pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q3]: pkgsrc/textproc/libxml Pullup ticket 147 - requested ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/4cb3ef1c6c48
branches: pkgsrc-2004Q3
changeset: 480749:4cb3ef1c6c48
user: salo <salo%pkgsrc.org@localhost>
date: Wed Nov 24 22:40:34 2004 +0000
description:
Pullup ticket 147 - requested by Julio M. Merino Vidal
security fix for libxml
Module Name: pkgsrc
Committed By: jmmv
Date: Sat Nov 20 22:07:49 UTC 2004
Modified Files:
pkgsrc/textproc/libxml: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/textproc/libxml/patches: patch-ad patch-ae
Log Message:
Backport security fixes (in the nanohttp and the nanoftp modules)
from libxml2 (several buffer overflows). Bump PKGREVISION to 3.
diffstat:
textproc/libxml/Makefile | 4 +-
textproc/libxml/distinfo | 4 +-
textproc/libxml/patches/patch-ad | 106 +++++++++++++++++++++++++++++++++++++++
textproc/libxml/patches/patch-ae | 47 +++++++++++++++++
4 files changed, 158 insertions(+), 3 deletions(-)
diffs (189 lines):
diff -r 00194a734ed5 -r 4cb3ef1c6c48 textproc/libxml/Makefile
--- a/textproc/libxml/Makefile Fri Nov 19 17:45:08 2004 +0000
+++ b/textproc/libxml/Makefile Wed Nov 24 22:40:34 2004 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.31 2004/02/15 12:27:10 jlam Exp $
+# $NetBSD: Makefile,v 1.31.6.1 2004/11/24 22:40:34 salo Exp $
#
DISTNAME= libxml-1.8.17
-PKGREVISION= 1
+PKGREVISION= 3
CATEGORIES= textproc devel lang gnome
MASTER_SITES= ftp://rpmfind.net/pub/veillard/ \
${MASTER_SITE_GNOME:=sources/libxml/1.8/}
diff -r 00194a734ed5 -r 4cb3ef1c6c48 textproc/libxml/distinfo
--- a/textproc/libxml/distinfo Fri Nov 19 17:45:08 2004 +0000
+++ b/textproc/libxml/distinfo Wed Nov 24 22:40:34 2004 +0000
@@ -1,7 +1,9 @@
-$NetBSD: distinfo,v 1.8 2003/04/25 03:09:08 martti Exp $
+$NetBSD: distinfo,v 1.8.8.1 2004/11/24 22:40:34 salo Exp $
SHA1 (libxml-1.8.17.tar.gz) = ebe7b76bb2b62c882000c1a846a6f8f8346e3bb4
Size (libxml-1.8.17.tar.gz) = 996351 bytes
SHA1 (patch-aa) = 977a9e7f628910c2bc7e7f3c04de9917826bc0b7
SHA1 (patch-ab) = 6c72ef59fe094ddbb4901b0f35eb681a4d0b4ff2
SHA1 (patch-ac) = b94818200397d6c6457053fa5fe02a6049d52c44
+SHA1 (patch-ad) = 1513deb92711d9b17114ce4a00d9d5f1714234d3
+SHA1 (patch-ae) = 7f3f56ff649f3718b855da9a2d8e6f64dee95086
diff -r 00194a734ed5 -r 4cb3ef1c6c48 textproc/libxml/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml/patches/patch-ad Wed Nov 24 22:40:34 2004 +0000
@@ -0,0 +1,106 @@
+$NetBSD: patch-ad,v 1.2.8.1 2004/11/24 22:40:34 salo Exp $
+
+--- nanoftp.c.orig 2000-07-10 12:16:39.000000000 +0200
++++ nanoftp.c
+@@ -65,6 +65,8 @@ static char hostname[100];
+ #define FTP_GET_PASSWD 331
+ #define FTP_BUF_SIZE 512
+
++#define XML_NANO_MAX_URLBUF 4096
++
+ typedef struct xmlNanoFTPCtxt {
+ char *protocol; /* the protocol name */
+ char *hostname; /* the host name */
+@@ -203,7 +205,7 @@ static void
+ xmlNanoFTPScanURL(void *ctx, const char *URL) {
+ xmlNanoFTPCtxtPtr ctxt = (xmlNanoFTPCtxtPtr) ctx;
+ const char *cur = URL;
+- char buf[4096];
++ char buf[XML_NANO_MAX_URLBUF];
+ int index = 0;
+ int port = 0;
+
+@@ -221,7 +223,7 @@ xmlNanoFTPScanURL(void *ctx, const char
+ }
+ if (URL == NULL) return;
+ buf[index] = 0;
+- while (*cur != 0) {
++ while ((*cur != 0) && (index < XML_NANO_MAX_URLBUF - 1)) {
+ if ((cur[0] == ':') && (cur[1] == '/') && (cur[2] == '/')) {
+ buf[index] = 0;
+ ctxt->protocol = xmlMemStrdup(buf);
+@@ -234,7 +236,7 @@ xmlNanoFTPScanURL(void *ctx, const char
+ if (*cur == 0) return;
+
+ buf[index] = 0;
+- while (1) {
