# HG changeset patch # User Petr Sumbera # Date 1373318033 25200 # Node ID be2379d0aa1fc17830569156ae6f4d39574b35ef # Parent 24447a4555e5e669a88a324a4d57099236763482 16738474 Upgrade libxml2 to version 2.9.1 16690989 problem in LIBRARY/LIBXML diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/Makefile --- a/components/libxml2/Makefile Tue Jun 18 10:39:11 2013 +0200 +++ b/components/libxml2/Makefile Mon Jul 08 14:13:53 2013 -0700 @@ -20,18 +20,18 @@ # # -# Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved. # include ../../make-rules/shared-macros.mk COMPONENT_NAME= libxml2 -COMPONENT_VERSION= 2.9.0 +COMPONENT_VERSION= 2.9.1 COMPONENT_PROJECT_URL= http://xmlsoft.org/ COMPONENT_SRC= $(COMPONENT_NAME)-$(COMPONENT_VERSION) COMPONENT_ARCHIVE= $(COMPONENT_SRC).tar.gz COMPONENT_ARCHIVE_HASH= \ - sha256:ad25d91958b7212abdc12b9611cfb4dc4e5cddb6d1e9891532f48aacee422b82 + sha256:fd3c64cb66f2c4ea27e934d275904d92cec494a8e8405613780cbc8a71680fdb COMPONENT_ARCHIVE_URL= ftp://xmlsoft.org/libxml2/$(COMPONENT_ARCHIVE) COMPONENT_BUGDB= library/libxml @@ -62,16 +62,29 @@ COMPONENT_PREP_ACTION += (cd $(@D) ; cp ../mapfile libxml2.syms ; autoreconf -if) # After we have configured, make a copy of the python bits so we -# can build separate python 2.7 support. +# can build and test separate python 2.7 support. COMPONENT_POST_CONFIGURE_ACTION = (cd $(@D) ; cp -rp python python2.7 ; \ - $(GSED) -i -e 's/2[.]6/2.7/g' python2.7/Makefile) + $(GSED) -i -e 's/2[.]6/2.7/g' `find python2.7 -name Makefile`) # After we have built/installed libxml2, build/install the python # support for python 2.7 COMPONENT_POST_INSTALL_ACTION = \ (cd $(@D)/python2.7 ; $(GMAKE) $(COMPONENT_INSTALL_ARGS) install) -COMPONENT_PRE_TEST_ACTION = (cd $(@D) ; gtar xf $(COMPONENT_DIR)/$(COMPONENT_ARCHIVE_1)) +# It's nice to test also python 2.7 module. +COMPONENT_POST_TEST_ACTION = \ + (cd $(@D)/python2.7 ; $(GMAKE) $(COMPONENT_TEST_ARGS) test) + +# We have patched our 64 bit python so it will search for modules only in +# '64/' directories. Now we need to provide one. Otherwise python will +# end up using libxml2mod.so installed on system. +$(BUILD_DIR)/$(MACH64)/.tested: COMPONENT_PRE_TEST_ACTION = ( \ + $(MKDIR) $(@D)/python/.libs/64 $(@D)/python2.7/.libs/64; \ + $(SYMLINK) ../libxml2mod.so $(@D)/python/.libs/64/libxml2mod.so; \ + $(SYMLINK) ../libxml2mod.so $(@D)/python2.7/.libs/64/libxml2mod.so); + +COMPONENT_PRE_TEST_ACTION += \ + (cd $(@D) ; gtar xf $(COMPONENT_DIR)/$(COMPONENT_ARCHIVE_1)); # common targets build: $(BUILD_32_and_64) diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/libxml2-26.p5m --- a/components/libxml2/libxml2-26.p5m Tue Jun 18 10:39:11 2013 +0200 +++ b/components/libxml2/libxml2-26.p5m Mon Jul 08 14:13:53 2013 -0700 @@ -33,13 +33,8 @@ set name=org.opensolaris.arc-caseid \ value=PSARC/2009/630 set name=org.opensolaris.consolidation value=$(CONSOLIDATION) -dir path=usr -dir path=usr/lib -dir path=usr/lib/python2.6 -dir path=usr/lib/python2.6/vendor-packages -dir path=usr/lib/python2.6/vendor-packages/64 file path=usr/lib/python2.6/vendor-packages/64/libxml2mod.so file path=usr/lib/python2.6/vendor-packages/drv_libxml2.py file path=usr/lib/python2.6/vendor-packages/libxml2.py file path=usr/lib/python2.6/vendor-packages/libxml2mod.so -license libxml2.license license="libxml license" +license COPYING license="libxml license" diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/libxml2-27.p5m --- a/components/libxml2/libxml2-27.p5m Tue Jun 18 10:39:11 2013 +0200 +++ b/components/libxml2/libxml2-27.p5m Mon Jul 08 14:13:53 2013 -0700 @@ -33,13 +33,8 @@ set name=org.opensolaris.arc-caseid \ value=PSARC/2009/630 set name=org.opensolaris.consolidation value=$(CONSOLIDATION) -dir path=usr -dir path=usr/lib -dir path=usr/lib/python2.7 -dir path=usr/lib/python2.7/vendor-packages -dir path=usr/lib/python2.7/vendor-packages/64 file path=usr/lib/python2.7/vendor-packages/64/libxml2mod.so file path=usr/lib/python2.7/vendor-packages/drv_libxml2.py file path=usr/lib/python2.7/vendor-packages/libxml2.py file path=usr/lib/python2.7/vendor-packages/libxml2mod.so -license libxml2.license license="libxml license" +license COPYING license="libxml license" diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/libxml2.license --- a/components/libxml2/libxml2.license Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,25 +0,0 @@ -Except where otherwise noted in the source code (e.g. the files hash.c, -list.c and the trio files, which are covered by a similar licence but -with different Copyright notices) all the files are: - - Copyright (C) 1998-2003 Daniel Veillard. All Rights Reserved. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is fur- -nished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FIT- -NESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -DANIEL VEILLARD BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CON- -NECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -Except as contained in this notice, the name of Daniel Veillard shall not -be used in advertising or otherwise to promote the sale, use or other deal- -ings in this Software without prior written authorization from him. diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/libxml2.p5m --- a/components/libxml2/libxml2.p5m Tue Jun 18 10:39:11 2013 +0200 +++ b/components/libxml2/libxml2.p5m Mon Jul 08 14:13:53 2013 -0700 @@ -34,22 +34,6 @@ set name=org.opensolaris.arc-caseid \ value=PSARC/2009/630 set name=org.opensolaris.consolidation value=$(CONSOLIDATION) -dir path=lib -dir path=lib/$(MACH64) -dir path=usr -dir path=usr/bin -dir path=usr/include -dir path=usr/include/libxml2 -dir path=usr/include/libxml2/libxml -dir path=usr/lib -dir path=usr/lib/$(MACH64) -dir path=usr/lib/$(MACH64)/pkgconfig -dir path=usr/lib/pkgconfig -dir path=usr/share -dir path=usr/share/aclocal -dir path=usr/share/man -dir path=usr/share/man/man1 -dir path=usr/share/man/man3 file usr/lib/$(MACH64)/libxml2.so.2 path=lib/$(MACH64)/libxml2.so.2 file $(MACH64)/llib-lxml2.ln path=lib/$(MACH64)/llib-lxml2.ln file usr/lib/libxml2.so.2 path=lib/libxml2.so.2 @@ -114,7 +98,7 @@ file path=usr/share/man/man3/libxml.3 file libxml2.3 path=usr/share/man/man3/libxml2.3 legacy pkg=SUNWlxml desc="The XML library" name="The XML library" -license libxml2.license license="libxml license" +license COPYING license="libxml license" link path=lib/$(MACH64)/libxml2.so target=libxml2.so.2 link path=lib/libxml2.so target=libxml2.so.2 link path=usr/lib/$(MACH64)/libxml2.so target=libxml2.so.2 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/mapfile --- a/components/libxml2/mapfile Tue Jun 18 10:39:11 2013 +0200 +++ b/components/libxml2/mapfile Mon Jul 08 14:13:53 2013 -0700 @@ -32,12 +32,19 @@ # # Note that the source above actually lives in the ON tree. # -# Copyright (c) 2009, 2012, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2009, 2013, Oracle and/or its affiliates. All rights reserved. # # public interfaces in libxml2 # $mapfile_version 2 +SYMBOL_VERSION SUNW_1.10 { + global: + # LIBXML2_2.9.1 + xmlXPathNodeEval; + xmlXPathSetContextNode; +} SUNW_1.9; + SYMBOL_VERSION SUNW_1.9 { global: # LIBXML2_2.8.0 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/20.EBCDIC.patch --- a/components/libxml2/patches/20.EBCDIC.patch Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,11 +0,0 @@ ---- libxml2-2.7.6/encoding.c -+++ libxml2-2.7.6/encoding.c -@@ -1460,6 +1460,8 @@ - if (handler != NULL) return(handler); - handler = xmlFindCharEncodingHandler("EBCDIC-US"); - if (handler != NULL) return(handler); -+ handler = xmlFindCharEncodingHandler("IBM-037"); -+ if (handler != NULL) return(handler); - break; - case XML_CHAR_ENCODING_UCS4BE: - handler = xmlFindCharEncodingHandler("ISO-10646-UCS-4"); diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/PTHREAD_ONCE_INIT.patch --- a/components/libxml2/patches/PTHREAD_ONCE_INIT.patch Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,33 +0,0 @@ -From 3f6cfbd1d38d0634a2ddcb9a0a13e1b5a2195a5e Mon Sep 17 00:00:00 2001 -From: Friedrich Haubensak -Date: Wed, 12 Sep 2012 15:34:53 +0000 -Subject: Fix a thread portability problem - -cannot compile libxml2-2.9.0 using studio 12.1 compiler on solaris 10 - -I.M.O. structure initializer (as PTHREAD_ONCE_INIT) cannot be used in -a structure assignment anyway ---- -diff --git a/threads.c b/threads.c -index f206149..7e85a26 100644 ---- a/threads.c -+++ b/threads.c -@@ -146,6 +146,7 @@ struct _xmlRMutex { - static pthread_key_t globalkey; - static pthread_t mainthread; - static pthread_once_t once_control = PTHREAD_ONCE_INIT; -+static pthread_once_t once_control_init = PTHREAD_ONCE_INIT; - static pthread_mutex_t global_init_lock = PTHREAD_MUTEX_INITIALIZER; - #elif defined HAVE_WIN32_THREADS - #if defined(HAVE_COMPILER_TLS) -@@ -915,7 +916,7 @@ xmlCleanupThreads(void) - #ifdef HAVE_PTHREAD_H - if ((libxml_is_threaded) && (pthread_key_delete != NULL)) - pthread_key_delete(globalkey); -- once_control = PTHREAD_ONCE_INIT; -+ once_control = once_control_init; - #elif defined(HAVE_WIN32_THREADS) && !defined(HAVE_COMPILER_TLS) && (!defined(LIBXML_STATIC) || defined(LIBXML_STATIC_FOR_DLL)) - if (globalkey != TLS_OUT_OF_INDEXES) { - xmlGlobalStateCleanupHelperParams *p; --- -cgit v0.9.0.2 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/bug684774.patch --- a/components/libxml2/patches/bug684774.patch Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,52 +0,0 @@ -See: - -http://git.gnome.org/browse/libxml2/commit/?id=6c91aa384f48ff6d406553a6dd47fd556c1ef2e6 - -From 6c91aa384f48ff6d406553a6dd47fd556c1ef2e6 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Thu, 25 Oct 2012 07:33:59 +0000 -Subject: Fix a regression in 2.9.0 breaking validation while streaming - -https://bugzilla.gnome.org/show_bug.cgi?id=684774 -with help from Kjell Ahlstedt ---- -diff --git a/SAX2.c b/SAX2.c -index a24abc8..3eea39a 100644 ---- a/SAX2.c -+++ b/SAX2.c -@@ -2202,7 +2202,7 @@ xmlSAX2StartElementNs(void *ctx, - (ctxt->myDoc->intSubset->elements == NULL) && - (ctxt->myDoc->intSubset->attributes == NULL) && - (ctxt->myDoc->intSubset->entities == NULL)))) { -- xmlErrValid(ctxt, XML_ERR_NO_DTD, -+ xmlErrValid(ctxt, XML_DTD_NO_DTD, - "Validation failed: no DTD found !", NULL, NULL); - ctxt->validate = 0; - } -diff --git a/parser.c b/parser.c -index 28b0d80..19f1217 100644 ---- a/parser.c -+++ b/parser.c -@@ -11633,7 +11633,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) { - "PP: Parsing internal subset\n"); - #endif - ctxt->inSubset = 1; -- ctxt->progressive = 1; -+ ctxt->progressive = 0; - ctxt->checkIndex = 0; - xmlParseDocTypeDecl(ctxt); - if (RAW == '[') { -@@ -12219,7 +12219,10 @@ xmldecl_done: - } - ctxt->instate = XML_PARSER_EOF; - } -- return((xmlParserErrors) ctxt->errNo); -+ if (ctxt->wellFormed == 0) -+ return((xmlParserErrors) ctxt->errNo); -+ else -+ return(0); - } - - /************************************************************************ --- -cgit v0.9.0.2 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/bug697264.patch --- a/components/libxml2/patches/bug697264.patch Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,131 +0,0 @@ -https://bugzilla.gnome.org/show_bug.cgi?id=697264 -https://git.gnome.org/browse/libxml2/commit/?id=5fe9e9ed1ccf217e11bd3cb99b1c6bb10cc96ba3 - -From 5fe9e9ed1ccf217e11bd3cb99b1c6bb10cc96ba3 Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Fri, 05 Apr 2013 15:10:41 +0000 -Subject: Remove risk of lockup in dictionary initialization - -Reported by Petr Sumbera -Two threads entering xmlInitializeDict concurently could lead -to a lockup due to multiple initializations of the lock used. -To avoid this problem move this to a new private function -called from xmlOnceInit() and deprecate the old initalizer. -Since threaded programs must call xmlInitParser() and this -will lead to dereference of private data and the call to -xmlOnceInit() guaranteed to be unique this should be safe now. ---- -diff --git a/dict.c b/dict.c -index 164c7f2..5f71d55 100644 ---- a/dict.c -+++ b/dict.c -@@ -151,13 +151,28 @@ static unsigned int rand_seed = 0; - * xmlInitializeDict: - * - * Do the dictionary mutex initialization. -- * this function is not thread safe, initialization should -- * preferably be done once at startup -+ * this function is deprecated - * - * Returns 0 if initialization was already done, and 1 if that - * call led to the initialization - */ - int xmlInitializeDict(void) { -+ return(0); -+} -+ -+/** -+ * __xmlInitializeDict: -+ * -+ * This function is not public -+ * Do the dictionary mutex initialization. -+ * this function is not thread safe, initialization should -+ * normally be done once at setup when called from xmlOnceInit() -+ * we may also land in this code if thread support is not compiled in -+ * -+ * Returns 0 if initialization was already done, and 1 if that -+ * call led to the initialization -+ */ -+int __xmlInitializeDict(void) { - if (xmlDictInitialized) - return(1); - -@@ -183,7 +198,7 @@ int __xmlRandom(void) { - int ret; - - if (xmlDictInitialized == 0) -- xmlInitializeDict(); -+ __xmlInitializeDict(); - - xmlRMutexLock(xmlDictMutex); - #ifdef HAVE_RAND_R -@@ -522,7 +537,7 @@ xmlDictCreate(void) { - xmlDictPtr dict; - - if (!xmlDictInitialized) -- if (!xmlInitializeDict()) -+ if (!__xmlInitializeDict()) - return(NULL); - - #ifdef DICT_DEBUG_PATTERNS -@@ -590,7 +605,7 @@ xmlDictCreateSub(xmlDictPtr sub) { - int - xmlDictReference(xmlDictPtr dict) { - if (!xmlDictInitialized) -- if (!xmlInitializeDict()) -+ if (!