diff options
| -rw-r--r-- | meta/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch | 34 | ||||
| -rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch | 37 | ||||
| -rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch | 41 | ||||
| -rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2020-7595.patch | 36 | ||||
| -rw-r--r-- | meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch | 33 | ||||
| -rw-r--r-- | meta/recipes-core/libxml/libxml2/remove-fuzz-from-ptests.patch | 43 | ||||
| -rw-r--r-- | meta/recipes-core/libxml/libxml2_2.9.12.bb (renamed from meta/recipes-core/libxml/libxml2_2.9.10.bb) | 17 |
7 files changed, 80 insertions, 161 deletions
diff --git a/meta/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch b/meta/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch index 5e9a0a506b..6d9ede6194 100644 --- a/meta/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch +++ b/meta/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch @@ -1,4 +1,4 @@ -From 2b5fb416aa275fd2a17a0139a2f783998bcb42cc Mon Sep 17 00:00:00 2001 +From ea1993d1d9a18c5e61b9cb271892b0a48f508d32 Mon Sep 17 00:00:00 2001 From: Peter Kjellerstedt <pkj@axis.com> Date: Fri, 9 Jun 2017 17:50:46 +0200 Subject: [PATCH] Make ptest run the python tests if python is enabled @@ -8,16 +8,14 @@ be due to the fact that the tests are forced to run with Python 3. Upstream-Status: Inappropriate [OE specific] Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> - --- - Makefile.am | 2 +- - python/Makefile.am | 9 +++++++++ - python/tests/Makefile.am | 10 ++++++++++ - python/tests/tstLastError.py | 2 +- - 4 files changed, 21 insertions(+), 2 deletions(-) + Makefile.am | 2 +- + python/Makefile.am | 9 +++++++++ + python/tests/Makefile.am | 10 ++++++++++ + 3 files changed, 20 insertions(+), 1 deletion(-) diff --git a/Makefile.am b/Makefile.am -index ae62274..bd1e425 100644 +index b428452b..dc18d6dd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -203,9 +203,9 @@ install-ptest: @@ -32,7 +30,7 @@ index ae62274..bd1e425 100644 runtests: runtest$(EXEEXT) testrecurse$(EXEEXT) testapi$(EXEEXT) \ testchar$(EXEEXT) testdict$(EXEEXT) runxmlconf$(EXEEXT) diff --git a/python/Makefile.am b/python/Makefile.am -index 34aed96..ba3ec6a 100644 +index 34aed96c..ba3ec6a4 100644 --- a/python/Makefile.am +++ b/python/Makefile.am @@ -48,7 +48,16 @@ GENERATED = libxml2class.py libxml2class.txt $(BUILT_SOURCES) @@ -53,7 +51,7 @@ index 34aed96..ba3ec6a 100644 tests test: all cd tests && $(MAKE) tests diff --git a/python/tests/Makefile.am b/python/tests/Makefile.am -index 227e24d..021bb29 100644 +index 227e24df..3568c2d2 100644 --- a/python/tests/Makefile.am +++ b/python/tests/Makefile.am @@ -59,6 +59,11 @@ XMLS= \ @@ -83,16 +81,6 @@ index 227e24d..021bb29 100644 + tests: endif -diff --git a/python/tests/tstLastError.py b/python/tests/tstLastError.py -index 81d0acc..162c8db 100755 ---- a/python/tests/tstLastError.py -+++ b/python/tests/tstLastError.py -@@ -25,7 +25,7 @@ class TestCase(unittest.TestCase): - when the exception is raised, check the libxml2.lastError for - expected values.""" - # disable the default error handler -- libxml2.registerErrorHandler(None,None) -+ libxml2.registerErrorHandler(lambda ctx,str: None,None) - try: - f(*args) - except exc: +-- +2.25.1 + diff --git a/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch b/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch deleted file mode 100644 index 88eb65a6a5..0000000000 --- a/meta/recipes-core/libxml/libxml2/CVE-2019-20388.