22274306 Upgrade libxml2 to version 2.9.3
authorPetr Sumbera <petr.sumbera@oracle.com>
Thu, 26 Nov 2015 00:58:11 -0800
changeset 5136 545b33faf1ec
parent 5131 68afba598ccf
child 5137 b0c6a0c83b00
22274306 Upgrade libxml2 to version 2.9.3 22231801 problem in LIBRARY/LIBXML 22256466 problem in LIBRARY/LIBXML 22254801 problem in LIBRARY/LIBXML 22255443 problem in LIBRARY/LIBXML 22255485 problem in LIBRARY/LIBXML 22256106 problem in LIBRARY/LIBXML 22256261 problem in LIBRARY/LIBXML 22256290 problem in LIBRARY/LIBXML
components/libxml2/Makefile
components/libxml2/patches/Bug737840.patch
components/libxml2/patches/Bug744980-1.patch
components/libxml2/patches/Bug744980-2.patch
components/libxml2/patches/Bug746048.patch
components/libxml2/patches/CVE-2015-1819.patch
components/libxml2/patches/CVE-2015-7942.patch
components/libxml2/patches/parser.patch
components/libxml2/patches/xmlcatalog.patch
components/libxml2/test/results-all.master
--- a/components/libxml2/Makefile	Thu Nov 26 09:49:00 2015 -0800
+++ b/components/libxml2/Makefile	Thu Nov 26 00:58:11 2015 -0800
@@ -26,12 +26,12 @@
 include ../../make-rules/shared-macros.mk
 
 COMPONENT_NAME=		libxml2
-COMPONENT_VERSION=	2.9.2
+COMPONENT_VERSION=	2.9.3
 COMPONENT_PROJECT_URL=	http://xmlsoft.org/
 COMPONENT_SRC=		$(COMPONENT_NAME)-$(COMPONENT_VERSION)
 COMPONENT_ARCHIVE=	$(COMPONENT_SRC).tar.gz
 COMPONENT_ARCHIVE_HASH=	\
-    sha256:5178c30b151d044aefb1b08bf54c3003a0ac55c59c866763997529d60770d5bc
+    sha256:4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d
 COMPONENT_ARCHIVE_URL=	ftp://xmlsoft.org/libxml2/$(COMPONENT_ARCHIVE)
 COMPONENT_BUGDB=	library/libxml
 
@@ -41,7 +41,7 @@
     sha256:96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7
 COMPONENT_ARCHIVE_URL_1= http://www.w3.org/XML/Test/$(COMPONENT_ARCHIVE_1)
 
-TPNO=			19552
+TPNO=			25711
 
 include $(WS_MAKE_RULES)/prep.mk
 include $(WS_MAKE_RULES)/configure.mk
--- a/components/libxml2/patches/Bug737840.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,93 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-https://git.gnome.org/browse/libxml2/commit/?id=ef709ce2f7b792d5fb69ed142796d743fb1eb388
-
-From ef709ce2f7b792d5fb69ed142796d743fb1eb388 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Thu, 10 Sep 2015 19:41:41 +0800
-Subject: Fix the spurious ID already defined error
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=737840
-the fix for 724903 introduced a regression on external entities carrying
-IDs, revert that patch in part and add a specific test to avoid readding it
----
- result/valid/737840.xml         | 10 ++++++++++
- result/valid/737840.xml.err     |  0
- result/valid/737840.xml.err.rdr |  0
- test/valid/737840.xml           | 10 ++++++++++
- test/valid/dtds/737840.ent      |  1 +
- valid.c                         |  6 ++++--
- 6 files changed, 25 insertions(+), 2 deletions(-)
- create mode 100644 result/valid/737840.xml
- create mode 100644 result/valid/737840.xml.err
- create mode 100644 result/valid/737840.xml.err.rdr
- create mode 100644 test/valid/737840.xml
- create mode 100644 test/valid/dtds/737840.ent
-
-diff --git a/result/valid/737840.xml b/result/valid/737840.xml
-new file mode 100644
-index 0000000..433c6d6
---- /dev/null
-+++ b/result/valid/737840.xml
[email protected]@ -0,0 +1,10 @@
-+<?xml version="1.0"?>
-+<!DOCTYPE root [
-+<!ELEMENT root (elem)>
-+<!ELEMENT elem (#PCDATA)>
-+<!ATTLIST elem id ID #IMPLIED>
