forked from ports/contrib
raptor: 2.0.15 -> 2.0.16
This commit is contained in:
parent
82f1558c0c
commit
f5d9ba38bd
@ -1,14 +1,8 @@
|
||||
untrusted comment: verify with /etc/ports/contrib.pub
|
||||
RWSagIOpLGJF3/gBDtymhWE2UhGKfbMUphBMo0enOMwdGqMyS8MmV67+Tgm6YZBrfvK/9HDFjyXSAs9iWOrsBrlMeNu3UqX43Qg=
|
||||
SHA256 (Pkgfile) = d26de493e5cf26475fd0112a66dd2a591fd2fa5955d52e8728f122cab82845f9
|
||||
RWSagIOpLGJF35UgpaZ8EfTVaA1jnC3DFy1rz8GokYXTsOzoZ4Nd1WagOiHvTkyBVt6eH+zU1LIoqotD2pVgjdmftSwv67GqnA0=
|
||||
SHA256 (Pkgfile) = 92c22a06d5f057b2648096be875ec9c843ee22bb79bb84eda52ee2427050532b
|
||||
SHA256 (.footprint) = b57eb80a13e1c67b1d19c498a2cc3f34ecd87e8e582ccb8ed31990bda098ad99
|
||||
SHA256 (raptor2-2.0.15.tar.gz) = ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed
|
||||
SHA256 (0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1) = 043ac881307a39f5cd9b338dadeb46251f77b209f8745bee4c5a5cd23f27e5be
|
||||
SHA256 (0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1) = b5be11eb023aa8499b12d9a18bc5c96aab21dadf2e50dc4be5850ea21d4e1d5f
|
||||
SHA256 (Wint-conversion.patch) = 6813a4ee6e2b0723c7a90601ffa07fa5a6f2f92bd01e9b42adfbb3930602382a
|
||||
SHA256 (raptor2-2.0.16.tar.gz) = 089db78d7ac982354bdbf39d973baf09581e6904ac4c92a98c5caadb3de44680
|
||||
SHA256 (libtool.patch) = 6234df68001f6b8df208f1c8604a5521515396dfc9da6a554e8bfacf8b4b002b
|
||||
SHA256 (raptor-bundled-soname.patch.1) = d8fc57db15dde1abcca157cf8cf90a4296c3627b115d84a3d6f39fcb6e9b363e
|
||||
SHA256 (raptor-emscripten.patch.1) = f338f7eb5ef5d8146a5ffc6fd25227f5cee0999b9086c13f205aa015ceb12308
|
||||
SHA256 (rpath.patch) = ec14f0dea02f29f36e77e7da5d3eb780466bece2f2937cef82713e011758eb53
|
||||
SHA256 (ubsan.patch) = 4e56d1ba2c6c942ebfbb962f53666b0dc3253eccfa5cf9a4b2411f1acfa3998b
|
||||
SHA256 (xml2-config.patch) = 7a9384a15a837f6b839cbb8a8e5054db2ef61b76adcdcbc521b6b651d6aa4cfb
|
||||
|
||||
@ -1,33 +0,0 @@
|
||||
From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
|
||||
Date: Tue, 24 Nov 2020 10:30:20 +0000
|
||||
Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a
|
||||
segfault
|
||||
|
||||
due to an out of bounds array access in
|
||||
raptor_xml_writer_start_element_common
|
||||
|
||||
See:
|
||||
https://bugs.mageia.org/show_bug.cgi?id=27605
|
||||
https://www.openwall.com/lists/oss-security/2020/11/13/1
|
||||
https://gerrit.libreoffice.org/c/core/+/106249
|
||||
---
|
||||
src/raptor_xml_writer.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
|
||||
index 56993dc3..4426d38c 100644
|
||||
--- a/src/raptor_xml_writer.c
|
||||
+++ b/src/raptor_xml_writer.c
|
||||
@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
|
||||
|
||||
/* check it wasn't an earlier declaration too */
|
||||
for(j = 0; j < nspace_declarations_count; j++)
|
||||
- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) {
|
||||
+ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) {
|
||||
declare_me = 0;
|
||||
break;
|
||||
}
|
||||
--
|
||||
2.28.0
|
||||
|
||||
@ -1,43 +0,0 @@
|
||||
From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001
|
||||
From: Dave Beckett <dave@dajobe.org>
|
||||
Date: Sun, 16 Apr 2017 23:15:12 +0100
|
||||
Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
|
||||
|
||||
(raptor_xml_writer_start_element_common): Calculate max including for
|
||||
each attribute a potential name and value.