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 7ffcd44d7e6c46704f8af0321d9314cd26e0e18a Mon Sep 17 00:00:00 2001 -From: Zhipeng Xie <xiezhipeng1@huawei.com> -Date: Tue, 20 Aug 2019 16:33:06 +0800 -Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream - -When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun -alloc a new schema for ctxt->schema and set vctxt->xsiAssemble -to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize -vctxt->xsiAssemble to 0 again which cause the alloced schema -can not be freed anymore. - -Found with libFuzzer. - -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/7ffcd44d7e6c46704f8af0321d9314cd26e0e18a] -CVE: CVE-2019-20388 - -Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com> -Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> ---- - xmlschemas.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/xmlschemas.c b/xmlschemas.c -index 301c8449..39d92182 100644 ---- a/xmlschemas.c -+++ b/xmlschemas.c -@@ -28090,7 +28090,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) { - vctxt->nberrors = 0; - vctxt->depth = -1; - vctxt->skipDepth = -1; -- vctxt->xsiAssemble = 0; - vctxt->hasKeyrefs = 0; - #ifdef ENABLE_IDC_NODE_TABLES_TEST - vctxt->createIDCNodeTables = 1; --- -2.24.1 - diff --git a/meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch b/meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch deleted file mode 100644 index 8224346660..0000000000 --- a/meta/recipes-core/libxml/libxml2/CVE-2020-24977.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 50f06b3efb638efb0abd95dc62dca05ae67882c2 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Fri, 7 Aug 2020 21:54:27 +0200 -Subject: [PATCH] Fix out-of-bounds read with 'xmllint --htmlout' - -Make sure that truncated UTF-8 sequences don't cause an out-of-bounds -array access. - -Thanks to @SuhwanSong and the Agency for Defense Development (ADD) for -the report. - -Fixes #178. - -CVE: CVE-2020-24977 -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2] - -Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> ---- - xmllint.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/xmllint.c b/xmllint.c -index f6a8e463..c647486f 100644 ---- a/xmllint.c -+++ b/xmllint.c -@@ -528,6 +528,12 @@ static void - xmlHTMLEncodeSend(void) { - char *result; - -+ /* -+ * xmlEncodeEntitiesReentrant assumes valid UTF-8, but the buffer might -+ * end with a truncated UTF-8 sequence. This is a hack to at least avoid -+ * an out-of-bounds read. -+ */ -+ memset(&buffer[sizeof(buffer)-4], 0, 4); - result = (char *) xmlEncodeEntitiesReentrant(NULL, BAD_CAST buffer); - if (result) { - xmlGenericError(xmlGenericErrorContext, "%s", result); --- -2.17.1 - diff --git a/meta/recipes-core/libxml/libxml2/CVE-2020-7595.patch b/meta/recipes-core/libxml/libxml2/CVE-2020-7595.patch deleted file mode 100644 index facfefd362..0000000000 --- a/meta/recipes-core/libxml/libxml2/CVE-2020-7595.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 0e1a49c8907645d2e155f0d89d4d9895ac5112b5 Mon Sep 17 00:00:00 2001 -From: Zhipeng Xie <xiezhipeng1@huawei.com> -Date: Thu, 12 Dec 2019 17:30:55 +0800 -Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities - -When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef -return NULL which cause a infinite loop in xmlStringLenDecodeEntities - -Found with libFuzzer. - -Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com> - -Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076] -CVE: CVE-2020-7595 -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - parser.