diff mbox series

[kirkstone,18/31] libxml2: Upgrade 2.9.13 -> 2.9.14

Message ID 393b81058f3b970eb906a7f9daa842d8a0747700.1652811454.git.steve@sakoman.com
State Accepted, archived
Commit 393b81058f3b970eb906a7f9daa842d8a0747700
Headers show
Series [kirkstone,01/31] freetype: backport patch for CVE-2022-27404 | expand

Commit Message

Steve Sakoman May 17, 2022, 6:24 p.m. UTC 
From: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>

Security

[CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
Fix potential double-free in xmlXPtrStringRangeFunction
Fix memory leak in xmlFindCharEncodingHandler
Normalize XPath strings in-place
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() (David Kilzer)
Fix leak of xmlElementContent (David Kilzer)

Bug fixes

Fix parsing of subtracted regex character classes
Fix recursion check in xinclude.c
Reset last error in xmlCleanupGlobals
Fix certain combinations of regex range quantifiers
Fix range quantifier on subregex

Improvements

Fix recovery from invalid HTML start tags

Build system, portability

Define LFS macros before including system headers
Initialize XPath floating-point globals
configure: check for icu DEFS (James Hilliard)
configure.ac: produce tar.xz only (GNOME policy) (David Seifert)
CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
Fix build with older Python versions
Fix --without-valid build

Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit c4ba21f4012e8859fc793bec7df76e56eb8058ec)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 .../CVE-2022-23308-fix-regression.patch       | 99 -------------------
 .../libxml2/libxml-m4-use-pkgconfig.patch     | 21 ++--
 .../{libxml2_2.9.13.bb => libxml2_2.9.14.bb}  |  5 +-
 3 files changed, 14 insertions(+), 111 deletions(-)
 delete mode 100644 meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
 rename meta/recipes-core/libxml/{libxml2_2.9.13.bb => libxml2_2.9.14.bb} (96%)
diff mbox series

Patch

diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
deleted file mode 100644
index e188914613..0000000000
--- a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
+++ /dev/null
@@ -1,99 +0,0 @@ 
-From 646fe48d1c8a74310c409ddf81fe7df6700052af Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 22 Feb 2022 11:51:08 +0100
-Subject: [PATCH] Fix --without-valid build
-
-Regressed in commit 652dd12a.
----
- valid.c | 58 ++++++++++++++++++++++++++++-----------------------------
- 1 file changed, 29 insertions(+), 29 deletions(-)
----
-
-From https://github.com/GNOME/libxml2.git
- commit 646fe48d1c8a74310c409ddf81fe7df6700052af
-
-CVE: CVE-2022-23308
-Upstream-Status: Backport
-
-Signed-off-by: Joe Slater <joe.slater@windriver.com>
-
-
-diff --git a/valid.c b/valid.c
-index 8e596f1d..9684683a 100644
---- a/valid.c
-+++ b/valid.c
-@@ -479,35 +479,6 @@ nodeVPop(xmlValidCtxtPtr ctxt)
-     return (ret);
- }
- 
--/**
-- * xmlValidNormalizeString:
-- * @str: a string
-- *
-- * Normalize a string in-place.
-- */
--static void
--xmlValidNormalizeString(xmlChar *str) {
--    xmlChar *dst;
--    const xmlChar *src;
--
--    if (str == NULL)
--        return;
--    src = str;
--    dst = str;
--
--    while (*src == 0x20) src++;
--    while (*src != 0) {
--	if (*src == 0x20) {
--	    while (*src == 0x20) src++;
--	    if (*src != 0)
--		*dst++ = 0x20;
--	} else {
--	    *dst++ = *src++;
--	}
--    }
--    *dst = 0;
--}
--
- #ifdef DEBUG_VALID_ALGO
- static void
- xmlValidPrintNode(xmlNodePtr cur) {
-@@ -2636,6 +2607,35 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) {
- 	    (xmlDictOwns(dict, (const xmlChar *)(str)) == 0)))	\
- 	    xmlFree((char *)(str));
- 
-+/**
-+ * xmlValidNormalizeString:
-+ * @str: a string
-+ *
-+ * Normalize a string in-place.
-+ */
-+static void
-+xmlValidNormalizeString(xmlChar *str) {
-+    xmlChar *dst;
-+    const xmlChar *src;
-+
-+    if (str == NULL)
-+        return;
-+    src = str;
-+    dst = str;
-+
-+    while (*src == 0x20) src++;
-+    while (*src != 0) {
-+	if (*src == 0x20) {
-+	    while (*src == 0x20) src++;
-+	    if (*src != 0)
-+		*dst++ = 0x20;
-+	} else {
-+	    *dst++ = *src++;
-+	}
-+    }
-+    *dst = 0;
-+}
-+
- static int
- xmlIsStreaming(xmlValidCtxtPtr ctxt) {
-     xmlParserCtxtPtr pctxt;
--- 
-2.35.1
-
diff --git a/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch b/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
index d211f65da3..cc9da88a29 100644
--- a/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
+++ b/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
@@ -1,4 +1,4 @@ 
-From f57da62218cf72c1342da82abafdac6b0a2e4997 Mon Sep 17 00:00:00 2001
+From 7196bce35954c4b46391cb0139aeb15ed628fa54 Mon Sep 17 00:00:00 2001
 From: Tony Tascioglu <tony.tascioglu@windriver.com>
 Date: Fri, 14 May 2021 11:50:35 -0400
 Subject: [PATCH] AM_PATH_XML2 uses xml-config which we disable through
@@ -16,16 +16,18 @@  Rebase to 2.9.9
 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
 