|
||||
|
||||
Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
|
||||
and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
|
||||
---
|
||||
src/raptor_xml_writer.c | 7 ++++---
|
||||
1 file changed, 4 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
|
||||
index 693b946..0d3a36a 100644
|
||||
--- a/src/raptor_xml_writer.c
|
||||
+++ b/src/raptor_xml_writer.c
|
||||
@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
|
||||
size_t nspace_declarations_count = 0;
|
||||
unsigned int i;
|
||||
|
||||
- /* max is 1 per element and 1 for each attribute + size of declared */
|
||||
if(nstack) {
|
||||
- int nspace_max_count = element->attribute_count+1;
|
||||
+ int nspace_max_count = element->attribute_count * 2; /* attr and value */
|
||||
+ if(element->name->nspace)
|
||||
+ nspace_max_count++;
|
||||
if(element->declared_nspaces)
|
||||
nspace_max_count += raptor_sequence_size(element->declared_nspaces);
|
||||
if(element->xml_language)
|
||||
@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
|
||||
}
|
||||
}
|
||||
|
||||
- /* Add the attribute + value */
|
||||
+ /* Add the attribute's value */
|
||||
nspace_declarations[nspace_declarations_count].declaration=
|
||||
raptor_qname_format_as_xml(element->attributes[i],
|
||||
&nspace_declarations[nspace_declarations_count].length);
|
||||
--
|
||||
2.9.3
|
||||
|
||||
@ -4,30 +4,18 @@
|
||||
# Depends on: icu libxslt
|
||||
|
||||
name=raptor
|
||||
version=2.0.15
|
||||
release=3
|
||||
version=2.0.16
|
||||
release=1
|
||||
source=(http://librdf.org/dist/source/raptor2-$version.tar.gz
|
||||
0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1
|
||||
0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
|
||||
Wint-conversion.patch
|
||||
libtool.patch
|
||||
raptor-bundled-soname.patch.1
|
||||
raptor-emscripten.patch.1
|
||||
rpath.patch
|
||||
ubsan.patch
|
||||
xml2-config.patch)
|
||||
|
||||
build() {
|
||||
cd "$name"2-$version
|
||||
|
||||
patch -Np1 -i $SRC/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1
|
||||
patch -Np1 -i $SRC/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
|
||||
patch -Np0 -i $SRC/Wint-conversion.patch
|
||||
patch -Np0 -i $SRC/libtool.patch
|
||||
patch -Np1 -i $SRC/raptor-bundled-soname.patch.1
|
||||
patch -Np1 -i $SRC/raptor-emscripten.patch.1
|
||||
patch -Np0 -i $SRC/rpath.patch
|
||||
patch -Np0 -i $SRC/ubsan.patch
|
||||
patch -Np0 -i $SRC/xml2-config.patch
|
||||
|
||||
./configure --prefix=/usr \
|
||||
|
||||
@ -1,22 +0,0 @@
|
||||
--- src/raptor_parse.c
|
||||
+++ src/raptor_parse.c
|
||||
@@ -257,7 +257,7 @@
|
||||
int
|
||||
raptor_world_get_parsers_count(raptor_world* world)
|
||||
{
|
||||
- RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, NULL);
|
||||
+ RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, 0);
|
||||
|
||||
raptor_world_open(world);
|
||||
|
||||
--- src/raptor_serialize.c
|
||||
+++ src/raptor_serialize.c
|
||||
@@ -240,7 +240,7 @@
|
||||
int
|
||||
raptor_world_get_serializers_count(raptor_world* world)
|
||||
{
|
||||
- RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, NULL);
|
||||
+ RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, 0);
|
||||
|
||||
raptor_world_open(world);
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
rhbz#809466 change soname of bundled redland libs
|
||||
|
||||
--- a/src/Makefile.in 2013-03-29 19:11:27.944919859 +0100
|
||||
+++ b/src/Makefile.in 2013-03-29 19:17:42.173916644 +0100
|
||||
@@ -507,7 +507,7 @@
|
||||
$(am__append_21) $(am__append_22) $(am__append_23) \
|
||||
$(am__append_24) $(am__append_25) $(am__append_26)
|
||||
libraptor2_la_LIBADD = $(am__append_29) @LTLIBOBJS@
|
||||
-libraptor2_la_LDFLAGS = -version-info @RAPTOR_LIBTOOL_VERSION@ \
|
||||
+libraptor2_la_LDFLAGS = -version-info @RAPTOR_LIBTOOL_VERSION@ -release lo \
|
||||
@RAPTOR_LDFLAGS@ $(MEM_LIBS)
|
||||
|
||||
EXTRA_DIST = \
|
||||
@ -1,12 +0,0 @@
|
||||
-*- Mode: Diff -*-
|
||||
--- raptor/src/sort_r.h
|
||||
+++ raptor/src/sort_r.h
|
||||
@@ -27,7 +27,7 @@
|
||||
defined AMIGA)
|
||||
# define _SORT_R_BSD
|
||||
#elif (defined _GNU_SOURCE || defined __gnu_hurd__ || defined __GNU__ || \
|
||||
- defined __linux__ || defined __MINGW32__ || defined __GLIBC__)
|
||||
+ defined __linux__ || defined __MINGW32__ || defined __GLIBC__ || defined __EMSCRIPTEN__)
|
||||
# define _SORT_R_LINUX
|
||||
#elif (defined _WIN32 || defined _WIN64 || defined __WINDOWS__)
|
||||
# define _SORT_R_WINDOWS
|
||||
@ -1,25 +0,0 @@
|
||||
--- src/raptor_rfc2396.c
|
||||
+++ src/raptor_rfc2396.c
|
||||
@@ -386,7 +386,7 @@
|
||||
}
|
||||
|
||||
|
||||
- if(prev && s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
|
||||
+ if(prev && cur && s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
|
||||
/* Remove <component>/.. at the end of the path */
|
||||
*prev = '\0';
|
||||
path_len -= (s-prev);
|
||||
--- src/raptor_uri.c
|
||||
+++ src/raptor_uri.c
|
||||
@@ -1336,9 +1336,9 @@
|
||||
!strncmp((const char*)base_detail->scheme,
|
||||
(const char*)reference_detail->scheme,
|
||||
base_detail->scheme_len) &&
|
||||
- !strncmp((const char*)base_detail->authority,
|
||||
+ (base_detail->authority_len == 0 || !strncmp((const char*)base_detail->authority,
|
||||
(const char*)reference_detail->authority,
|
||||
- base_detail->authority_len)) {
|
||||
+ base_detail->authority_len))) {
|
||||
|
||||
if(!base_detail->path) {
|
||||
if(reference_detail->path) {
|
||||
Loading…
x
Reference in New Issue
Block a user