-+<!ENTITY target SYSTEM "dtds/737840.ent">
-+]>
-+<root>
-+  &target;
-+</root>
-diff --git a/result/valid/737840.xml.err b/result/valid/737840.xml.err
-new file mode 100644
-index 0000000..e69de29
-diff --git a/result/valid/737840.xml.err.rdr b/result/valid/737840.xml.err.rdr
-new file mode 100644
-index 0000000..e69de29
-diff --git a/test/valid/737840.xml b/test/valid/737840.xml
-new file mode 100644
-index 0000000..2d27b73
---- /dev/null
-+++ b/test/valid/737840.xml
[email protected]@ -0,0 +1,10 @@
-+<!DOCTYPE root [
-+<!ELEMENT root (elem)>
-+<!ELEMENT elem (#PCDATA)>
-+<!ATTLIST elem id ID #IMPLIED>
-+<!ENTITY target SYSTEM "dtds/737840.ent">
-+]>
-+
-+<root>
-+  &target;
-+</root>
-diff --git a/test/valid/dtds/737840.ent b/test/valid/dtds/737840.ent
-new file mode 100644
-index 0000000..e972132
---- /dev/null
-+++ b/test/valid/dtds/737840.ent
[email protected]@ -0,0 +1 @@
-+<elem id="id0"/>
-\ No newline at end of file
-diff --git a/valid.c b/valid.c
-index 409aa81..45a3f70 100644
---- a/valid.c
-+++ b/valid.c
[email protected]@ -2634,8 +2634,10 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value,
- 	/*
- 	 * The id is already defined in this DTD.
- 	 */
--	xmlErrValidNode(ctxt, attr->parent, XML_DTD_ID_REDEFINED,
--			"ID %s already defined\n", value, NULL, NULL);
-+	if (ctxt != NULL) {
-+	    xmlErrValidNode(ctxt, attr->parent, XML_DTD_ID_REDEFINED,
-+			    "ID %s already defined\n", value, NULL, NULL);
-+	}
- #endif /* LIBXML_VALID_ENABLED */
- 	xmlFreeID(ret);
- 	return(NULL);
--- 
-cgit v0.11.2
-
--- a/components/libxml2/patches/Bug744980-1.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,32 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-From a7dfab7411cbf545f359dd3157e5df1eb0e7ce31 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Mon, 23 Feb 2015 11:17:35 +0800
-Subject: Stop parsing on entities boundaries errors
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=744980
-
-There are times, like on unterminated entities that it's preferable to
-stop parsing, even if that means less error reporting. Entities are
-feeding the parser on further processing, and if they are ill defined
-then it's possible to get the parser to bug. Also do the same on
-Conditional Sections if the input is broken, as the structure of
-the document can't be guessed.
-
-diff --git a/parser.c b/parser.c
-index a8d1b67..bbe97eb 100644
---- a/parser.c
-+++ b/parser.c
[email protected]@ -5658,6 +5658,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) {
- 	if (RAW != '>') {
- 	    xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED,
- 	            "xmlParseEntityDecl: entity %s not terminated\n", name);
-+	    xmlStopParser(ctxt);
- 	} else {
- 	    if (input != ctxt->input) {
- 		xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY,
--- 
-cgit v0.10.2
-
--- a/components/libxml2/patches/Bug744980-2.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,49 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-From 9b8512337d14c8ddf662fcb98b0135f225a1c489 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Mon, 23 Feb 2015 11:29:20 +0800
-Subject: Cleanup conditional section error handling
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=744980
-
-The error handling of Conditional Section also need to be
-straightened as the structure of the document can't be
-guessed on a failure there and it's better to stop parsing
-as further errors are likely to be irrelevant.
