diffstat for libxml2_2.7.8.dfsg-6 libxml2_2.7.8.dfsg-6 config.h.in | 9 + debian/pycompat | 1 dict.c | 81 ++++++--- entities.c | 36 ++-- error.c | 38 ++-- hash.c | 38 ++++ libxml2-2.7.8.dfsg/Makefile.in | 8 libxml2-2.7.8.dfsg/config.guess | 219 ++++++++++++-------------- libxml2-2.7.8.dfsg/config.sub | 156 ++++++------------ libxml2-2.7.8.dfsg/configure | 24 ++ libxml2-2.7.8.dfsg/configure.in | 1 libxml2-2.7.8.dfsg/debian/changelog | 61 +++---- libxml2-2.7.8.dfsg/debian/control | 6 libxml2-2.7.8.dfsg/debian/rules | 15 - libxml2-2.7.8.dfsg/doc/Makefile.in | 4 libxml2-2.7.8.dfsg/doc/devhelp/Makefile.in | 4 libxml2-2.7.8.dfsg/doc/examples/Makefile.in | 4 libxml2-2.7.8.dfsg/example/Makefile.in | 4 libxml2-2.7.8.dfsg/include/Makefile.in | 4 libxml2-2.7.8.dfsg/include/libxml/Makefile.in | 4 libxml2-2.7.8.dfsg/parser.c | 76 +++++---- libxml2-2.7.8.dfsg/python/tests/Makefile.in | 4 libxml2-2.7.8.dfsg/xpath.c | 34 ++-- libxml2-2.7.8.dfsg/xpointer.c | 15 - libxml2-2.7.8.dfsg/xstc/Makefile.in | 4 25 files changed, 455 insertions(+), 395 deletions(-) diff -u libxml2-2.7.8.dfsg/configure libxml2-2.7.8.dfsg/configure --- libxml2-2.7.8.dfsg/configure +++ libxml2-2.7.8.dfsg/configure @@ -12663,6 +12663,18 @@ fi done +for ac_func in rand srand time +do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` +ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" +if eval test \"x\$"$as_ac_var"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 +_ACEOF + +fi +done + for ac_func in printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf do : @@ -12909,7 +12921,7 @@ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for type of socket length (socklen_t)" >&5 $as_echo_n "checking for type of socket length (socklen_t)... " >&6; } cat > conftest.$ac_ext < @@ -12920,7 +12932,7 @@ (void)getsockopt (1, 1, 1, NULL, (socklen_t *)NULL) ; return 0; } EOF -if { (eval echo configure:12923: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then +if { (eval echo configure:12935: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then rm -rf conftest* { $as_echo "$as_me:${as_lineno-$LINENO}: result: socklen_t *" >&5 @@ -12932,7 +12944,7 @@ rm -rf conftest* cat > conftest.$ac_ext < @@ -12943,7 +12955,7 @@ (void)getsockopt (1, 1, 1, NULL, (size_t *)NULL) ; return 0; } EOF -if { (eval echo configure:12946: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then +if { (eval echo configure:12958: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then rm -rf conftest* { $as_echo "$as_me:${as_lineno-$LINENO}: result: size_t *" >&5 @@ -12955,7 +12967,7 @@ rm -rf conftest* cat > conftest.$ac_ext < @@ -12966,7 +12978,7 @@ (void)getsockopt (1, 1, 1, NULL, (int *)NULL) ; return 0; } EOF -if { (eval echo configure:12969: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then +if { (eval echo configure:12981: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; _out=`eval $ac_compile 2>&1` && test "x$_out" = x; }; then rm -rf conftest* { $as_echo "$as_me:${as_lineno-$LINENO}: result: int *" >&5 diff -u libxml2-2.7.8.dfsg/parser.c libxml2-2.7.8.dfsg/parser.c --- libxml2-2.7.8.dfsg/parser.c +++ libxml2-2.7.8.dfsg/parser.c @@ -40,6 +40,7 @@ #endif #include +#include #include #include #include @@ -114,10 +115,10 @@ * parser option. */ static int -xmlParserEntityCheck(xmlParserCtxtPtr ctxt, unsigned long size, +xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size, xmlEntityPtr ent) { - unsigned long consumed = 0; + size_t consumed = 0; if ((ctxt == NULL) || (ctxt->options & XML_PARSE_HUGE)) return (0); @@ -2580,15 +2581,17 @@ /* * Macro used to grow the current buffer. + * buffer##_size is expected to be a size_t + * mem_error: is expected to handle memory allocation failures */ #define growBuffer(buffer, n) { \ xmlChar *tmp; \ - buffer##_size *= 2; \ - buffer##_size += n; \ - tmp = (xmlChar *) \ - xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \ + size_t new_size = buffer##_size * 2 + n; \ + if (new_size < buffer##_size) goto mem_error; \ + tmp = (xmlChar *) xmlRealloc(buffer, new_size); \ if (tmp == NULL) goto mem_error; \ buffer = tmp; \ + buffer##_size = new_size; \ } /** @@ -2614,14 +2617,14 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, int what, xmlChar end, xmlChar end2, xmlChar end3) { xmlChar *buffer = NULL; - int buffer_size = 0; + size_t buffer_size = 0; + size_t nbchars = 0; xmlChar *current = NULL; xmlChar *rep = NULL; const xmlChar *last; xmlEntityPtr ent; int c,l; - int nbchars = 0; if ((ctxt == NULL) || (str == NULL) || (len < 0)) return(NULL); @@ -2638,7 +2641,7 @@ * allocate a translation buffer. */ buffer_size = XML_PARSER_BIG_BUFFER_SIZE; - buffer = (xmlChar *) xmlMallocAtomic(buffer_size * sizeof(xmlChar)); + buffer = (xmlChar *) xmlMallocAtomic(buffer_size); if (buffer == NULL) goto mem_error; /* @@ -2658,7 +2661,7 @@ if (val != 0) { COPY_BUF(0,buffer,nbchars,val); } - if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { growBuffer(buffer, XML_PARSER_BUFFER_SIZE); } } else if ((c == '&') && (what & XML_SUBSTITUTE_REF)) { @@ -2676,7 +2679,7 @@ (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) { if (ent->content != NULL) { COPY_BUF(0,buffer,nbchars,ent->content[0]); - if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { growBuffer(buffer, XML_PARSER_BUFFER_SIZE); } } else { @@ -2693,8 +2696,7 @@ current = rep; while (*current != 0) { /* non input consuming loop */ buffer[nbchars++] = *current++; - if (nbchars > - buffer_size - XML_PARSER_BUFFER_SIZE) { + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { if (xmlParserEntityCheck(ctxt, nbchars, ent)) goto int_error; growBuffer(buffer, XML_PARSER_BUFFER_SIZE); @@ -2708,8 +2710,8 @@ const xmlChar *cur = ent->name; buffer[nbchars++] = '&'; - if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) { - growBuffer(buffer, XML_PARSER_BUFFER_SIZE); + if (nbchars + i + XML_PARSER_BUFFER_SIZE > buffer_size) { + growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE); } for (;i > 0;i--) buffer[nbchars++] = *cur++; @@ -2736,8 +2738,7 @@ current = rep; while (*current != 0) { /* non input consuming loop */ buffer[nbchars++] = *current++; - if (nbchars > - buffer_size - XML_PARSER_BUFFER_SIZE) { + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { if (xmlParserEntityCheck(ctxt, nbchars, ent)) goto int_error; growBuffer(buffer, XML_PARSER_BUFFER_SIZE); @@ -2750,8 +2751,8 @@ } else { COPY_BUF(l,buffer,nbchars,c); str += l; - if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { - growBuffer(buffer, XML_PARSER_BUFFER_SIZE); + if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) { + growBuffer(buffer, XML_PARSER_BUFFER_SIZE); } } if (str < last) @@ -3755,8 +3756,8 @@ xmlChar limit = 0; xmlChar *buf = NULL; xmlChar *rep = NULL; - int len = 0; - int buf_size = 0; + size_t len = 0; + size_t buf_size = 0; int c, l, in_space = 0; xmlChar *current = NULL; xmlEntityPtr ent; @@ -3778,7 +3779,7 @@ * allocate a translation buffer. */ buf_size = XML_PARSER_BUFFER_SIZE; - buf = (xmlChar *) xmlMallocAtomic(buf_size * sizeof(xmlChar)); + buf = (xmlChar *) xmlMallocAtomic(buf_size); if (buf == NULL) goto mem_error; /* @@ -3795,7 +3796,7 @@ if (val == '&') { if (ctxt->replaceEntities) { - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } buf[len++] = '&'; @@ -3804,7 +3805,7 @@ * The reparsing will be done in xmlStringGetNodeList() * called by the attribute() function in SAX.c */ - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } buf[len++] = '&'; @@ -3814,7 +3815,7 @@ buf[len++] = ';'; } } else if (val != 0) { - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } len += xmlCopyChar(0, &buf[len], val); @@ -3826,7 +3827,7 @@ ctxt->nbentities += ent->owner; if ((ent != NULL) && (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) { - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } if ((ctxt->replaceEntities == 0) && @@ -3854,7 +3855,7 @@ current++; } else buf[len++] = *current++; - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } } @@ -3862,7 +3863,7 @@ rep = NULL; } } else { - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } if (ent->content != NULL) @@ -3890,7 +3891,7 @@ * Just output the reference */ buf[len++] = '&'; - while (len > buf_size - i - 10) { + while (len + i + 10 > buf_size) { growBuffer(buf, i + 10); } for (;i > 0;i--) @@ -3903,7 +3904,7 @@ if ((len != 0) || (!normalize)) { if ((!normalize) || (!in_space)) { COPY_BUF(l,buf,len,0x20); - while (len > buf_size - 10) { + while (len + 10 > buf_size) { growBuffer(buf, 10); } } @@ -3912,7 +3913,7 @@ } else { in_space = 0; COPY_BUF(l,buf,len,c); - if (len > buf_size - 10) { + if (len + 10 > buf_size) { growBuffer(buf, 10); } } @@ -3937,7 +3938,18 @@ } } else NEXT; - if (attlen != NULL) *attlen = len; + + /* + * There we potentially risk an overflow, don't allow attribute value of + * lenght more than INT_MAX it is a very reasonnable assumption ! + */ + if (len >= INT_MAX) { + xmlFatalErrMsg(ctxt, XML_ERR_ATTRIBUTE_NOT_FINISHED, + "AttValue lenght too long\n"); + goto mem_error; + } + + if (attlen != NULL) *attlen = (int) len; return(buf); mem_error: diff -u libxml2-2.7.8.dfsg/config.guess libxml2-2.7.8.dfsg/config.guess --- libxml2-2.7.8.dfsg/config.guess +++ libxml2-2.7.8.dfsg/config.guess @@ -1,10 +1,10 @@ #! /bin/sh # Attempt to guess a canonical system name. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. -timestamp='2011-05-11' +timestamp='2009-12-30' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by @@ -57,7 +57,7 @@ Originally written by Per Bothner. Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -181,7 +181,7 @@ fi ;; *) - os=netbsd + os=netbsd ;; esac # The OS release @@ -224,7 +224,7 @@ UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` ;; *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` ;; esac # According to Compaq, /usr/sbin/psrinfo has been available on @@ -270,10 +270,7 @@ # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - # Reset EXIT trap before exiting to avoid spurious non-zero exit code. - exitcode=$? - trap '' 0 - exit $exitcode ;; + exit ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead @@ -299,7 +296,7 @@ echo s390-ibm-zvmoe exit ;; *:OS400:*:*) - echo powerpc-ibm-os400 + echo powerpc-ibm-os400 exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} @@ -398,23 +395,23 @@ # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit ;; + exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} exit ;; @@ -484,8 +481,8 @@ echo m88k-motorola-sysv3 exit ;; AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ @@ -498,7 +495,7 @@ else echo i586-dg-dgux${UNAME_RELEASE} fi - exit ;; + exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit ;; @@ -555,7 +552,7 @@ echo rs6000-ibm-aix3.2 fi exit ;; - *:AIX:*:[4567]) + *:AIX:*:[456]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 @@ -598,52 +595,52 @@ 9000/[678][0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac + esac ;; + esac fi if [ "${HP_ARCH}" = "" ]; then eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c + sed 's/^ //' << EOF >$dummy.c - #define _HPUX_SOURCE - #include - #include + #define _HPUX_SOURCE + #include + #include - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } EOF (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa @@ -734,22 +731,22 @@ exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd - exit ;; + exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit ;; + exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd - exit ;; + exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd - exit ;; + exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd - exit ;; + exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; @@ -773,14 +770,14 @@ exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} @@ -808,14 +805,14 @@ echo ${UNAME_MACHINE}-pc-mingw32 exit ;; i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; *:Interix*:*) - case ${UNAME_MACHINE} in + case ${UNAME_MACHINE} in x86) echo i586-pc-interix${UNAME_RELEASE} exit ;; @@ -870,7 +867,7 @@ EV6) UNAME_MACHINE=alphaev6 ;; EV67) UNAME_MACHINE=alphaev67 ;; EV68*) UNAME_MACHINE=alphaev68 ;; - esac + esac objdump --private-headers /bin/sh | grep -q ld.so.1 if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} @@ -882,13 +879,7 @@ then echo ${UNAME_MACHINE}-unknown-linux-gnu else - if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep -q __ARM_PCS_VFP - then - echo ${UNAME_MACHINE}-unknown-linux-gnueabi - else - echo ${UNAME_MACHINE}-unknown-linux-gnueabihf - fi + echo ${UNAME_MACHINE}-unknown-linux-gnueabi fi exit ;; avr32*:Linux:*:*) @@ -901,7 +892,7 @@ echo crisv32-axis-linux-gnu exit ;; frv:Linux:*:*) - echo frv-unknown-linux-gnu + echo frv-unknown-linux-gnu exit ;; i*86:Linux:*:*) LIBC=gnu @@ -969,7 +960,7 @@ echo ${UNAME_MACHINE}-ibm-linux exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; sh*:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu @@ -977,9 +968,6 @@ sparc:Linux:*:* | sparc64:Linux:*:*) echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; - tile*:Linux:*:*) - echo ${UNAME_MACHINE}-tilera-linux-gnu - exit ;; vax:Linux:*:*) echo ${UNAME_MACHINE}-dec-linux-gnu exit ;; @@ -987,7 +975,7 @@ echo x86_64-unknown-linux-gnu exit ;; xtensa*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-gnu exit ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. @@ -996,11 +984,11 @@ echo i386-sequent-sysv4 exit ;; i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. + # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit ;; i*86:OS/2:*:*) @@ -1032,7 +1020,7 @@ fi exit ;; i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. + # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; @@ -1060,13 +1048,13 @@ exit ;; pc:*:*:*) # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i586. + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. # Note: whatever this is, it MUST be the same as what config.sub # prints for the "djgpp" host, or else GDB configury will decide that # this is a cross-build. echo i586-pc-msdosdjgpp - exit ;; + exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit ;; @@ -1101,8 +1089,8 @@ /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; NCR*:*:4.2:* | MPRAS*:*:4.2:*) OS_REL='.3' test -r /etc/.relid \ @@ -1145,10 +1133,10 @@ echo ns32k-sni-sysv fi exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm @@ -1174,11 +1162,11 @@ exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} + echo mips-nec-sysv${UNAME_RELEASE} else - echo mips-unknown-sysv${UNAME_RELEASE} + echo mips-unknown-sysv${UNAME_RELEASE} fi - exit ;; + exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit ;; @@ -1243,9 +1231,6 @@ *:QNX:*:4*) echo i386-pc-qnx exit ;; - NEO-?:NONSTOP_KERNEL:*:*) - echo neo-tandem-nsk${UNAME_RELEASE} - exit ;; NSE-?:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; @@ -1291,13 +1276,13 @@ echo pdp10-unknown-its exit ;; SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} + echo mips-sei-seiux${UNAME_RELEASE} exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` + UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in A*) echo alpha-dec-vms ; exit ;; I*) echo ia64-dec-vms ; exit ;; @@ -1337,11 +1322,11 @@ #include printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 - "4" + "4" #else - "" + "" #endif - ); exit (0); + ); exit (0); #endif #endif reverted: --- libxml2-2.7.8.dfsg/error.c +++ libxml2-2.7.8.dfsg.orig/error.c @@ -452,8 +452,6 @@ xmlErrorPtr to = &xmlLastError; xmlNodePtr baseptr = NULL; - if (code == XML_ERR_OK) - return; if ((xmlGetWarningsDefaultValue == 0) && (level == XML_ERR_WARNING)) return; if ((domain == XML_FROM_PARSER) || (domain == XML_FROM_HTML) || @@ -461,11 +459,8 @@ (domain == XML_FROM_IO) || (domain == XML_FROM_VALID)) { ctxt = (xmlParserCtxtPtr) ctx; if ((schannel == NULL) && (ctxt != NULL) && (ctxt->sax != NULL) && + (ctxt->sax->initialized == XML_SAX2_MAGIC)) - (ctxt->sax->initialized == XML_SAX2_MAGIC) && - (ctxt->sax->serror != NULL)) { schannel = ctxt->sax->serror; - data = ctxt->userData; - } } /* * Check if structured error handler set @@ -478,6 +473,16 @@ if (schannel != NULL) data = xmlStructuredErrorContext; } + if ((domain == XML_FROM_VALID) && + ((channel == xmlParserValidityError) || + (channel == xmlParserValidityWarning))) { + ctxt = (xmlParserCtxtPtr) ctx; + if ((schannel == NULL) && (ctxt != NULL) && (ctxt->sax != NULL) && + (ctxt->sax->initialized == XML_SAX2_MAGIC)) + schannel = ctxt->sax->serror; + } + if (code == XML_ERR_OK) + return; /* * Formatting the message */ @@ -584,11 +589,6 @@ if (to != &xmlLastError) xmlCopyError(to,&xmlLastError); - if (schannel != NULL) { - schannel(data, to); - return; - } - /* * Find the callback channel if channel param is NULL */ @@ -600,9 +600,19 @@ channel = ctxt->sax->error; data = ctxt->userData; } else if (channel == NULL) { + if ((schannel == NULL) && (xmlStructuredError != NULL)) { + schannel = xmlStructuredError; + data = xmlStructuredErrorContext; + } else { + channel = xmlGenericError; + if (!data) { + data = xmlGenericErrorContext; + } + } + } + if (schannel != NULL) { + schannel(data, to); + return; - channel = xmlGenericError; - if (!data) - data = xmlGenericErrorContext; } if (channel == NULL) return; diff -u libxml2-2.7.8.dfsg/configure.in libxml2-2.7.8.dfsg/configure.in --- libxml2-2.7.8.dfsg/configure.in +++ libxml2-2.7.8.dfsg/configure.in @@ -477,6 +477,7 @@ AC_CHECK_FUNCS(finite isnand fp_class class fpclass) AC_CHECK_FUNCS(strftime localtime gettimeofday ftime) AC_CHECK_FUNCS(stat _stat