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/parser.c b/parser.c -index d1c31963..a34bb6cd 100644 ---- a/parser.c -+++ b/parser.c -@@ -2646,7 +2646,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, - else - c = 0; - while ((c != 0) && (c != end) && /* non input consuming loop */ -- (c != end2) && (c != end3)) { -+ (c != end2) && (c != end3) && -+ (ctxt->instate != XML_PARSER_EOF)) { - - if (c == 0) break; - if ((c == '&') && (str[1] == '#')) { --- -2.24.1 - diff --git a/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch b/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch index e6998f6e68..90fa193775 100644 --- a/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch +++ b/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch @@ -1,7 +1,8 @@ -From 43edc9a445ed66cceb7533eadeef242940b4592c Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Sat, 11 May 2019 20:37:12 +0800 +From f57da62218cf72c1342da82abafdac6b0a2e4997 Mon Sep 17 00:00:00 2001 +From: Tony Tascioglu <tony.tascioglu@windriver.com> +Date: Fri, 14 May 2021 11:50:35 -0400 Subject: [PATCH] AM_PATH_XML2 uses xml-config which we disable through + binconfig-disabled.bbclass, so port it to use pkg-config instead. Upstream-Status: Pending @@ -9,16 +10,22 @@ Signed-off-by: Ross Burton <ross.burton@intel.com> Rebase to 2.9.9 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> + +Updated to apply cleanly to v2.9.12 + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> --- - libxml.m4 | 186 ++------------------------------------------------------------ - 1 file changed, 5 insertions(+), 181 deletions(-) + libxml.m4 | 190 ++---------------------------------------------------- + 1 file changed, 5 insertions(+), 185 deletions(-) diff --git a/libxml.m4 b/libxml.m4 -index 2d7a6f5..1c53585 100644 +index 09de9fe2..1c535853 100644 --- a/libxml.m4 +++ b/libxml.m4 -@@ -1,188 +1,12 @@ +@@ -1,192 +1,12 @@ -# Configure paths for LIBXML2 +-# Simon Josefsson 2020-02-12 +-# Fix autoconf 2.70+ warnings -# Mike Hommey 2004-06-19 -# use CPPFLAGS instead of CFLAGS -# Toshio Kuratomi 2001-04-21 @@ -78,7 +85,8 @@ index 2d7a6f5..1c53585 100644 -dnl (Also sanity checks the results of xml2-config to some extent) -dnl - rm -f conf.xmltest -- AC_TRY_RUN([ +- AC_RUN_IFELSE( +- [AC_LANG_SOURCE([[ -#include <stdlib.h> -#include <stdio.h> -#include <string.h> @@ -148,12 +156,12 @@ index 2d7a6f5..1c53585 100644 - printf("*** being found. The easiest way to fix this is to remove the old version\n"); - printf("*** of LIBXML, but you can also set the XML2_CONFIG environment to point to the\n"); - printf("*** correct copy of xml2-config. (In this case, you will have to\n"); -- printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n"); +- printf("*** modify your LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf\n"); - printf("*** so that the correct libraries are found at run-time))\n"); - } - return 1; -} --],, no_xml=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) +-]])],, no_xml=yes,[echo $ac_n "cross compiling; assumed OK... $ac_c"]) - CPPFLAGS="$ac_save_CPPFLAGS" - LIBS="$ac_save_LIBS" - fi @@ -178,10 +186,11 @@ index 2d7a6f5..1c53585 100644 - echo "*** Could not run libxml test program, checking why..." - CPPFLAGS="$CPPFLAGS $XML_CPPFLAGS" - LIBS="$LIBS $XML_LIBS" -- AC_TRY_LINK([ +- AC_LINK_IFELSE( +- [AC_LANG_PROGRAM([[ -#include <libxml/xmlversion.h> -#include <stdio.h> --], [ LIBXML_TEST_VERSION; return 0;], +-]], [[ LIBXML_TEST_VERSION; return 0;]])], - [ echo "*** The