diffstat for libxml2_2.7.8.dfsg-5.1 libxml2_2.7.8.dfsg-5.1ubuntu4
dict.c | 84 +++++++++++++++++--------
error.c | 38 ++++-------
hash.c | 41 +++++++++++-
libxml2-2.7.8.dfsg/config.guess | 49 +++++++++-----
libxml2-2.7.8.dfsg/config.sub | 65 +++++++++++--------
libxml2-2.7.8.dfsg/configure.in | 1
libxml2-2.7.8.dfsg/debian/changelog | 50 ++++++++++++++
libxml2-2.7.8.dfsg/debian/compat | 2
libxml2-2.7.8.dfsg/debian/control | 24 ++++++-
libxml2-2.7.8.dfsg/debian/libxml2-dev.install | 8 +-
libxml2-2.7.8.dfsg/debian/libxml2-udeb.install | 2
libxml2-2.7.8.dfsg/debian/libxml2.install | 2
libxml2-2.7.8.dfsg/debian/rules | 10 ++
libxml2-2.7.8.dfsg/parser.c | 2
14 files changed, 272 insertions(+), 106 deletions(-)
diff -u libxml2-2.7.8.dfsg/parser.c libxml2-2.7.8.dfsg/parser.c
--- libxml2-2.7.8.dfsg/parser.c
+++ libxml2-2.7.8.dfsg/parser.c
@@ -2709,7 +2709,7 @@
buffer[nbchars++] = '&';
if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) {
- growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
+ growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE);
}
for (;i > 0;i--)
buffer[nbchars++] = *cur++;
diff -u libxml2-2.7.8.dfsg/config.guess libxml2-2.7.8.dfsg/config.guess
--- libxml2-2.7.8.dfsg/config.guess
+++ libxml2-2.7.8.dfsg/config.guess
@@ -2,9 +2,9 @@
# Attempt to guess a canonical system name.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
-# 2011 Free Software Foundation, Inc.
+# 2011, 2012 Free Software Foundation, Inc.
-timestamp='2011-05-11'
+timestamp='2012-02-10'
# This file is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
@@ -17,9 +17,7 @@
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program; if not, see .
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@@ -57,8 +55,8 @@
Originally written by Per Bothner.
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
-Software Foundation, Inc.
+2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
+Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -145,7 +143,7 @@
case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
*:NetBSD:*:*)
# NetBSD (nbsd) targets should (where applicable) match one or
- # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+ # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*,
# *-*-netbsdecoff* and *-*-netbsd*. For targets that recently
# switched to ELF, *-*-netbsd* would select the old
# object file format. This provides both forward
@@ -792,13 +790,12 @@
echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
exit ;;
*:FreeBSD:*:*)
- case ${UNAME_MACHINE} in
- pc98)
- echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ UNAME_PROCESSOR=`/usr/bin/uname -p`
+ case ${UNAME_PROCESSOR} in
amd64)
echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
*)
- echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+ echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
esac
exit ;;
i*:CYGWIN*:*)
@@ -807,6 +804,9 @@
*:MINGW*:*)
echo ${UNAME_MACHINE}-pc-mingw32
exit ;;
+ i*:MSYS*:*)
+ echo ${UNAME_MACHINE}-pc-msys
+ exit ;;
i*:windows32*:*)