signal) +AC_CHECK_FUNCS(rand srand time) dnl Checking the standard string functions availability AC_CHECK_FUNCS(printf sprintf fprintf snprintf vfprintf vsprintf vsnprintf sscanf,, diff -u libxml2-2.7.8.dfsg/config.sub libxml2-2.7.8.dfsg/config.sub --- libxml2-2.7.8.dfsg/config.sub +++ libxml2-2.7.8.dfsg/config.sub @@ -1,10 +1,10 @@ #! /bin/sh # Configuration validation subroutine script. # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, -# 2011 Free Software Foundation, Inc. +# 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +# Free Software Foundation, Inc. -timestamp='2011-03-23' +timestamp='2010-01-22' # This file is (in principle) common to ALL GNU software. # The presence of a machine in this file suggests that SOME GNU software @@ -76,7 +76,7 @@ GNU config.sub ($timestamp) Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, -2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free +2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO @@ -124,9 +124,8 @@ # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in - nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ - linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ - knetbsd*-gnu* | netbsd*-gnu* | \ + nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ + uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os @@ -158,8 +157,8 @@ os= basic_machine=$1 ;; - -bluegene*) - os=-cnk + -bluegene*) + os=-cnk ;; -sim | -cisco | -oki | -wec | -winbond) os= @@ -175,10 +174,10 @@ os=-chorusos basic_machine=$1 ;; - -chorusrdb) - os=-chorusrdb + -chorusrdb) + os=-chorusrdb basic_machine=$1 - ;; + ;; -hiux*) os=-hiuxwe2 ;; @@ -283,13 +282,11 @@ | moxie \ | mt \ | msp430 \ - | nds32 | nds32le | nds32be \ | nios | nios2 \ | ns16k | ns32k \ - | open8 \ | or32 \ | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ | pyramid \ | rx \ | score \ @@ -297,24 +294,15 @@ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu \ - | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ + | spu | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ | ubicom32 \ | v850 | v850e \ | we32k \ - | x86 | xc16x | xstormy16 | xtensa \ + | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ | z8k | z80) basic_machine=$basic_machine-unknown ;; - c54x) - basic_machine=tic54x-unknown - ;; - c55x) - basic_machine=tic55x-unknown - ;; - c6x) - basic_machine=tic6x-unknown - ;; m6811 | m68hc11 | m6812 | m68hc12 | picochip) # Motorola 68HC11/12. basic_machine=$basic_machine-unknown @@ -326,18 +314,6 @@ basic_machine=mt-unknown ;; - strongarm | thumb | xscale) - basic_machine=arm-unknown - ;; - - xscaleeb) - basic_machine=armeb-unknown - ;; - - xscaleel) - basic_machine=armel-unknown - ;; - # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. @@ -358,7 +334,7 @@ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ @@ -392,28 +368,26 @@ | mmix-* \ | mt-* \ | msp430-* \ - | nds32-* | nds32le-* | nds32be-* \ | nios-* | nios2-* \ | none-* | np1-* | ns16k-* | ns32k-* \ - | open8-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ | pyramid-* \ | romp-* | rs6000-* | rx-* \ | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \ - | tahoe-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ | tile-* | tilegx-* \ | tron-* \ | ubicom32-* \ | v850-* | v850e-* | vax-* \ | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ | xstormy16-* | xtensa*-* \ | ymp-* \ | z8k-* | z80-*) @@ -438,7 +412,7 @@ basic_machine=a29k-amd os=-udi ;; - abacus) + abacus) basic_machine=abacus-unknown ;; adobe68k) @@ -508,20 +482,11 @@ basic_machine=powerpc-ibm os=-cnk ;; - c54x-*) - basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - c55x-*) - basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - c6x-*) - basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; c90) basic_machine=c90-cray os=-unicos ;; - cegcc) + cegcc) basic_machine=arm-unknown os=-cegcc ;; @@ -553,7 +518,7 @@ basic_machine=craynv-cray os=-unicosmp ;; - cr16 | cr16-*) + cr16) basic_machine=cr16-unknown os=-elf ;; @@ -769,7 +734,7 @@ basic_machine=ns32k-utek os=-sysv ;; - microblaze) + microblaze) basic_machine=microblaze-xilinx ;; mingw32) @@ -876,12 +841,6 @@ np1) basic_machine=np1-gould ;; - neo-tandem) - basic_machine=neo-tandem - ;; - nse-tandem) - basic_machine=nse-tandem - ;; nsr-tandem) basic_machine=nsr-tandem ;; @@ -964,10 +923,9 @@ ;; power) basic_machine=power-ibm ;; - ppc | ppcbe) basic_machine=powerpc-unknown + ppc) basic_machine=powerpc-unknown ;; - ppc-* | ppcbe-*) - basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown @@ -1061,9 +1019,6 @@ basic_machine=i860-stratus os=-sysv4 ;; - strongarm-* | thumb-*) - basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; sun2) basic_machine=m68000-sun ;; @@ -1120,8 +1075,20 @@ basic_machine=t90-cray os=-unicos ;; - # This must be matched before tile*. - tilegx*) + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + # This must be matched before tile*. + tilegx*) basic_machine=tilegx-unknown os=-linux-gnu ;; @@ -1196,9 +1163,6 @@ xps | xps100) basic_machine=xps100-honeywell ;; - xscale-* | xscalee[bl]-*) - basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'` - ;; ymp) basic_machine=ymp-cray os=-unicos @@ -1296,11 +1260,11 @@ if [ x"$os" != x"" ] then case $os in - # First match some system type aliases - # that might get confused with valid system types. + # First match some system type aliases + # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. - -auroraux) - os=-auroraux + -auroraux) + os=-auroraux ;; -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` @@ -1337,8 +1301,7 @@ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -chorusos* | -chorusrdb* | -cegcc* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-android* \ - | -linux-newlib* | -linux-uclibc* \ + | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ @@ -1385,7 +1348,7 @@ -opened*) os=-openedition ;; - -os400*) + -os400*) os=-os400 ;; -wince*) @@ -1434,7 +1397,7 @@ -sinix*) os=-sysv4 ;; - -tpf*) + -tpf*) os=-tpf ;; -triton*) @@ -1479,8 +1442,8 @@ -dicos*) os=-dicos ;; - -nacl*) - ;; + -nacl*) + ;; -none) ;; *) @@ -1503,10 +1466,10 @@ # system, and we'll never get to this point. case $basic_machine in - score-*) + score-*) os=-elf ;; - spu-*) + spu-*) os=-elf ;; *-acorn) @@ -1518,17 +1481,8 @@ arm*-semi) os=-aout ;; - c4x-* | tic4x-*) - os=-coff - ;; - tic54x-*) - os=-coff - ;; - tic55x-*) - os=-coff - ;; - tic6x-*) - os=-coff + c4x-* | tic4x-*) + os=-coff ;; # This must come before the *-dec entry. pdp10-*) @@ -1555,7 +1509,7 @@ m68*-cisco) os=-aout ;; - mep-*) + mep-*) os=-elf ;; mips*-cisco) @@ -1582,7 +1536,7 @@ *-ibm) os=-aix ;; - *-knuth) + *-knuth) os=-mmixware ;; *-wec) diff -u libxml2-2.7.8.dfsg/xpath.c libxml2-2.7.8.dfsg/xpath.c --- libxml2-2.7.8.dfsg/xpath.c +++ libxml2-2.7.8.dfsg/xpath.c @@ -11756,7 +11756,7 @@ xmlXPathObjectPtr contextObj = NULL, exprRes = NULL; xmlNodePtr oldContextNode, contextNode = NULL; xmlXPathContextPtr xpctxt = ctxt->context; - int frame; + int frame; #ifdef LIBXML_XPTR_ENABLED /* @@ -11776,7 +11776,7 @@ */ exprOp = &ctxt->comp->steps[op->ch2]; for (i = 0; i < set->nodeNr; i++) { - xmlXPathObjectPtr tmp; + xmlXPathObjectPtr tmp; if (set->nodeTab[i] == NULL) continue; @@ -11805,20 +11805,20 @@ xmlXPathNodeSetAddUnique(contextObj->nodesetval, contextNode); - frame = xmlXPathSetFrame(ctxt); + frame = xmlXPathSetFrame(ctxt); valuePush(ctxt, contextObj); res = xmlXPathCompOpEvalToBoolean(ctxt, exprOp, 1); - tmp = valuePop(ctxt); - xmlXPathPopFrame(ctxt, frame); + tmp = valuePop(ctxt); + xmlXPathPopFrame(ctxt, frame); if ((ctxt->error != XPATH_EXPRESSION_OK) || (res == -1)) { - while (tmp != contextObj) { + while (tmp != contextObj) { /* * Free up the result * then pop off contextObj, which will be freed later */ xmlXPathReleaseObject(xpctxt, tmp); - tmp = valuePop(ctxt); + tmp = valuePop(ctxt); } goto evaluation_error; } @@ -13411,7 +13411,7 @@ xmlGenericError(xmlGenericErrorContext, "xmlXPathCompOpEval: variable %s bound to undefined prefix %s\n", (char *) op->value4, (char *)op->value5); - ctxt->error = XPATH_UNDEF_PREFIX_ERROR; + ctxt->error = XPATH_UNDEF_PREFIX_ERROR; return (total); } val = xmlXPathVariableLookupNS(ctxt->context, @@ -13428,9 +13428,9 @@ xmlXPathFunction func; const xmlChar *oldFunc, *oldFuncURI; int i; - int frame; + int frame; - frame = xmlXPathSetFrame(ctxt); + frame = xmlXPathSetFrame(ctxt); if (op->ch1 != -1) total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]); @@ -13438,7 +13438,7 @@ xmlGenericError(xmlGenericErrorContext, "xmlXPathCompOpEval: parameter error\n"); ctxt->error = XPATH_INVALID_OPERAND; - xmlXPathPopFrame(ctxt, frame); + xmlXPathPopFrame(ctxt, frame); return (total); } for (i = 0; i < op->value; i++) { @@ -13446,10 +13446,10 @@ xmlGenericError(xmlGenericErrorContext, "xmlXPathCompOpEval: parameter error\n"); ctxt->error = XPATH_INVALID_OPERAND; - xmlXPathPopFrame(ctxt, frame); + xmlXPathPopFrame(ctxt, frame); return (total); } - } + } if (op->cache != NULL) XML_CAST_FPTR(func) = op->cache; else { @@ -13465,8 +13465,8 @@ xmlGenericError(xmlGenericErrorContext, "xmlXPathCompOpEval: function %s bound to undefined prefix %s\n", (char *)op->value4, (char *)op->value5); - ctxt->error = XPATH_UNDEF_PREFIX_ERROR; - xmlXPathPopFrame(ctxt, frame); + ctxt->error = XPATH_UNDEF_PREFIX_ERROR; + xmlXPathPopFrame(ctxt, frame); return (total); } func = xmlXPathFunctionLookupNS(ctxt->context, @@ -13488,7 +13488,7 @@ func(ctxt, op->value); ctxt->context->function = oldFunc; ctxt->context->functionURI = oldFuncURI; - xmlXPathPopFrame(ctxt, frame); + xmlXPathPopFrame(ctxt, frame); return (total); } case XPATH_OP_ARG: @@ -14392,7 +14392,7 @@ ctxt->valueNr = 0; ctxt->valueMax = 10; ctxt->value = NULL; - ctxt->valueFrame = 0; + ctxt->valueFrame = 0; } #ifdef XPATH_STREAMING if (ctxt->comp->stream) { diff -u libxml2-2.7.8.dfsg/Makefile.in libxml2-2.7.8.dfsg/Makefile.in --- libxml2-2.7.8.dfsg/Makefile.in +++ libxml2-2.7.8.dfsg/Makefile.in @@ -612,15 +612,15 @@ @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ - $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ + echo ' cd $(srcdir) && $(AUTOMAKE) --gnu'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --gnu \ && exit 0; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign Makefile + $(AUTOMAKE) --gnu Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/xpointer.c libxml2-2.7.8.dfsg/xpointer.c --- libxml2-2.7.8.dfsg/xpointer.c +++ libxml2-2.7.8.dfsg/xpointer.c @@ -1007,21 +1007,14 @@ NEXT; break; } - *cur++ = CUR; } else if (CUR == '(') { level++; - *cur++ = CUR; } else if (CUR == '^') { - NEXT; - if ((CUR == ')') || (CUR == '(') || (CUR == '^')) { - *cur++ = CUR; - } else { - *cur++ = '^'; - *cur++ = CUR; - } - } else { - *cur++ = CUR; + if ((NXT(1) == ')') || (NXT(1) == '(') || (NXT(1) == '^')) { + NEXT; + } } + *cur++ = CUR; NEXT; } *cur = 0; diff -u libxml2-2.7.8.dfsg/debian/rules libxml2-2.7.8.dfsg/debian/rules --- libxml2-2.7.8.dfsg/debian/rules +++ libxml2-2.7.8.dfsg/debian/rules @@ -5,13 +5,12 @@ # The current default version of python PYVER=$(shell pyversions -d) -CFLAGS = `dpkg-buildflags --get CFLAGS` -CFLAGS += -Wall -LDFLAGS = `dpkg-buildflags --get LDFLAGS` -CPPFLAGS = `dpkg-buildflags --get CPPFLAGS` +CFLAGS = -Wall -g -ifeq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) - CFLAGS += -fno-strict-aliasing +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) + CFLAGS += -O0 +else + CFLAGS += -O2 -fno-strict-aliasing endif TARGETS := main $(PYVERS) $(PYVERS:%=%-dbg) @@ -26,7 +25,7 @@ export DH_OPTIONS = -Nlibxml2-udeb endif -CONFIGURE_FLAGS := --with-history CC="$(CC) -Wl,--as-needed" CFLAGS="$(CFLAGS)" CPPFLAGS="$(CPPFLAGS)" LDFLAGS="$(LDFLAGS)" --cache-file="$(CURDIR)/build/config.cache" +CONFIGURE_FLAGS := --with-history CC="gcc -Wl,--as-needed" CFLAGS="$(CFLAGS)" --cache-file="$(CURDIR)/build/config.cache" override_dh_auto_configure: $(TARGETS:%=configure-%) @@ -122 +121 @@ - dh --with python2 $@ + dh $@ diff -u libxml2-2.7.8.dfsg/debian/control libxml2-2.7.8.dfsg/debian/control --- libxml2-2.7.8.dfsg/debian/control +++ libxml2-2.7.8.dfsg/debian/control @@ -3,8 +3,8 @@ Section: libs Maintainer: Debian XML/SGML Group Uploaders: Mike Hommey -Standards-Version: 3.9.2.0 -Build-Depends: debhelper (>= 7.0.50~), zlib1g-dev | libz-dev, python-all-dev (>= 2.6.6-3~), python-all-dbg, autotools-dev, libreadline-dev | libreadline5-dev, binutils (>= 2.14.90.0.7), dpkg-dev (>= 1.14.9), perl +Standards-Version: 3.9.0.0 +Build-Depends: debhelper (>= 7.0.50~), zlib1g-dev | libz-dev, python-all-dev (>= 2.3.5-11), python-all-dbg, python-support (>= 0.3), autotools-dev, libreadline-dev | libreadline5-dev, binutils (>= 2.14.90.0.7), dpkg-dev (>= 1.14.9), perl Homepage: http://xmlsoft.org/ Vcs-Git: git://git.debian.org/debian-xml-sgml/libxml2.git Vcs-Browser: http://git.debian.org/?p=debian-xml-sgml/libxml2.git @@ -95,6 +95,7 @@ Section: python Provides: ${python:Provides} Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends} +XB-Python-Version: ${python:Versions} Description: Python bindings for the GNOME XML library XML is a metalanguage to let you design your own markup language. A regular markup language defines a way to describe information in @@ -112,6 +113,7 @@ Priority: extra Provides: ${python:Provides} Depends: python-dbg, python-libxml2 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} +XB-Python-Version: ${python:Versions} Description: Python bindings for the GNOME XML library (debug extension) XML is a metalanguage to let you design your own markup language. A regular markup language defines a way to describe information in diff -u libxml2-2.7.8.dfsg/debian/changelog libxml2-2.7.8.dfsg/debian/changelog --- libxml2-2.7.8.dfsg/debian/changelog +++ libxml2-2.7.8.dfsg/debian/changelog @@ -1,49 +1,52 @@ libxml2 (2.7.8.dfsg-6) unstable; urgency=low - * Team upload. - * Enabled hardened build flags (Closes: #654903). - * error.c: Fix __xmlRaiseError (Closes: #622358). + * Sync'd with Squeeze 2.7.8.dfsg-2+squeeze5 - -- Andrew O. Shadura Thu, 12 Jan 2012 00:57:32 +0300 + -- Alan Baghumian Sun, 12 Aug 2012 16:56:38 -0700 -libxml2 (2.7.8.dfsg-5.1) unstable; urgency=high +libxml2 (2.7.8.dfsg-2+squeeze5) stable-security; urgency=low - * Non-maintainer upload. - * encoding.c: Fix off by one error. CVE-2011-0216. - * parser.c: Make sure parser returns when getting a Stop order. - CVE-2011-3905. - * Both closes: #652352. + [ Daniel Veillard ] + * Fix parser local buffers size problems + * Fix entities local buffers size problems + CVE-2012-2807, Closes: #679280. - -- Luk Claes Fri, 30 Dec 2011 18:31:13 +0100 + -- Aron Xu Thu, 19 Jul 2012 16:49:45 +0800 -libxml2 (2.7.8.dfsg-5) unstable; urgency=low +libxml2 (2.7.8.dfsg-2+squeeze4) stable-security; urgency=high - * xpath.c, xpointer.c, include/libxml/xpath.h: Hardening of XPath evaluation. - CVE-2011-2821. - * xpath.c: Fix for undefined namespaces. CVE-2011-2834. - * Both closes: #643648. + * CVE-2011-3102 + + -- Moritz Muehlenhoff Wed, 23 May 2012 17:12:45 +0000 + +libxml2 (2.7.8.dfsg-2+squeeze3) stable-security; urgency=high - -- Mike Hommey Fri, 07 Oct 2011 09:31:14 +0200 + * Non-maintainer upload by the Security Team. + * Apply upstream patch to add randomization to hashing with large + dictionaries to mitigate hash DoS (CVE-2012-0841; Closes: #660846). -libxml2 (2.7.8.dfsg-4) unstable; urgency=low + -- Nico Golde Wed, 22 Feb 2012 11:17:27 +0000 - * debian/rules: Add --with python2 to dh call. - * debian/control: - - Remove build dependency on python-support. - - Build depend on python-all-dev >= 2.6.6-3~. - - Remove XB-Python-Version header. - - Bump Standards-Version to 3.9.2.0. No changes required. - * debian/pycompat: Removed. With the above changes, closes: #631416. - Thanks Colin Watson. +libxml2 (2.7.8.dfsg-2+squeeze2) stable-security; urgency=high + + * Security update. + * parser.c: Fix an allocation error when copying entities. + CVE-2011-3919. Closes: #656377. + * parser.c: Make sure parser returns when getting a Stop order. + CVE-2011-3905. + * encoding.c: Fix off by one error. CVE-2011-0216. Closes: 652352. + * xpath.c: Fix for undefined namespaces. CVE-2011-2834. + * xpath.c, xpointer.c, include/libxml/xpath.h: + Hardening of XPath evaluation. CVE-2011-2821. Closes: 643648. - -- Mike Hommey Fri, 29 Jul 2011 12:33:08 +0200 + -- Aron Xu Tue, 24 Jan 2012 03:25:23 +0800 -libxml2 (2.7.8.dfsg-3) unstable; urgency=low +libxml2 (2.7.8.dfsg-2+squeeze1) stable-security; urgency=low * xpath.c: Fix some potential problems on reallocation failures. Closes: #628537. - -- Mike Hommey Sat, 04 Jun 2011 10:40:39 +0900 + -- Mike Hommey Sat, 04 Jun 2011 10:40:06 +0900 libxml2 (2.7.8.dfsg-2) unstable; urgency=low diff -u libxml2-2.7.8.dfsg/xstc/Makefile.in libxml2-2.7.8.dfsg/xstc/Makefile.in --- libxml2-2.7.8.dfsg/xstc/Makefile.in +++ libxml2-2.7.8.dfsg/xstc/Makefile.in @@ -308,9 +308,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign xstc/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu xstc/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign xstc/Makefile + $(AUTOMAKE) --gnu xstc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/python/tests/Makefile.in libxml2-2.7.8.dfsg/python/tests/Makefile.in --- libxml2-2.7.8.dfsg/python/tests/Makefile.in +++ libxml2-2.7.8.dfsg/python/tests/Makefile.in @@ -366,9 +366,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign python/tests/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu python/tests/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign python/tests/Makefile + $(AUTOMAKE) --gnu python/tests/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/example/Makefile.in libxml2-2.7.8.dfsg/example/Makefile.in --- libxml2-2.7.8.dfsg/example/Makefile.in +++ libxml2-2.7.8.dfsg/example/Makefile.in @@ -318,9 +318,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign example/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu example/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign example/Makefile + $(AUTOMAKE) --gnu example/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/include/Makefile.in libxml2-2.7.8.dfsg/include/Makefile.in --- libxml2-2.7.8.dfsg/include/Makefile.in +++ libxml2-2.7.8.dfsg/include/Makefile.in @@ -327,9 +327,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu include/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign include/Makefile + $(AUTOMAKE) --gnu include/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/include/libxml/Makefile.in libxml2-2.7.8.dfsg/include/libxml/Makefile.in --- libxml2-2.7.8.dfsg/include/libxml/Makefile.in +++ libxml2-2.7.8.dfsg/include/libxml/Makefile.in @@ -363,9 +363,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign include/libxml/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu include/libxml/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign include/libxml/Makefile + $(AUTOMAKE) --gnu include/libxml/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/doc/Makefile.in libxml2-2.7.8.dfsg/doc/Makefile.in --- libxml2-2.7.8.dfsg/doc/Makefile.in +++ libxml2-2.7.8.dfsg/doc/Makefile.in @@ -376,9 +376,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign doc/Makefile + $(AUTOMAKE) --gnu doc/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/doc/examples/Makefile.in libxml2-2.7.8.dfsg/doc/examples/Makefile.in --- libxml2-2.7.8.dfsg/doc/examples/Makefile.in +++ libxml2-2.7.8.dfsg/doc/examples/Makefile.in @@ -459,9 +459,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/examples/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/examples/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign doc/examples/Makefile + $(AUTOMAKE) --gnu doc/examples/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ diff -u libxml2-2.7.8.dfsg/doc/devhelp/Makefile.in libxml2-2.7.8.dfsg/doc/devhelp/Makefile.in --- libxml2-2.7.8.dfsg/doc/devhelp/Makefile.in +++ libxml2-2.7.8.dfsg/doc/devhelp/Makefile.in @@ -344,9 +344,9 @@ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign doc/devhelp/Makefile'; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu doc/devhelp/Makefile'; \ $(am__cd) $(top_srcdir) && \ - $(AUTOMAKE) --foreign doc/devhelp/Makefile + $(AUTOMAKE) --gnu doc/devhelp/Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ only in patch2: unchanged: --- libxml2-2.7.8.dfsg.orig/config.h.in +++ libxml2-2.7.8.dfsg/config.h.in @@ -145,6 +145,9 @@ /* Define if is there */ #undef HAVE_PTHREAD_H +/* Define to 1 if you have the `rand' function. */ +#undef HAVE_RAND + /* Define to 1 if you have the header file. */ #undef HAVE_RESOLV_H @@ -163,6 +166,9 @@ /* Define to 1 if you have the `sprintf' function. */ #undef HAVE_SPRINTF +/* Define to 1 if you have the `srand' function. */ +#undef HAVE_SRAND + /* Define to 1 if you have the `sscanf' function. */ #undef HAVE_SSCANF @@ -225,6 +231,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H +/* Define to 1 if you have the `time' function. */ +#undef HAVE_TIME + /* Define to 1 if you have the header file. */ #undef HAVE_TIME_H only in patch2: unchanged: --- libxml2-2.7.8.dfsg.orig/dict.c +++ libxml2-2.7.8.dfsg/dict.c @@ -2,7 +2,7 @@ * dict.c: dictionary of reusable strings, just used to avoid allocation * and freeing operations. * - * Copyright (C) 2003 Daniel Veillard. + * Copyright (C) 2003-2012 Daniel Veillard. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -19,6 +19,28 @@ #define IN_LIBXML #include "libxml.h" +#ifdef HAVE_STDLIB_H +#include +#endif +#ifdef HAVE_TIME_H +#include +#endif + +/* + * Following http://www.ocert.org/advisories/ocert-2011-003.html + * it seems that having hash randomization might be a good idea + * when using XML with untrusted data + * Note1: that it works correctly only if compiled with WITH_BIG_KEY + * which is the default. + * Note2: the fast function used for a small dict won't protect very + * well but since the attack is based on growing a very big hash + * list we will use the BigKey algo as soon as the hash size grows + * over MIN_DICT_SIZE so this actually works + */ +#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) +#define DICT_RANDOMIZATION +#endif + #include #ifdef HAVE_STDINT_H #include @@ -44,23 +66,23 @@ #define WITH_BIG_KEY #ifdef WITH_BIG_KEY -#define xmlDictComputeKey(dict, name, len) \ - (((dict)->size == MIN_DICT_SIZE) ? \ - xmlDictComputeFastKey(name, len) : \ - xmlDictComputeBigKey(name, len)) - -#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ - (((prefix) == NULL) ? \ - (xmlDictComputeKey(dict, name, len)) : \ - (((dict)->size == MIN_DICT_SIZE) ? \ - xmlDictComputeFastQKey(prefix, plen, name, len) : \ - xmlDictComputeBigQKey(prefix, plen, name, len))) +#define xmlDictComputeKey(dict, name, len) \ + (((dict)->size == MIN_DICT_SIZE) ? \ + xmlDictComputeFastKey(name, len, (dict)->seed) : \ + xmlDictComputeBigKey(name, len, (dict)->seed)) + +#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ + (((prefix) == NULL) ? \ + (xmlDictComputeKey(dict, name, len)) : \ + (((dict)->size == MIN_DICT_SIZE) ? \ + xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) : \ + xmlDictComputeBigQKey(prefix, plen, name, len, (dict)->seed))) #else /* !WITH_BIG_KEY */ -#define xmlDictComputeKey(dict, name, len) \ - xmlDictComputeFastKey(name, len) -#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ - xmlDictComputeFastQKey(prefix, plen, name, len) +#define