index 000000000000..157dd444ba89 >--- /dev/null >+++ b/textproc/libxslt/files/patch-git-03-77c26bad0433541f486b1e7ced44ca9979376908 >@@ -0,0 +1,70 @@ >+From 77c26bad0433541f486b1e7ced44ca9979376908 Mon Sep 17 00:00:00 2001 >+From: Nick Wellnhofer <wellnhofer@aevum.de> >+Date: Wed, 26 Aug 2020 00:34:38 +0200 >+Subject: [PATCH] Don't set maxDepth in XPath contexts >+ >+The maximum recursion depth is hardcoded in libxml2 now. >+--- >+ libxslt/functions.c | 2 +- >+ tests/fuzz/fuzz.c | 11 ++--------- >+ 2 files changed, 3 insertions(+), 10 deletions(-) >+ >+diff --git a/libxslt/functions.c b/libxslt/functions.c >+index 975ea790..7887dda7 100644 >+--- libxslt/functions.c >++++ libxslt/functions.c >+@@ -182,7 +182,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) >+ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) >+ xptrctxt->opLimit = ctxt->context->opLimit; >+ xptrctxt->opCount = ctxt->context->opCount; >+- xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; >++ xptrctxt->depth = ctxt->context->depth; >+ >+ resObj = xmlXPtrEval(fragment, xptrctxt); >+ >+diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c >+index 75234ad6..780c2d41 100644 >+--- tests/fuzz/fuzz.c >++++ tests/fuzz/fuzz.c >+@@ -183,7 +183,6 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, >+ xpctxt = tctxt->xpathCtxt; >+ >+ /* Resource limits to avoid timeouts and call stack overflows */ >+- xpctxt->maxDepth = 500; >+ xpctxt->opLimit = 500000; >+ >+ /* Test namespaces used in xpath.xml */ >+@@ -314,12 +313,6 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, >+ return 0; >+ } >+ >+-static void >+-xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { >+- ctxt->maxDepth = 200; >+- ctxt->opLimit = 100000; >+-} >+- >+ xmlChar * >+ xsltFuzzXslt(const char *data, size_t size) { >+ xmlDocPtr xsltDoc; >+@@ -349,7 +342,7 @@ xsltFuzzXslt(const char *data, size_t size) { >+ xmlFreeDoc(xsltDoc); >+ return NULL; >+ } >+- xsltSetXPathResourceLimits(sheet->xpathCtxt); >++ sheet->xpathCtxt->opLimit = 100000; >+ sheet->xpathCtxt->opCount = 0; >+ if (xsltParseStylesheetUser(sheet, xsltDoc) != 0) { >+ xsltFreeStylesheet(sheet); >+@@ -361,7 +354,7 @@ xsltFuzzXslt(const char *data, size_t size) { >+ xsltSetCtxtSecurityPrefs(sec, ctxt); >+ ctxt->maxTemplateDepth = 100; >+ ctxt->opLimit = 20000; >+- xsltSetXPathResourceLimits(ctxt->xpathCtxt); >++ ctxt->xpathCtxt->opLimit = 100000; >+ ctxt->xpathCtxt->opCount = sheet->xpathCtxt->opCount; >+ >+ result = xsltApplyStylesheetUser(sheet, doc, NULL, NULL, NULL, ctxt); >+-- >+GitLab >+
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=225823">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 256617
: 225823