# uname -m includes "-pc" on this system.
echo ${UNAME_MACHINE}-mingw32
@@ -861,6 +861,13 @@
i*86:Minix:*:*)
echo ${UNAME_MACHINE}-pc-minix
exit ;;
+ aarch64:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit ;;
+ aarch64_be:Linux:*:*)
+ UNAME_MACHINE=aarch64_be
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit ;;
alpha:Linux:*:*)
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
EV5) UNAME_MACHINE=alphaev5 ;;
@@ -895,13 +902,16 @@
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
cris:Linux:*:*)
- echo cris-axis-linux-gnu
+ echo ${UNAME_MACHINE}-axis-linux-gnu
exit ;;
crisv32:Linux:*:*)
- echo crisv32-axis-linux-gnu
+ echo ${UNAME_MACHINE}-axis-linux-gnu
exit ;;
frv:Linux:*:*)
- echo frv-unknown-linux-gnu
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
+ exit ;;
+ hexagon:Linux:*:*)
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
i*86:Linux:*:*)
LIBC=gnu
@@ -943,7 +953,7 @@
test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
;;
or32:Linux:*:*)
- echo or32-unknown-linux-gnu
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
padre:Linux:*:*)
echo sparc-unknown-linux-gnu
@@ -978,13 +988,13 @@
echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
tile*:Linux:*:*)
- echo ${UNAME_MACHINE}-tilera-linux-gnu
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
vax:Linux:*:*)
echo ${UNAME_MACHINE}-dec-linux-gnu
exit ;;
x86_64:Linux:*:*)
- echo x86_64-unknown-linux-gnu
+ echo ${UNAME_MACHINE}-unknown-linux-gnu
exit ;;
xtensa*:Linux:*:*)
echo ${UNAME_MACHINE}-unknown-linux-gnu
@@ -1315,6 +1325,9 @@
i*86:AROS:*:*)
echo ${UNAME_MACHINE}-pc-aros
exit ;;
+ x86_64:VMkernel:*:*)
+ echo ${UNAME_MACHINE}-unknown-esx
+ exit ;;
esac
#echo '(No uname command or uname output not recognized.)' 1>&2
diff -u libxml2-2.7.8.dfsg/configure.in libxml2-2.7.8.dfsg/configure.in
--- libxml2-2.7.8.dfsg/configure.in
+++ libxml2-2.7.8.dfsg/configure.in
@@ -477,6 +477,7 @@
AC_CHECK_FUNCS(finite isnand fp_class class fpclass)
AC_CHECK_FUNCS(strftime localtime gettimeofday ftime)
AC_CHECK_FUNCS(stat _stat signal)
+AC_CHECK_FUNCS(rand srand time)
dnl Checking the standard string functions availability
AC_CHECK_FUNCS(printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf,,
diff -u libxml2-2.7.8.dfsg/config.sub libxml2-2.7.8.dfsg/config.sub
--- libxml2-2.7.8.dfsg/config.sub
+++ libxml2-2.7.8.dfsg/config.sub
@@ -2,9 +2,9 @@
# Configuration validation subroutine script.
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010,
-# 2011 Free Software Foundation, Inc.
+# 2011, 2012 Free Software Foundation, Inc.
-timestamp='2011-03-23'
+timestamp='2012-02-10'
# This file is (in principle) common to ALL GNU software.
# The presence of a machine in this file suggests that SOME GNU software
@@ -21,9 +21,7 @@
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program; if not, see .
#
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
@@ -76,8 +74,8 @@
GNU config.sub ($timestamp)
Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free
-Software Foundation, Inc.
+2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012
+Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
@@ -132,6 +130,10 @@
os=-$maybe_os
basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
;;
+ android-linux)
+ os=-linux-android
+ basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown
+ ;;
*)
basic_machine=`echo $1 | sed 's/-[^-]*$//'`
if [ $basic_machine != $1 ]
@@ -247,17 +249,22 @@
# Some are omitted here because they have special meanings below.
1750a | 580 \
| a29k \
+ | aarch64 | aarch64_be \
| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
| am33_2.0 \
| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
+ | be32 | be64 \
| bfin \
| c4x | clipper \
| d10v | d30v | dlx | dsp16xx \
+ | epiphany \
| fido | fr30 | frv \
| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+ | hexagon \
| i370 | i860 | i960 | ia64 \
| ip2k | iq2000 \
+ | le32 | le64 \
| lm32 \
| m32c | m32r | m32rle | m68000 | m68k | m88k \
| maxq | mb | microblaze | mcore | mep | metag \
@@ -291,7 +298,7 @@
| pdp10 | pdp11 | pj | pjl \
| powerpc | powerpc64 | powerpc64le | powerpcle \
| pyramid \
- | rx \
+ | rl78 | rx \
| score \
| sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
| sh64 | sh64le \
@@ -300,7 +307,7 @@
| spu \
| tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \
| ubicom32 \
- | v850 | v850e \
+ | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \
| we32k \
| x86 | xc16x | xstormy16 | xtensa \
| z8k | z80)
@@ -315,8 +322,7 @@
c6x)
basic_machine=tic6x-unknown
;;
- m6811 | m68hc11 | m6812 | m68hc12 | picochip)
- # Motorola 68HC11/12.