xmlDictComputeKey(dict, name, len) \ + xmlDictComputeFastKey(name, len, (dict)->seed) +#define xmlDictComputeQKey(dict, prefix, plen, name, len) \ + xmlDictComputeFastQKey(prefix, plen, name, len, (dict)->seed) #endif /* WITH_BIG_KEY */ /* @@ -98,6 +120,8 @@ xmlDictStringsPtr strings; struct _xmlDict *subdict; + /* used for randomization */ + int seed; }; /* @@ -125,6 +149,9 @@ if ((xmlDictMutex = xmlNewRMutex()) == NULL) return(0); +#ifdef DICT_RANDOMIZATION + srand(time(NULL)); +#endif xmlDictInitialized = 1; return(1); } @@ -277,13 +304,13 @@ */ static uint32_t -xmlDictComputeBigKey(const xmlChar* data, int namelen) { +xmlDictComputeBigKey(const xmlChar* data, int namelen, int seed) { uint32_t hash; int i; if (namelen <= 0 || data == NULL) return(0); - hash = 0; + hash = seed; for (i = 0;i < namelen; i++) { hash += data[i]; @@ -310,12 +337,12 @@ */ static unsigned long xmlDictComputeBigQKey(const xmlChar *prefix, int plen, - const xmlChar *name, int len) + const xmlChar *name, int len, int seed) { uint32_t hash; int i; - hash = 0; + hash = seed; for (i = 0;i < plen; i++) { hash += prefix[i]; @@ -346,8 +373,8 @@ * for low hash table fill. */ static unsigned long -xmlDictComputeFastKey(const xmlChar *name, int namelen) { - unsigned long value = 0L; +xmlDictComputeFastKey(const xmlChar *name, int namelen, int seed) { + unsigned long value = seed; if (name == NULL) return(0); value = *name; @@ -381,9 +408,9 @@ */ static unsigned long xmlDictComputeFastQKey(const xmlChar *prefix, int plen, - const xmlChar *name, int len) + const xmlChar *name, int len, int seed) { - unsigned long value = 0L; + unsigned long value = (unsigned long) seed; if (plen == 0) value += 30 * (unsigned long) ':'; @@ -460,6 +487,11 @@ dict->subdict = NULL; if (dict->dict) { memset(dict->dict, 0, MIN_DICT_SIZE * sizeof(xmlDictEntry)); +#ifdef DICT_RANDOMIZATION + dict->seed = rand(); +#else + dict->seed = 0; +#endif return(dict); } xmlFree(dict); @@ -486,6 +518,7 @@ #ifdef DICT_DEBUG_PATTERNS fprintf(stderr, "R"); #endif + dict->seed = sub->seed; dict->subdict = sub; xmlDictReference(dict->subdict); } only in patch2: unchanged: --- libxml2-2.7.8.dfsg.orig/hash.c +++ libxml2-2.7.8.dfsg/hash.c @@ -3,7 +3,7 @@ * * Reference: Your favorite introductory book on algorithms * - * Copyright (C) 2000 Bjorn Reese and Daniel Veillard. + * Copyright (C) 2000,2012 Bjorn Reese and Daniel Veillard. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -21,6 +21,22 @@ #include "libxml.h" #include +#ifdef HAVE_STDLIB_H +#include +#endif +#ifdef HAVE_TIME_H +#include +#endif + +/* + * Following http://www.ocert.org/advisories/ocert-2011-003.html + * it seems that having hash randomization might be a good idea + * when using XML with untrusted data + */ +#if defined(HAVE_RAND) && defined(HAVE_SRAND) && defined(HAVE_TIME) +#define HASH_RANDOMIZATION +#endif + #include #include #include @@ -31,6 +47,10 @@ /* #define DEBUG_GROW */ +#ifdef HASH_RANDOMIZATION +static int hash_initialized = 0; +#endif + /* * A single entry in the hash table */ @@ -53,6 +73,9 @@ int size; int nbElems; xmlDictPtr dict; +#ifdef HASH_RANDOMIZATION + int random_seed; +#endif }; /* @@ -65,6 +88,9 @@ unsigned long value = 0L; char ch; +#ifdef HASH_RANDOMIZATION + value = table->random_seed; +#endif if (name != NULL) { value += 30 * (*name); while ((ch = *name++) != 0) { @@ -92,6 +118,9 @@ unsigned long value = 0L; char ch; +#ifdef HASH_RANDOMIZATION + value = table->random_seed; +#endif if (prefix != NULL) value += 30 * (*prefix); else @@ -156,6 +185,13 @@ table->table = xmlMalloc(size * sizeof(xmlHashEntry)); if (table->table) { memset(table->table, 0, size * sizeof(xmlHashEntry)); +#ifdef HASH_RANDOMIZATION + if (!hash_initialized) { + srand(time(NULL)); + hash_initialized = 1; + } + table->random_seed = rand(); +#endif return(table); } xmlFree(table); only in patch2: unchanged: --- libxml2-2.7.8.dfsg.orig/entities.c +++ libxml2-2.7.8.dfsg/entities.c @@ -528,13 +528,13 @@ * Macro used to grow the current buffer. */ #define growBufferReentrant() { \ - buffer_size *= 2; \ - buffer = (xmlChar *) \ - xmlRealloc(buffer, buffer_size * sizeof(xmlChar)); \ - if (buffer == NULL) { \ - xmlEntitiesErrMemory("xmlEncodeEntitiesReentrant: realloc failed");\ - return(NULL); \ - } \ + xmlChar *tmp; \ + size_t new_size = buffer_size * 2; \ + if (new_size < buffer_size) goto mem_error; \ + tmp = (xmlChar *) xmlRealloc(buffer, new_size); \ + if (tmp == NULL) goto mem_error; \ + buffer = tmp; \ + buffer_size = new_size; \ } @@ -555,7 +555,7 @@ const xmlChar *cur = input; xmlChar *buffer = NULL; xmlChar *out = NULL; - int buffer_size = 0; + size_t buffer_size = 0; int html = 0; if (input == NULL) return(NULL); @@ -574,8 +574,8 @@ out = buffer; while (*cur != '\0') { - if (out - buffer > buffer_size - 100) { - int indx = out - buffer; + size_t indx = out - buffer; + if (indx + 100 > buffer_size) { growBufferReentrant(); out = &buffer[indx]; @@ -692,6 +692,11 @@ } *out = 0; return(buffer); + +mem_error: + xmlEntitiesErrMemory("xmlEncodeEntitiesReentrant: realloc failed"); + xmlFree(buffer); + return(NULL); } /** @@ -709,7 +714,7 @@ const xmlChar *cur = input; xmlChar *buffer = NULL; xmlChar *out = NULL; - int buffer_size = 0; + size_t buffer_size = 0; if (input == NULL) return(NULL); /* @@ -724,8 +729,8 @@ out = buffer; while (*cur != '\0') { - if (out - buffer > buffer_size - 10) { - int indx = out - buffer; + size_t indx = out - buffer; + if (indx + 10 > buffer_size) { growBufferReentrant(); out = &buffer[indx]; @@ -774,6 +779,11 @@ } *out = 0; return(buffer); + +mem_error: + xmlEntitiesErrMemory("xmlEncodeSpecialChars: realloc failed"); + xmlFree(buffer); + return(NULL); } /** only in patch2: unchanged: --- libxml2-2.7.8.dfsg.orig/debian/pycompat +++ libxml2-2.7.8.dfsg/debian/pycompat @@ -0,0 +1 @@ +2