-
-diff --git a/parser.c b/parser.c
-index bbe97eb..fe603ac 100644
---- a/parser.c
-+++ b/parser.c
[email protected]@ -6770,6 +6770,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	SKIP_BLANKS;
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
-+	    xmlStopParser(ctxt);
-+	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
- 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
[email protected]@ -6830,6 +6832,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	SKIP_BLANKS;
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
-+	    xmlStopParser(ctxt);
-+	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
- 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
[email protected]@ -6885,6 +6889,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 
-     } else {
- 	xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL);
-+	xmlStopParser(ctxt);
-+	return;
-     }
- 
-     if (RAW == 0)
--- 
-cgit v0.10.2
-
--- a/components/libxml2/patches/Bug746048.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,92 +0,0 @@
-Patch origin: community
-Patch status: unknown, needs to be verified by upstream
-
-https://bugzilla.gnome.org/show_bug.cgi?id=746048
-
-diff --git a/HTMLparser.c b/HTMLparser.c
-index d329d3b..6f81424 100644
---- a/HTMLparser.c
-+++ b/HTMLparser.c
[email protected]@ -3245,13 +3245,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt) {
- 	ctxt->instate = state;
- 	return;
-     }
-+    if ((ctxt->input->end - ctxt->input->cur) < 3) {
-+        ctxt->instate = XML_PARSER_EOF;
-+        htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED,
-+                     "Comment not terminated\n", NULL, NULL);
-+        xmlFree(buf);
-+        return;
-+    }
-     q = CUR_CHAR(ql);
-     NEXTL(ql);
-     r = CUR_CHAR(rl);
-     NEXTL(rl);
-     cur = CUR_CHAR(l);
-     len = 0;
--    while (IS_CHAR(cur) &&
-+    while (((ctxt->input->end - ctxt->input->cur) > 0) && IS_CHAR(cur) &&
-            ((cur != '>') ||
- 	    (r != '-') || (q != '-'))) {
- 	if (len + 5 >= size) {
[email protected]@ -3281,7 +3288,7 @@ htmlParseComment(htmlParserCtxtPtr ctxt) {
- 	}
-     }
-     buf[len] = 0;
--    if (!IS_CHAR(cur)) {
-+    if (!(ctxt->input->end - ctxt->input->cur) || !IS_CHAR(cur)) {
- 	htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED,
- 	             "Comment not terminated \n<!--%.50s\n", buf, NULL);
- 	xmlFree(buf);
[email protected]@ -4465,6 +4472,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) {
-     depth = ctxt->nameNr;
-     while (1) {
- 	long cons = ctxt->nbChars;
-+    long rem = ctxt->input->end - ctxt->input->cur;
- 
-         GROW;
- 
[email protected]@ -4540,7 +4548,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) {
- 	    /*
- 	     * Sometimes DOCTYPE arrives in the middle of the document
- 	     */
--	    if ((CUR == '<') && (NXT(1) == '!') &&
-+	    if ((rem >= 9) && (CUR == '<') && (NXT(1) == '!') &&
- 		(UPP(2) == 'D') && (UPP(3) == 'O') &&
- 		(UPP(4) == 'C') && (UPP(5) == 'T') &&
- 		(UPP(6) == 'Y') && (UPP(7) == 'P') &&
[email protected]@ -4554,7 +4562,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) {
- 	    /*
- 	     * First case :  a comment
- 	     */
--	    if ((CUR == '<') && (NXT(1) == '!') &&
-+	    if ((rem >= 4) && (CUR == '<') && (NXT(1) == '!') &&
- 		(NXT(2) == '-') && (NXT(3) == '-')) {
- 		htmlParseComment(ctxt);
- 	    }
[email protected]@ -4562,14 +4570,14 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) {
- 	    /*
- 	     * Second case : a Processing Instruction.
- 	     */
--	    else if ((CUR == '<') && (NXT(1) == '?')) {
-+	    else if ((rem >= 2) && (CUR == '<') && (NXT(1) == '?')) {
- 		htmlParsePI(ctxt);
- 	    }
- 
- 	    /*
- 	     * Third case :  a sub-element.