+ m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | picochip)
basic_machine=$basic_machine-unknown
os=-none
;;
@@ -329,7 +335,10 @@
strongarm | thumb | xscale)
basic_machine=arm-unknown
;;
-
+ xgate)
+ basic_machine=$basic_machine-unknown
+ os=-none
+ ;;
xscaleeb)
basic_machine=armeb-unknown
;;
@@ -352,11 +361,13 @@
# Recognize the basic CPU types with company name.
580-* \
| a29k-* \
+ | aarch64-* | aarch64_be-* \
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
| arm-* | armbe-* | armle-* | armeb-* | armv*-* \
| avr-* | avr32-* \
+ | be32-* | be64-* \
| bfin-* | bs2000-* \
| c[123]* | c30-* | [cjt]90-* | c4x-* \
| clipper-* | craynv-* | cydra-* \
@@ -365,8 +376,10 @@
| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
| h8300-* | h8500-* \
| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+ | hexagon-* \
| i*86-* | i860-* | i960-* | ia64-* \
| ip2k-* | iq2000-* \
+ | le32-* | le64-* \
| lm32-* \
| m32c-* | m32r-* | m32rle-* \
| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
@@ -400,7 +413,7 @@
| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \
| pyramid-* \
- | romp-* | rs6000-* | rx-* \
+ | rl78-* | romp-* | rs6000-* | rx-* \
| sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
@@ -408,10 +421,11 @@
| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \
| tahoe-* \
| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
- | tile-* | tilegx-* \
+ | tile*-* \
| tron-* \
| ubicom32-* \
- | v850-* | v850e-* | vax-* \
+ | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \
+ | vax-* \
| we32k-* \
| x86-* | x86_64-* | xc16x-* | xps100-* \
| xstormy16-* | xtensa*-* \
@@ -711,7 +725,6 @@
i370-ibm* | ibm*)
basic_machine=i370-ibm
;;
-# I'm not sure what "Sysv32" means. Should this be sysv3.2?
i*86v32)
basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
os=-sysv32
@@ -808,10 +821,18 @@
ms1-*)
basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
;;
+ msys)
+ basic_machine=i386-pc
+ os=-msys
+ ;;
mvs)
basic_machine=i370-ibm
os=-mvs
;;
+ nacl)
+ basic_machine=le32-unknown
+ os=-nacl
+ ;;
ncr3000)
basic_machine=i486-ncr
os=-sysv4
@@ -1120,13 +1141,8 @@
basic_machine=t90-cray
os=-unicos
;;
- # This must be matched before tile*.
- tilegx*)
- basic_machine=tilegx-unknown
- os=-linux-gnu
- ;;
tile*)
- basic_machine=tile-unknown
+ basic_machine=$basic_machine-unknown
os=-linux-gnu
;;
tx39)
@@ -1336,7 +1352,7 @@
| -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
| -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
| -chorusos* | -chorusrdb* | -cegcc* \
- | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+ | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
| -mingw32* | -linux-gnu* | -linux-android* \
| -linux-newlib* | -linux-uclibc* \
| -uxpv* | -beos* | -mpeix* | -udk* \
@@ -1548,9 +1564,6 @@
;;
m68000-sun)
os=-sunos3
- # This also exists in the configure program, but was not the
- # default.