 Updated to apply cleanly to v2.9.12
-
 Signed-off-by: Tony Tascioglu <tony.tascioglu@windriver.com>
+
+Rebase to 2.9.14
+Signed-off-by: Jiaqing Zhao <jiaqing.zhao@linux.intel.com>
 ---
- libxml.m4 | 190 ++----------------------------------------------------
- 1 file changed, 5 insertions(+), 185 deletions(-)
+ libxml.m4 | 189 ++----------------------------------------------------
+ 1 file changed, 5 insertions(+), 184 deletions(-)
 
-Index: libxml2-2.9.13/libxml.m4
-===================================================================
---- libxml2-2.9.13.orig/libxml.m4
-+++ libxml2-2.9.13/libxml.m4
+diff --git a/libxml.m4 b/libxml.m4
+index fc7790c..1c53585 100644
+--- a/libxml.m4
++++ b/libxml.m4
 @@ -1,191 +1,12 @@
 -# Configure paths for LIBXML2
 -# Simon Josefsson 2020-02-12
@@ -223,3 +225,6 @@  Index: libxml2-2.9.13/libxml.m4
 -  AC_SUBST(XML_LIBS)
 -  rm -f conf.xmltest
  ])
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/libxml/libxml2_2.9.13.bb b/meta/recipes-core/libxml/libxml2_2.9.14.bb
similarity index 96%
rename from meta/recipes-core/libxml/libxml2_2.9.13.bb
rename to meta/recipes-core/libxml/libxml2_2.9.14.bb
index e361b53bfd..3081ebf92f 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.13.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9.14.bb
@@ -23,11 +23,8 @@  SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;subdir=${BP};name=te
            file://remove-fuzz-from-ptests.patch \
            file://libxml-m4-use-pkgconfig.patch \
            "
-# will be in v2.9.14
-#
-SRC_URI += "file://CVE-2022-23308-fix-regression.patch"
 
-SRC_URI[archive.sha256sum] = "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e"
+SRC_URI[archive.sha256sum] = "60d74a257d1ccec0475e749cba2f21559e48139efba6ff28224357c7c798dfee"
 SRC_URI[testtar.sha256sum] = "96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7"
 
 BINCONFIG = "${bindir}/xml2-config"