- 	     */
--	    else if (CUR == '<') {
-+	    else if ((rem >= 1) && (CUR == '<')) {
- 		htmlParseElementInternal(ctxt);
- 		if (currentNode != NULL) xmlFree(currentNode);
- 
[email protected]@ -4581,7 +4589,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) {
- 	     * Fourth case : a reference. If if has not been resolved,
- 	     *    parsing returns it's Name, create the node
- 	     */
--	    else if (CUR == '&') {
-+	    else if ((rem >= 1) && (CUR == '&')) {
- 		htmlParseReference(ctxt);
- 	    }
-
--- a/components/libxml2/patches/CVE-2015-1819.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,176 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9
-
-From 213f1fe0d76d30eaed6e5853057defc43e6df2c9 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Tue, 14 Apr 2015 17:41:48 +0800
-Subject: CVE-2015-1819 Enforce the reader to run in constant memory
-
-One of the operation on the reader could resolve entities
-leading to the classic expansion issue. Make sure the
-buffer used for xmlreader operation is bounded.
-Introduce a new allocation type for the buffers for this effect.
-
-diff --git a/buf.c b/buf.c
-index 6efc7b6..07922ff 100644
---- a/buf.c
-+++ b/buf.c
[email protected]@ -27,6 +27,7 @@
- #include <libxml/tree.h>
- #include <libxml/globals.h>
- #include <libxml/tree.h>
-+#include <libxml/parserInternals.h> /* for XML_MAX_TEXT_LENGTH */
- #include "buf.h"
- 
- #define WITH_BUFFER_COMPAT
[email protected]@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf,
-     if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) ||
-         (scheme == XML_BUFFER_ALLOC_EXACT) ||
-         (scheme == XML_BUFFER_ALLOC_HYBRID) ||
--        (scheme == XML_BUFFER_ALLOC_IMMUTABLE)) {
-+        (scheme == XML_BUFFER_ALLOC_IMMUTABLE) ||
-+	(scheme == XML_BUFFER_ALLOC_BOUNDED)) {
- 	buf->alloc = scheme;
-         if (buf->buffer)
-             buf->buffer->alloc = scheme;
[email protected]@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) {
-     size = buf->use + len + 100;
- #endif
- 
-+    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+        /*
-+	 * Used to provide parsing limits
-+	 */
-+        if ((buf->use + len >= XML_MAX_TEXT_LENGTH) ||
-+	    (buf->size >= XML_MAX_TEXT_LENGTH)) {
-+	    xmlBufMemoryError(buf, "buffer error: text too long\n");
-+	    return(0);
-+	}
-+	if (size >= XML_MAX_TEXT_LENGTH)
-+	    size = XML_MAX_TEXT_LENGTH;
-+    }
-     if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) {
-         size_t start_buf = buf->content - buf->contentIO;
- 
[email protected]@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size)
-     CHECK_COMPAT(buf)
- 
-     if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0);
-+    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+        /*
-+	 * Used to provide parsing limits
-+	 */
-+        if (size >= XML_MAX_TEXT_LENGTH) {
-+	    xmlBufMemoryError(buf, "buffer error: text too long\n");
-+	    return(0);
-+	}
-+    }
- 
-     /* Don't resize if we don't have to */
-     if (size < buf->size)
[email protected]@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) {
- 
-     needSize = buf->use + len + 2;
-     if (needSize > buf->size){
-+	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+	    /*
-+	     * Used to provide parsing limits
-+	     */
-+	    if (needSize >= XML_MAX_TEXT_LENGTH) {
-+		xmlBufMemoryError(buf, "buffer error: text too long\n");
-+		return(-1);
-+	    }
-+	}
-         if (!xmlBufResize(buf, needSize)){
- 	    xmlBufMemoryError(buf, "growing buffer");
-             return XML_ERR_NO_MEMORY;
[email protected]@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) {
-     }
-     needSize = buf->use + len + 2;
-     if (needSize > buf->size){
-+	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+	    /*