- # os=-sunos4
;;
m68*-cisco)
os=-aout
diff -u libxml2-2.7.8.dfsg/debian/libxml2.install libxml2-2.7.8.dfsg/debian/libxml2.install
--- libxml2-2.7.8.dfsg/debian/libxml2.install
+++ libxml2-2.7.8.dfsg/debian/libxml2.install
@@ -1 +1 @@
-usr/lib/libxml2.so.*
+usr/lib/*/libxml2.so.*
diff -u libxml2-2.7.8.dfsg/debian/rules libxml2-2.7.8.dfsg/debian/rules
--- libxml2-2.7.8.dfsg/debian/rules
+++ libxml2-2.7.8.dfsg/debian/rules
@@ -45,7 +45,8 @@
build-python%: BUILD_DIR=build/main/$*
build-python%: BUILD_FLAGS = libxml2mod_la_LIBADD='$$(mylibs)'
-build-python%-dbg: BUILD_FLAGS += PYTHON_INCLUDES=/usr/include/$(*:-dbg=_d) LDFLAGS="-L$(CURDIR)/debian/tmp/usr/lib" CFLAGS="-Wall -g -O0"
+build-python%-dbg: BUILD_FLAGS += PYTHON_INCLUDES=/usr/include/$(*:-dbg=_d) \
+ LDFLAGS="-L$(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)" CFLAGS="-Wall -g -O0"
override_dh_auto_clean:
rm -rf build debian/tmp-dbg
@@ -102,7 +103,10 @@
dh_install -Npython-libxml2-dbg -Nlibxml2-udeb
dh_install -ppython-libxml2-dbg --sourcedir=debian/tmp-dbg
dh_install -plibxml2-udeb --sourcedir=debian/tmp-udeb
- sed "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/libxml2.la > debian/libxml2-dev/usr/lib/libxml2.la
+ sed "/dependency_libs/ s/'.*'/''/" debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libxml2.la > \
+ debian/libxml2-dev/usr/lib/$(DEB_HOST_MULTIARCH)/libxml2.la
+ # for multiarch xml2-config needs to be identical on all archs
+ sed -i -e 's,/usr/lib/$(DEB_HOST_MULTIARCH),/usr/lib,' debian/libxml2-dev/usr/bin/xml2-config
override_dh_strip:
dh_strip -a --dbg-package=libxml2-dbg -Npython-libxml2 -Npython-libxml2-dbg
@@ -121 +125 @@
- dh --with python2 $@
+ dh $@ --with python2
diff -u libxml2-2.7.8.dfsg/debian/libxml2-dev.install libxml2-2.7.8.dfsg/debian/libxml2-dev.install
--- libxml2-2.7.8.dfsg/debian/libxml2-dev.install
+++ libxml2-2.7.8.dfsg/debian/libxml2-dev.install
@@ -1,7 +1,7 @@
usr/bin/xml2-config
-usr/lib/libxml2.so
-usr/lib/libxml2.a
-usr/lib/xml2Conf.sh
+usr/lib/*/libxml2.so
+usr/lib/*/libxml2.a
+usr/lib/*/xml2Conf.sh
usr/share/aclocal
-usr/lib/pkgconfig
+usr/lib/*/pkgconfig
usr/include/libxml2
diff -u libxml2-2.7.8.dfsg/debian/compat libxml2-2.7.8.dfsg/debian/compat
--- libxml2-2.7.8.dfsg/debian/compat
+++ libxml2-2.7.8.dfsg/debian/compat
@@ -1 +1 @@
-7
+9
diff -u libxml2-2.7.8.dfsg/debian/control libxml2-2.7.8.dfsg/debian/control
--- libxml2-2.7.8.dfsg/debian/control
+++ libxml2-2.7.8.dfsg/debian/control
@@ -1,10 +1,11 @@
Source: libxml2
Priority: optional
Section: libs
-Maintainer: Debian XML/SGML Group
+Maintainer: Ubuntu Developers
+XSBC-Original-Maintainer: Debian XML/SGML Group
Uploaders: Mike Hommey
Standards-Version: 3.9.2.0
-Build-Depends: debhelper (>= 7.0.50~), zlib1g-dev | libz-dev, python-all-dev (>= 2.6.6-3~), python-all-dbg, autotools-dev, libreadline-dev | libreadline5-dev, binutils (>= 2.14.90.0.7), dpkg-dev (>= 1.14.9), perl
+Build-Depends: debhelper (>= 8.1.3), zlib1g-dev | libz-dev, python-all-dev (>= 2.6.6-3~), python-all-dbg, autotools-dev, libreadline-dev | libreadline5-dev, binutils (>= 2.14.90.0.7), perl
Homepage: http://xmlsoft.org/
Vcs-Git: git://git.debian.org/debian-xml-sgml/libxml2.git
Vcs-Browser: http://git.debian.org/?p=debian-xml-sgml/libxml2.git
@@ -15,6 +16,8 @@
Section: libs
Depends: ${shlibs:Depends}, ${misc:Depends}
Recommends: xml-core
+Pre-Depends: ${misc:Pre-Depends}
+Multi-Arch: same
Description: GNOME XML library
XML is a metalanguage to let you design your own markup language.