++ while (index < XML_NANO_MAX_URLBUF - 1) {
+ if (cur[0] == ':') {
+ buf[index] = 0;
+ ctxt->hostname = xmlMemStrdup(buf);
+@@ -263,7 +265,7 @@ xmlNanoFTPScanURL(void *ctx, const char
+ else {
+ index = 0;
+ buf[index] = 0;
+- while (*cur != 0)
++ while ((*cur != 0) && (index < XML_NANO_MAX_URLBUF-1))
+ buf[index++] = *cur++;
+ buf[index] = 0;
+ ctxt->path = xmlMemStrdup(buf);
+@@ -288,7 +290,7 @@ int
+ xmlNanoFTPUpdateURL(void *ctx, const char *URL) {
+ xmlNanoFTPCtxtPtr ctxt = (xmlNanoFTPCtxtPtr) ctx;
+ const char *cur = URL;
+- char buf[4096];
++ char buf[XML_NANO_MAX_URLBUF];
+ int index = 0;
+ int port = 0;
+
+@@ -301,7 +303,7 @@ xmlNanoFTPUpdateURL(void *ctx, const cha
+ if (ctxt->hostname == NULL)
+ return(-1);
+ buf[index] = 0;
+- while (*cur != 0) {
++ while ((*cur != 0) && (index < XML_NANO_MAX_URLBUF-1)) {
+ if ((cur[0] == ':') && (cur[1] == '/') && (cur[2] == '/')) {
+ buf[index] = 0;
+ if (strcmp(ctxt->protocol, buf))
+@@ -353,7 +355,7 @@ xmlNanoFTPUpdateURL(void *ctx, const cha
+ else {
+ index = 0;
+ buf[index] = 0;
+- while (*cur != 0)
++ while ((*cur != 0) && (index < XML_NANO_MAX_URLBUF-1))
+ buf[index++] = *cur++;
+ buf[index] = 0;
+ ctxt->path = xmlMemStrdup(buf);
+@@ -374,7 +376,7 @@ xmlNanoFTPUpdateURL(void *ctx, const cha
+ void
+ xmlNanoFTPScanProxy(const char *URL) {
+ const char *cur = URL;
+- char buf[4096];
++ char buf[XML_NANO_MAX_URLBUF];
+ int index = 0;
+ int port = 0;
+
+@@ -393,7 +395,7 @@ xmlNanoFTPScanProxy(const char *URL) {
+ #endif
+ if (URL == NULL) return;
+ buf[index] = 0;
+- while (*cur != 0) {
++ while ((*cur != 0) && (index < XML_NANO_MAX_URLBUF-1)) {
+ if ((cur[0] == ':') && (cur[1] == '/') && (cur[2] == '/')) {
+ buf[index] = 0;
+ index = 0;
+@@ -828,6 +830,11 @@ xmlNanoFTPConnect(void *ctx) {
+ if (hp == NULL)
+ return(-1);
+
++ if ((unsigned int) hp->h_length >
++ sizeof(((struct sockaddr_in *)&ctxt->ftpAddr)->sin_addr)) {
++ return (-1);
++ }
++
+ /*
+ * Prepare the socket
+ */
diff -r 00194a734ed5 -r 4cb3ef1c6c48 textproc/libxml/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml/patches/patch-ae Wed Nov 24 22:40:34 2004 +0000
@@ -0,0 +1,47 @@
+$NetBSD: patch-ae,v 1.1.2.2 2004/11/24 22:40:34 salo Exp $
+
+--- nanohttp.c.orig 2000-06-28 20:33:46.000000000 +0200
++++ nanohttp.c
+@@ -161,6 +161,7 @@ xmlNanoHTTPScanURL(xmlNanoHTTPCtxtPtr ct
+ const char *cur = URL;
+ char buf[4096];
+ int index = 0;
++ const int indexMax = 4096 - 1;
+ int port = 0;
+
+ if (ctxt->protocol != NULL) {
+@@ -177,7 +178,7 @@ xmlNanoHTTPScanURL(xmlNanoHTTPCtxtPtr ct
+ }
+ if (URL == NULL) return;
+ buf[index] = 0;
+- while (*cur != 0) {
++ while ((*cur != 0) && (index < indexMax)) {
+ if ((cur[0] == ':') && (cur[1] == '/') && (cur[2] == '/')) {
+ buf[index] = 0;
+ ctxt->protocol = xmlMemStrdup(buf);
+@@ -219,7 +220,7 @@ xmlNanoHTTPScanURL(xmlNanoHTTPCtxtPtr ct
+ else {
+ index = 0;
+ buf[index] = 0;
+- while (*cur != 0)
++ while ((*cur != 0) && (index < indexMax))
+ buf[index++] = *cur++;
+ buf[index] = 0;
+ ctxt->path = xmlMemStrdup(buf);
+@@ -241,6 +242,7 @@ xmlNanoHTTPScanProxy(const char *URL) {
+ const char *cur = URL;
+ char buf[4096];
+ int index = 0;
++ const int indexMax = 4096 - 1;
+ int port = 0;
+
+ if (proxy != NULL) {
+@@ -258,7 +260,7 @@ xmlNanoHTTPScanProxy(const char *URL) {
+ #endif
+ if (URL == NULL) return;
+ buf[index] = 0;
+- while (*cur != 0) {
++ while ((*cur != 0) && (index < indexMax)) {
+ if ((cur[0] == ':') && (cur[1] == '/') && (cur[2] == '/')) {
+ buf[index] = 0;
+ index = 0;
Home |
Main Index |
Thread Index |
Old Index