-+	     * Used to provide parsing limits
-+	     */
-+	    if (needSize >= XML_MAX_TEXT_LENGTH) {
-+		xmlBufMemoryError(buf, "buffer error: text too long\n");
-+		return(-1);
-+	    }
-+	}
-         if (!xmlBufResize(buf, needSize)){
- 	    xmlBufMemoryError(buf, "growing buffer");
-             return XML_ERR_NO_MEMORY;
-diff --git a/include/libxml/tree.h b/include/libxml/tree.h
-index 2f90717..4a9b3bc 100644
---- a/include/libxml/tree.h
-+++ b/include/libxml/tree.h
[email protected]@ -76,7 +76,8 @@ typedef enum {
-     XML_BUFFER_ALLOC_EXACT,	/* grow only to the minimal size */
-     XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */
-     XML_BUFFER_ALLOC_IO,	/* special allocation scheme used for I/O */
--    XML_BUFFER_ALLOC_HYBRID	/* exact up to a threshold, and doubleit thereafter */
-+    XML_BUFFER_ALLOC_HYBRID,	/* exact up to a threshold, and doubleit thereafter */
-+    XML_BUFFER_ALLOC_BOUNDED	/* limit the upper size of the buffer */
- } xmlBufferAllocationScheme;
- 
- /**
-diff --git a/xmlreader.c b/xmlreader.c
-index f19e123..471e7e2 100644
---- a/xmlreader.c
-+++ b/xmlreader.c
[email protected]@ -2091,6 +2091,9 @@ xmlNewTextReader(xmlParserInputBufferPtr input, const char *URI) {
- 		"xmlNewTextReader : malloc failed\n");
- 	return(NULL);
-     }
-+    /* no operation on a reader should require a huge buffer */
-+    xmlBufSetAllocationScheme(ret->buffer,
-+			      XML_BUFFER_ALLOC_BOUNDED);
-     ret->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
-     if (ret->sax == NULL) {
- 	xmlBufFree(ret->buffer);
[email protected]@ -3616,6 +3619,7 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
- 	    return(((xmlNsPtr) node)->href);
-         case XML_ATTRIBUTE_NODE:{
- 	    xmlAttrPtr attr = (xmlAttrPtr) node;
-+	    const xmlChar *ret;
- 
- 	    if ((attr->children != NULL) &&
- 	        (attr->children->type == XML_TEXT_NODE) &&
[email protected]@ -3629,10 +3633,21 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
-                                         "xmlTextReaderSetup : malloc failed\n");
-                         return (NULL);
-                     }
-+		    xmlBufSetAllocationScheme(reader->buffer,
-+		                              XML_BUFFER_ALLOC_BOUNDED);
-                 } else
-                     xmlBufEmpty(reader->buffer);
- 	        xmlBufGetNodeContent(reader->buffer, node);
--		return(xmlBufContent(reader->buffer));
-+		ret = xmlBufContent(reader->buffer);
-+		if (ret == NULL) {
-+		    /* error on the buffer best to reallocate */
-+		    xmlBufFree(reader->buffer);
-+		    reader->buffer = xmlBufCreateSize(100);
-+		    xmlBufSetAllocationScheme(reader->buffer,
-+		                              XML_BUFFER_ALLOC_BOUNDED);
-+		    ret = BAD_CAST "";
-+		}
-+		return(ret);
- 	    }
- 	    break;
- 	}
[email protected]@ -5131,6 +5146,9 @@ xmlTextReaderSetup(xmlTextReaderPtr reader,
-                         "xmlTextReaderSetup : malloc failed\n");
-         return (-1);
-     }
-+    /* no operation on a reader should require a huge buffer */
-+    xmlBufSetAllocationScheme(reader->buffer,
-+			      XML_BUFFER_ALLOC_BOUNDED);
-     if (reader->sax == NULL)
- 	reader->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
-     if (reader->sax == NULL) {
--- 
-cgit v0.10.2
-
--- a/components/libxml2/patches/CVE-2015-7942.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,50 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-https://git.gnome.org/browse/libxml2/patch/?id=bd0526e66a56e75a18da8c15c4750db8f801c52d
-https://git.gnome.org/browse/libxml2/patch/?id=41ac9049a27f52e7a1f3b341f8714149fc88d450
-
-From bd0526e66a56e75a18da8c15c4750db8f801c52d Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Fri, 23 Oct 2015 19:02:28 +0800