A regular markup language defines a way to describe information in
@@ -30,6 +33,7 @@
Architecture: any
Section: text
Depends: ${shlibs:Depends}, ${misc:Depends}
+Multi-Arch: foreign
Description: XML utilities
XML is a metalanguage to let you design your own markup language.
A regular markup language defines a way to describe information in
@@ -46,6 +50,7 @@
Architecture: any
Section: libdevel
Depends: libxml2 (= ${binary:Version}), ${misc:Depends}
+Multi-Arch: same
Description: Development files for the GNOME XML library
XML is a metalanguage to let you design your own markup language.
A regular markup language defines a way to describe information in
@@ -125,0 +131,15 @@
+Package: libxml2-udeb
+XC-Package-Type: udeb
+Architecture: any
+Section: debian-installer
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: GNOME XML library - minimal runtime
+ XML is a metalanguage to let you design your own markup language.
+ A regular markup language defines a way to describe information in
+ a certain class of documents (eg HTML). XML lets you define your
+ own customized markup languages for many classes of document. It
+ can do this because it's written in SGML, the international standard
+ metalanguage for markup languages.
+ .
+ This is a minimal package for use in debian-installer that yields a
+ library providing an extensive API to handle such XML data files.
diff -u libxml2-2.7.8.dfsg/debian/changelog libxml2-2.7.8.dfsg/debian/changelog
--- libxml2-2.7.8.dfsg/debian/changelog
+++ libxml2-2.7.8.dfsg/debian/changelog
@@ -1,3 +1,44 @@
+libxml2 (2.7.8.dfsg-5.1ubuntu4) precise; urgency=low
+
+ * SECURITY UPDATE: add randomization to dictionaries with hash tables
+ help prevent denial of service via hash algorithm collision
+ - configure.in: lookup for rand, srand and time
+ - dict.c: add randomization to dictionaries hash tables
+ - hash.c: add randomization to normal hash tables
+ - 8973d58b7498fa5100a876815476b81fd1a2412a
+ - CVE-2012-0841
+
+ -- Jamie Strandboge Tue, 28 Feb 2012 07:20:11 -0600
+
+libxml2 (2.7.8.dfsg-5.1ubuntu3) precise; urgency=low
+
+ * various fixes for __xmlRaiseError (LP: #686363). This can be dropped in
+ 2.7.8.dfsg-6
+ - 111d705c282e03e7202723c6c7e4499f8582bd4f
+ - 1b9128bae737fa559f5e2c191d6679a856efbad9
+ - 241d4a1069e6bedd0ee2295d7b43858109c1c6d1
+ - c2a0fdc4e6d106690d7fd8fa1677e133c94e155d
+
+ -- Jamie Strandboge Thu, 19 Jan 2012 11:59:30 -0600
+
+libxml2 (2.7.8.dfsg-5.1ubuntu2) precise; urgency=low
+
+ * SECURITY UPDATE: denial of service via buffer overflow
+ - parser.c: fix an allocation error when copying entities
+ - 5bd3c061823a8499b27422aee04ea20aae24f03e
+ - CVE-2011-3919
+
+ -- Jamie Strandboge Wed, 18 Jan 2012 13:03:04 -0600
+
+libxml2 (2.7.8.dfsg-5.1ubuntu1) precise; urgency=low
+
+ * Merge from Debian testing, remaining changes:
+ - Build for multiarch.