__xmlInitializeDict()) - return(-1); - - if (dict == NULL) return -1; -@@ -754,7 +769,7 @@ xmlDictFree(xmlDictPtr dict) { - return; - - if (!xmlDictInitialized) -- if (!xmlInitializeDict()) -+ if (!__xmlInitializeDict()) - return; - - /* decrement the counter, it may be shared by a parser and docs */ -diff --git a/libxml.h b/libxml.h -index 7558b5f..2da9044 100644 ---- a/libxml.h -+++ b/libxml.h -@@ -84,6 +84,8 @@ void __xmlGlobalInitMutexLock(void); - void __xmlGlobalInitMutexUnlock(void); - void __xmlGlobalInitMutexDestroy(void); - -+int __xmlInitializeDict(void); -+ - #if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) - /* - * internal thread safe random function -diff --git a/threads.c b/threads.c -index c8414e1..f2f2703 100644 ---- a/threads.c -+++ b/threads.c -@@ -954,6 +954,7 @@ xmlOnceInit(void) - #ifdef HAVE_PTHREAD_H - (void) pthread_key_create(&globalkey, xmlFreeGlobalState); - mainthread = pthread_self(); -+ __xmlInitializeDict(); - #elif defined(HAVE_WIN32_THREADS) - if (!run_once.done) { - if (InterlockedIncrement(&run_once.control) == 1) { -@@ -961,6 +962,7 @@ xmlOnceInit(void) - globalkey = TlsAlloc(); - #endif - mainthread = GetCurrentThreadId(); -+ __xmlInitializeDict(); - run_once.done = 1; - } else { - /* Another thread is working; give up our slice and -@@ -974,6 +976,7 @@ xmlOnceInit(void) - globalkey = tls_allocate(); - tls_set(globalkey, NULL); - mainthread = find_thread(NULL); -+ __xmlInitializeDict(); - } else - atomic_add(&run_once_init, -1); - #endif --- -cgit v0.9.1 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/libxml2-Detect-excessive-entities-expansion-upon-replacement.patch --- a/components/libxml2/patches/libxml2-Detect-excessive-entities-expansion-upon-replacement.patch Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,153 +0,0 @@ -https://git.gnome.org/browse/libxml2/commit/?id=23f05e0c33987d6605387b300c4be5da2120a7ab -CVE-2013-0338 - -From 23f05e0c33987d6605387b300c4be5da2120a7ab Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Tue, 19 Feb 2013 02:21:49 +0000 -Subject: Detect excessive entities expansion upon replacement - -If entities expansion in the XML parser is asked for, -it is possble to craft relatively small input document leading -to excessive on-the-fly content generation. -This patch accounts for those replacement and stop parsing -after a given threshold. it can be bypassed as usual with the -HUGE parser option. ---- -diff --git a/include/libxml/parser.h b/include/libxml/parser.h -index e1346e4..3f5730d 100644 ---- a/include/libxml/parser.h -+++ b/include/libxml/parser.h -@@ -310,6 +310,7 @@ struct _xmlParserCtxt { - xmlParserNodeInfo *nodeInfoTab; /* array of nodeInfos */ - - int input_id; /* we need to label inputs */ -+ unsigned long sizeentcopy; /* volume of entity copy */ - }; - - /** -diff --git a/parser.c b/parser.c -index 91f8c90..ddf3b5b 100644 ---- a/parser.c -+++ b/parser.c -@@ -122,7 +122,7 @@ xmlCreateEntityParserCtxtInternal(const xmlChar *URL, const xmlChar *ID, - */ - static int - xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, -- xmlEntityPtr ent) -+ xmlEntityPtr ent, size_t replacement) - { - size_t consumed = 0; - -@@ -130,7 +130,24 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, - return (0); - if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP) - return (1); -- if (size != 0) { -+ if (replacement != 0) { -+ if (replacement < XML_MAX_TEXT_LENGTH) -+ return(0); -+ -+ /* -+ * If the volume of entity copy reaches 10 times the -+ * amount of parsed data and over the large text threshold -+ * then that's very likely to be an abuse. -+ */ -+ if (ctxt->input != NULL) { -+ consumed = ctxt->input->consumed + -+ (ctxt->input->cur - ctxt->input->base); -+ } -+ consumed += ctxt->sizeentities; -+ -+ if (replacement < XML_PARSER_NON_LINEAR * consumed) -+ return(0); -+ } else if (size != 0) { - /* - * Do the check based on the replacement size of the entity - */ -@@ -176,7 +193,6 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, - */ - return (0); - } -- - xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL); - return (1); - } -@@ -2743,7 +2759,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, - while (*current != 0) { /* non input consuming loop */ - buffer[nbchars++] = *current++; - if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { -- if (xmlParserEntityCheck(ctxt, nbchars, ent)) -+ if (xmlParserEntityCheck(ctxt, nbchars, ent, 0)) - goto int_error; - growBuffer(buffer, XML_PARSER_BUFFER_SIZE); - } -@@ -2785,7 +2801,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, - while (*current != 0) { /* non input consuming loop */ - buffer[nbchars++] = *current++; - if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { -- if (xmlParserEntityCheck(ctxt, nbchars, ent)) -+ if (xmlParserEntityCheck(ctxt, nbchars, ent, 0)) - goto int_error; - growBuffer(buffer, XML_PARSER_BUFFER_SIZE); - } -@@ -7203,7 +7219,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { - xmlFreeNodeList(list); - return; - } -- if (xmlParserEntityCheck(ctxt, 0, ent)) { -+ if (xmlParserEntityCheck(ctxt, 0, ent, 0)) { - xmlFreeNodeList(list); - return; - } -@@ -7361,6 +7377,13 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { - xmlNodePtr nw = NULL, cur, firstChild = NULL; - - /* -+ * We are copying here, make sure there is no abuse -+ */ -+ ctxt->sizeentcopy += ent->length; -+ if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy)) -+ return; -+ -+ /* - * when operating on a reader, the entities definitions - * are always owning the entities subtree. - if (ctxt->parseMode == XML_PARSE_READER) -@@ -7400,6 +7423,14 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { - } else if ((list == NULL) || (ctxt->inputNr > 0)) { - xmlNodePtr nw = NULL, cur, next, last, - firstChild = NULL; -+ -+ /* -+ * We are copying here, make sure there is no abuse -+ */ -+ ctxt->sizeentcopy += ent->length; -+ if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy)) -+ return; -+ - /* - * Copy the entity child list and make it the new - * entity child list. The goal is to make sure any -@@ -14767,6 +14798,7 @@ xmlCtxtReset(xmlParserCtxtPtr ctxt) - ctxt->catalogs = NULL; - ctxt->nbentities = 0; - ctxt->sizeentities = 0; -+ ctxt->sizeentcopy = 0; - xmlInitNodeInfoSeq(&ctxt->node_seq); - - if (ctxt->attsDefault != NULL) { -diff --git a/parserInternals.c b/parserInternals.c -index 02032d5..f8a7041 100644 ---- a/parserInternals.c -+++ b/parserInternals.c -@@ -1719,6 +1719,8 @@ xmlInitParserCtxt(xmlParserCtxtPtr ctxt) - ctxt->charset = XML_CHAR_ENCODING_UTF8; - ctxt->catalogs = NULL; - ctxt->nbentities = 0; -+ ctxt->sizeentities = 0; -+ ctxt->sizeentcopy = 0; - ctxt->input_id = 1; - xmlInitNodeInfoSeq(&ctxt->node_seq); - return(0); --- -cgit v0.9.1 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/libxml2-Fix-potential-out-of-bound-access.patch --- a/components/libxml2/patches/libxml2-Fix-potential-out-of-bound-access.patch Tue Jun 18 10:39:11 2013 +0200 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -From 6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d Mon Sep 17 00:00:00 2001 -From: Daniel Veillard -Date: Mon, 29 Oct 2012 02:39:55 +0000 -Subject: Fix potential out of bound access - ---- -diff --git a/parser.c b/parser.c -index 0d8d7f2..bd634e9 100644 ---- a/parser.c -+++ b/parser.c -@@ -4076,7 +4076,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { - goto error; - - if ((in_space) && (normalize)) { -- while (buf[len - 1] == 0x20) len--; -+ while ((len > 0) && (buf[len - 1] == 0x20)) len--; - } - buf[len] = 0; - if (RAW == '<') { --- -cgit v0.9.0.2 diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/man.patch --- a/components/libxml2/patches/man.patch Tue Jun 18 10:39:11 2013 +0200 +++ b/components/libxml2/patches/man.patch Mon Jul 08 14:13:53 2013 -0700 @@ -67,14 +67,32 @@ .RE .sp .SH "AUTHOR" ---- libxml2-2.9.0/doc/xmllint.1 Wed Sep 5 04:14:55 2012 -+++ libxml2-2.9.0/doc/xmllint.1 Fri Oct 26 01:56:00 2012 -@@ -2,7 +2,7 @@ - .\" It was generated using the DocBook XSL Stylesheets (version 1.69.1). - .\" Instead of manually editing it, you probably should edit the DocBook XML - .\" source for it and then use the DocBook XSL Stylesheets to regenerate it. --.TH "XMLLINT" "1" "$Date$" "libxml2" "" -+.TH "XMLLINT" "1" "11 Sep 2012" "libxml2" "" - .\" disable hyphenation - .nh - .\" disable justification (adjust text to left margin only) +--- libxml2-2.9.1/doc/xmllint.1 Tue Mar 26 20:42:42 2013 ++++ libxml2-2.9.1/doc/xmllint.1 Mon Apr 29 07:14:50 2013 +@@ -7,7 +7,7 @@ + .\" Source: libxml2 + .\" Language: English + .\" +-.TH "XMLLINT" "1" "$Date$" "libxml2" "xmllint Manual" ++.TH "XMLLINT" "1" "19 Apr 2013" "libxml2" "xmllint Manual" + .\" ----------------------------------------------------------------- + .\" * Define some portability stuff + .\" ----------------------------------------------------------------- +@@ -611,7 +611,7 @@ + .\} + \fBlibxml\fR(3) + web page +-\m[blue]\fB\%http://www.xmlsoft.org/\fR\m[] ++\fB\%http://www.xmlsoft.org/\fR + .RE + .sp + .RS 4 +@@ -625,7 +625,7 @@ + W3C + XSLT + page +-\m[blue]\fB\%http://www.w3.org/TR/xslt\fR\m[] ++\fB\%http://www.w3.org/TR/xslt\fR + .RE + .sp + .SH "AUTHORS" diff -r 24447a4555e5 -r be2379d0aa1f components/libxml2/patches/python26.patch --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/components/libxml2/patches/python26.patch Mon Jul 08 14:13:53 2013 -0700 @@ -0,0 +1,20 @@ +See: + +https://mail.gnome.org/archives/xml/2013-April/msg00039.html + +--- libxml2-2.9.1/python/libxml_wrap.h 2013-04-01 19:25:28.000000000 -0700 ++++ libxml2-2.9.1/python/libxml_wrap.h 2013-04-23 07:55:11.268714627 -0700 +@@ -34,11 +34,11 @@ + #define PyBytes_AsString PyString_AsString + #define PyBytes_AS_STRING PyString_AS_STRING + #define PyBytes_GET_SIZE PyString_GET_SIZE +- ++#endif ++#ifndef PyCapsule_New + #define PyCapsule_New PyCObject_FromVoidPtrAndDesc + #define PyCapsule_CheckExact PyCObject_Check + #define PyCapsule_GetPointer(o, n) PyCObject_GetDesc((o)) +- + #endif + #endif +