-Subject: Another variation of overflow in Conditional sections
-
-Which happen after the previous fix to
-https://bugzilla.gnome.org/show_bug.cgi?id=756456
-
-But stopping the parser and exiting we didn't pop the intermediary entities
-and doing the SKIP there applies on an input which may be too small
----
- parser.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-From 41ac9049a27f52e7a1f3b341f8714149fc88d450 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Tue, 27 Oct 2015 10:53:44 +0800
-Subject: Fix an error in previous Conditional section patch
-
-an off by one mistake in the change, led to error on correct
-document where the end of the included entity was exactly
-the end of the conditional section, leading to regtest failure
----
- parser.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/parser.c b/parser.c
-index a65e4cc..b9217ff 100644
---- a/parser.c
-+++ b/parser.c
[email protected]@ -6915,7 +6915,9 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	"All markup of the conditional section is not in the same entity\n",
- 				 NULL, NULL);
- 	}
--        SKIP(3);
-+	if ((ctxt-> instate != XML_PARSER_EOF) &&
-+	    ((ctxt->input->cur + 3) <= ctxt->input->end))
-+	    SKIP(3);
-     }
- }
- 
--- 
-cgit v0.11.2
-
--- a/components/libxml2/patches/parser.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,31 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Thu, 23 Oct 2014 11:35:36 +0800
-Subject: Fix missing entities after CVE-2014-3660 fix
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=738805
-
-The fix for CVE-2014-3660 introduced a regression in some case
-where entity substitution is required and the entity is used
-first in anotther entity referenced from an attribute value
-
-diff --git a/parser.c b/parser.c
-index 67c9dfd..a8d1b67 100644
---- a/parser.c
-+++ b/parser.c
[email protected]@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
-      * far more secure as the parser will only process data coming from
-      * the document entity by default.
-      */
--    if ((ent->checked == 0) &&
-+    if (((ent->checked == 0) ||
-+         ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) &&
-         ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) ||
-          (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) {
- 	unsigned long oldnbent = ctxt->nbentities;
--- 
-cgit v0.10.1
-
--- a/components/libxml2/patches/xmlcatalog.patch	Thu Nov 26 09:49:00 2015 -0800
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,29 +0,0 @@
-Patch origin: upstream
-Patch status: will be part of next version
-
-From f65128f38289d77ff322d63aef2858cc0a819c34 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <[email protected]>
-Date: Fri, 17 Oct 2014 17:13:41 +0800
-Subject: Revert "Missing initialization for the catalog module"
-
-This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7.
-As this break xmlcatalog command
-https://bugzilla.redhat.com/show_bug.cgi?id=1153753
-
-diff --git a/parser.c b/parser.c
-index 1d93967..67c9dfd 100644
---- a/parser.c
-+++ b/parser.c
[email protected]@ -14830,9 +14830,6 @@ xmlInitParser(void) {
- #ifdef LIBXML_XPATH_ENABLED
- 	xmlXPathInit();
- #endif
--#ifdef LIBXML_CATALOG_ENABLED
--        xmlInitializeCatalog();
--#endif
- 	xmlParserInitialized = 1;
- #ifdef LIBXML_THREAD_ENABLED
-     }
--- 
-cgit v0.10.1
-
--- a/components/libxml2/test/results-all.master	Thu Nov 26 09:49:00 2015 -0800
+++ b/components/libxml2/test/results-all.master	Thu Nov 26 00:58:11 2015 -0800
@@ -39,7 +39,7 @@
 ## C14N exclusive without comments regression tests
 ## C14N 1.1 without comments regression tests
 ## Catalog and Threads regression tests
-Total 2893 tests, no errors
+Total 2920 tests, no errors
 .........
 ## Parsing recursive test cases
 ## Parsing non-recursive test cases