+ - Use debhelper compat 9 instead of hardcoding --libdir.
+ - Move the udeb contents back into /usr/lib.
+
+ -- Steve Langasek Thu, 12 Jan 2012 09:18:30 +0100
+
libxml2 (2.7.8.dfsg-5.1) unstable; urgency=high
* Non-maintainer upload.
@@ -8,6 +49,15 @@
-- Luk Claes Fri, 30 Dec 2011 18:31:13 +0100
+libxml2 (2.7.8.dfsg-5ubuntu1) precise; urgency=low
+
+ * Build for multiarch; thanks to Riku Voipio for the patch.
+ Closes: #643026.
+ * Use debhelper compat 9 instead of hardcoding --libdir.
+ * Move the udeb contents back into /usr/lib.
+
+ -- Steve Langasek Wed, 19 Oct 2011 22:00:20 -0700
+
libxml2 (2.7.8.dfsg-5) unstable; urgency=low
* xpath.c, xpointer.c, include/libxml/xpath.h: Hardening of XPath evaluation.
diff -u libxml2-2.7.8.dfsg/debian/libxml2-udeb.install libxml2-2.7.8.dfsg/debian/libxml2-udeb.install
--- libxml2-2.7.8.dfsg/debian/libxml2-udeb.install
+++ libxml2-2.7.8.dfsg/debian/libxml2-udeb.install
@@ -1 +1 @@
-usr/lib/libxml2.so.*
+usr/lib/*/libxml2.so.* usr/lib
only in patch2:
unchanged:
--- libxml2-2.7.8.dfsg.orig/error.c
+++ libxml2-2.7.8.dfsg/error.c
@@ -452,6 +452,8 @@
xmlErrorPtr to = &xmlLastError;
xmlNodePtr baseptr = NULL;
+ if (code == XML_ERR_OK)
+ return;
if ((xmlGetWarningsDefaultValue == 0) && (level == XML_ERR_WARNING))
return;
if ((domain == XML_FROM_PARSER) || (domain == XML_FROM_HTML) ||
@@ -459,8 +461,11 @@
(domain == XML_FROM_IO) || (domain == XML_FROM_VALID)) {
ctxt = (xmlParserCtxtPtr) ctx;
if ((schannel == NULL) && (ctxt != NULL) && (ctxt->sax != NULL) &&
- (ctxt->sax->initialized == XML_SAX2_MAGIC))
+ (ctxt->sax->initialized == XML_SAX2_MAGIC) &&
+ (ctxt->sax->serror != NULL)) {
schannel = ctxt->sax->serror;
+ data = ctxt->userData;
+ }
}
/*
* Check if structured error handler set
@@ -473,16 +478,6 @@
if (schannel != NULL)
data = xmlStructuredErrorContext;
}
- if ((domain == XML_FROM_VALID) &&
- ((channel == xmlParserValidityError) ||
- (channel == xmlParserValidityWarning))) {
- ctxt = (xmlParserCtxtPtr) ctx;
- if ((schannel == NULL) && (ctxt != NULL) && (ctxt->sax != NULL) &&
- (ctxt->sax->initialized == XML_SAX2_MAGIC))
- schannel = ctxt->sax->serror;
- }
- if (code == XML_ERR_OK)
- return;
/*
* Formatting the message
*/
@@ -589,6 +584,11 @@
if (to != &xmlLastError)
xmlCopyError(to,&xmlLastError);
+ if (schannel != NULL) {
+ schannel(data, to);
+ return;
+ }
+
/*
* Find the callback channel if channel param is NULL
*/
@@ -600,19 +600,9 @@
channel = ctxt->sax->error;
data = ctxt->userData;
} else if (channel == NULL) {
- if ((schannel == NULL) && (xmlStructuredError != NULL)) {
- schannel = xmlStructuredError;
- data = xmlStructuredErrorContext;
- } else {
- channel = xmlGenericError;
- if (!data) {
- data = xmlGenericErrorContext;
- }
- }
- }
- if (schannel != NULL) {
- schannel(data, to);
- return;
+ channel = xmlGenericError;
+ if (!data)
+ data = xmlGenericErrorContext;
}
if (channel == NULL)
return;
only in patch2:
unchanged:
--- libxml2-2.7.8.dfsg.orig/hash.c
+++ libxml2-2.7.8.dfsg/hash.c
@@ -3,7 +3,7 @@
*
* Reference: Your favorite introductory book on algorithms
*
- * Copyright (C) 2000 Bjorn Reese and Daniel Veillard.
+ * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -21,6 +21,25 @@
#include "libxml.h"
#include
+#ifdef HAVE_STDLIB_H
+#include
+#endif
+#ifdef HAVE_TIME_H
+#include
+#endif
+
+/* Force randomization even if configure wasn't regenerated */
+#define HASH_RANDOMIZATION
+
+/*
+ * Following http://www.ocert.org/advisories/ocert-2011-003.html
+ * it seems that having hash randomization might be a good idea
+ * when using XML with untrusted data
+ */
+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)
+#define HASH_RANDOMIZATION
+#endif
+
#include
#include
#include
@@ -31,6 +50,10 @@
/* #define DEBUG_GROW */
+#ifdef HASH_RANDOMIZATION
+static int hash_initialized = 0;
+#endif
+
/*
* A single entry in the hash table
*/
@@ -53,6 +76,9 @@
int size;
int nbElems;
xmlDictPtr dict;
+#ifdef HASH_RANDOMIZATION
+ int random_seed;
+#endif
};
/*
@@ -65,6 +91,9 @@
unsigned long value = 0L;
char ch;
+#ifdef HASH_RANDOMIZATION
+ value = table->random_seed;
+#endif
if (name != NULL) {
value += 30 * (*name);
while ((ch = *name++) != 0) {
@@ -92,6 +121,9 @@
unsigned long value = 0L;
char ch;
+#ifdef HASH_RANDOMIZATION
+ value = table->random_seed;
+#endif
if (prefix != NULL)
value += 30 * (*prefix);
else
@@ -156,6 +188,13 @@
table->table = xmlMalloc(size * sizeof(xmlHashEntry));
if (table->table) {
memset(table->table, 0, size * sizeof(xmlHashEntry));
+#ifdef HASH_RANDOMIZATION
+ if (!hash_initialized) {
+ srand(time(NULL));
+ hash_initialized = 1;
+ }
+ table->random_seed = rand();
+#endif
return(table);
}
xmlFree(table);
only in patch2:
unchanged:
--- libxml2-2.7.8.dfsg.orig/dict.c
+++ libxml2-2.7.8.dfsg/dict.c
@@ -2,7 +2,7 @@
* dict.c: dictionary of reusable strings, just used to avoid allocation
* and freeing operations.
*
- * Copyright (C) 2003 Daniel Veillard.
+ * Copyright (C) 2003-2012 Daniel Veillard.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
@@ -19,6 +19,31 @@
#define IN_LIBXML
#include "libxml.h"
+#ifdef HAVE_STDLIB_H
+#include
+#endif
+#ifdef HAVE_TIME_H
+#include
+#endif
+
+/* Force randomization even if configure wasn't regenerated */
+#define DICT_RANDOMIZATION
+
+/*
+ * Following http://www.ocert.org/advisories/ocert-2011-003.html
+ * it seems that having hash randomization might be a good idea
+ * when using XML with untrusted data
+ * Note1: that it works correctly only if compiled with WITH_BIG_KEY
+ * which is the default.