test program compiled, but did not run. This usually means" - echo "*** that the run-time linker is not finding LIBXML or finding the wrong" - echo "*** version of LIBXML. If it is not finding LIBXML, you'll need to set your" diff --git a/meta/recipes-core/libxml/libxml2/remove-fuzz-from-ptests.patch b/meta/recipes-core/libxml/libxml2/remove-fuzz-from-ptests.patch new file mode 100644 index 0000000000..e80c46054e --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/remove-fuzz-from-ptests.patch @@ -0,0 +1,43 @@ +From e49a0d4a8f3f725d6f683854e1cad36a3cd02962 Mon Sep 17 00:00:00 2001 +From: Tony Tascioglu <tony.tascioglu@windriver.com> +Date: Wed, 19 May 2021 19:43:56 -0400 +Subject: [PATCH] Remove fuzz testing from executing with ptests. + +Upstream version 2.9.12 introduced new fuzz-testing and a corresponding +folder fuzz. These tests are not required for ptests of this package. + +This patch removes the fuzz testing targets from the Makefile. +Otherwise, running the ptests will fail due to the invalid directory. + +Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com> +--- + Makefile.am | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index a9284b95..3d7b344d 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -2,9 +2,9 @@ + + ACLOCAL_AMFLAGS = -I m4 + +-SUBDIRS = include . doc example fuzz xstc $(PYTHON_SUBDIR) ++SUBDIRS = include . doc example xstc $(PYTHON_SUBDIR) + +-DIST_SUBDIRS = include . doc example fuzz python xstc ++DIST_SUBDIRS = include . doc example python xstc + + AM_CPPFLAGS = -I$(top_builddir)/include -I$(srcdir)/include + +@@ -210,7 +210,6 @@ runtests: runtest$(EXEEXT) testrecurse$(EXEEXT) testapi$(EXEEXT) \ + $(CHECKER) ./runxmlconf$(EXEEXT) + @(if [ "$(PYTHON_SUBDIR)" != "" ] ; then cd python ; \ + $(MAKE) tests ; fi) +- @cd fuzz; $(MAKE) tests + + check: all runtests + +-- +2.25.1 + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.12.bb index b5fb3e6315..cb22857609 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.12.bb @@ -5,9 +5,9 @@ BUGTRACKER = "http://bugzilla.gnome.org/buglist.cgi?product=libxml2" SECTION = "libs" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://Copyright;md5=2044417e2e5006b65a8b9067b683fcf1 \ - file://hash.c;beginline=6;endline=15;md5=96f7296605eae807670fb08947829969 \ - file://list.c;beginline=4;endline=13;md5=cdbfa3dee51c099edb04e39f762ee907 \ - file://trio.c;beginline=5;endline=14;md5=6c025753c86d958722ec76e94cae932e" + file://hash.c;beginline=6;endline=15;md5=e77f77b12cb69e203d8b4090a0eee879 \ + file://list.c;beginline=4;endline=13;md5=b9c25b021ccaf287e50060602d20f3a7 \ + file://trio.c;beginline=5;endline=14;md5=cd4f61e27f88c1d43df112966b1cd28f" DEPENDS = "zlib virtual/libiconv" @@ -20,17 +20,10 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://libxml-m4-use-pkgconfig.patch \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ - file://CVE-2020-7595.patch \ - file://CVE-2019-20388.patch \ - file://CVE-2020-24977.patch \ - file://CVE-2021-3517.patch \ - file://CVE-2021-3537.patch \ - file://CVE-2021-3518.patch \ + file://remove-fuzz-from-ptests.patch \ " -SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" -SRC_URI[libtar.sha256sum] = "aafee193ffb8fe0c82d4afef6ef91972cbaf5feea100edc2f262750611b4be1f" -SRC_URI[testtar.md5sum] = "ae3d1ebe000a3972afa104ca7f0e1b4a" +SRC_URI[libtar.sha256sum] = "c8d6681e38c56f172892c85ddc0852e1fd4b53b4209e7f4ebf17f7e2eae71d92" SRC_URI[testtar.sha256sum] = "96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7" BINCONFIG = "${bindir}/xml2-config" |