+ * Note2: the fast function used for a small dict won't protect very
+ * well but since the attack is based on growing a very big hash
+ * list we will use the BigKey algo as soon as the hash size grows
+ * over MIN_DICT_SIZE so this actually works
+ */
+#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME)
+#define DICT_RANDOMIZATION
+#endif
+
#include
#ifdef HAVE_STDINT_H
#include
@@ -44,23 +69,23 @@
#define WITH_BIG_KEY
#ifdef WITH_BIG_KEY
-#define xmlDictComputeKey(dict, name, len) \
- (((dict)->size == MIN_DICT_SIZE) ? \
- xmlDictComputeFastKey(name, len) : \
- xmlDictComputeBigKey(name, len))
-
-#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
- (((prefix) == NULL) ? \
- (xmlDictComputeKey(dict, name, len)) : \
- (((dict)->size == MIN_DICT_SIZE) ? \
- xmlDictComputeFastQKey(prefix, plen, name, len) : \
- xmlDictComputeBigQKey(prefix, plen, name, len)))
+#define xmlDictComputeKey(dict, name, len) \
+ (((dict)->size == MIN_DICT_SIZE) ? \
+ xmlDictComputeFastKey(name, len, (dict)->seed) : \
+ xmlDictComputeBigKey(name, len, (dict)->seed))
+
+#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
+ (((prefix) == NULL) ? \
+ (xmlDictComputeKey(dict, name, len)) : \
+ (((dict)->size == MIN_DICT_SIZE) ? \
+ xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) : \
+ xmlDictComputeBigQKey(prefix, plen, name, len, (dict)->seed)))
#else /* !WITH_BIG_KEY */
-#define xmlDictComputeKey(dict, name, len) \
- xmlDictComputeFastKey(name, len)
-#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
- xmlDictComputeFastQKey(prefix, plen, name, len)
+#define xmlDictComputeKey(dict, name, len) \
+ xmlDictComputeFastKey(name, len, (dict)->seed)
+#define xmlDictComputeQKey(dict, prefix, plen, name, len) \
+ xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed)
#endif /* WITH_BIG_KEY */
/*
@@ -98,6 +123,8 @@
xmlDictStringsPtr strings;
struct _xmlDict *subdict;
+ /* used for randomization */
+ int seed;
};
/*
@@ -125,6 +152,9 @@
if ((xmlDictMutex = xmlNewRMutex()) == NULL)
return(0);
+#ifdef DICT_RANDOMIZATION
+ srand(time(NULL));
+#endif
xmlDictInitialized = 1;
return(1);
}
@@ -277,13 +307,13 @@
*/
static uint32_t
-xmlDictComputeBigKey(const xmlChar* data, int namelen) {
+xmlDictComputeBigKey(const xmlChar* data, int namelen, int seed) {
uint32_t hash;
int i;
if (namelen <= 0 || data == NULL) return(0);
- hash = 0;
+ hash = seed;
for (i = 0;i < namelen; i++) {
hash += data[i];
@@ -310,12 +340,12 @@
*/
static unsigned long
xmlDictComputeBigQKey(const xmlChar *prefix, int plen,
- const xmlChar *name, int len)
+ const xmlChar *name, int len, int seed)
{
uint32_t hash;
int i;
- hash = 0;
+ hash = seed;
for (i = 0;i < plen; i++) {
hash += prefix[i];
@@ -346,8 +376,8 @@
* for low hash table fill.
*/
static unsigned long
-xmlDictComputeFastKey(const xmlChar *name, int namelen) {
- unsigned long value = 0L;
+xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) {
+ unsigned long value = seed;
if (name == NULL) return(0);
value = *name;
@@ -381,9 +411,9 @@
*/
static unsigned long
xmlDictComputeFastQKey(const xmlChar *prefix, int plen,
- const xmlChar *name, int len)
+ const xmlChar *name, int len, int seed)
{
- unsigned long value = 0L;
+ unsigned long value = (unsigned long) seed;
if (plen == 0)
value += 30 * (unsigned long) ':';
@@ -460,6 +490,11 @@
dict->subdict = NULL;
if (dict->dict) {
memset(dict->dict, 0, MIN_DICT_SIZE * sizeof(xmlDictEntry));
+#ifdef DICT_RANDOMIZATION
+ dict->seed = rand();
+#else
+ dict->seed = 0;
+#endif
return(dict);
}
xmlFree(dict);
@@ -486,6 +521,7 @@
#ifdef DICT_DEBUG_PATTERNS
fprintf(stderr, "R");
#endif
+ dict->seed = sub->seed;
dict->subdict = sub;
xmlDictReference(dict->subdict);
}