-
Notifications
You must be signed in to change notification settings - Fork 165
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libxml2: Backport buffer overflow fixes
Issue: https://gitlab.gnome.org/GNOME/libxml2/-/issues/535 Backported patches: https://gitlab.gnome.org/GNOME/libxml2/-/commit/d0c3f01e110d54415611c5fa0040cdf4a56053f9 https://gitlab.gnome.org/GNOME/libxml2/-/commit/235b15a590eecf97b09e87bdb7e4f8333e9de129
- Loading branch information
1 parent
77c264b
commit 95e6323
Showing
3 changed files
with
103 additions
and
0 deletions.
There are no files selected for viewing
32 changes: 32 additions & 0 deletions
32
gvsbuild/patches/libxml2/0001-parser-fix-old-SAX1-parser-with-custom-callbacks.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| From d0c3f01e110d54415611c5fa0040cdf4a56053f9 Mon Sep 17 00:00:00 2001 | ||
| From: Nick Wellnhofer <wellnhofer@aevum.de> | ||
| Date: Sat, 6 May 2023 17:47:37 +0200 | ||
| Subject: [PATCH] parser: Fix old SAX1 parser with custom callbacks | ||
|
|
||
| For some reason, xmlCtxtUseOptionsInternal set the start and end element | ||
| SAX handlers to the internal DOM builder functions when XML_PARSE_SAX1 | ||
| was specified. This means that custom SAX handlers could never work with | ||
| that flag because these functions would receive the wrong user data | ||
| argument and crash immediately. | ||
|
|
||
| Fixes #535. | ||
| --- | ||
| parser.c | 2 -- | ||
| 1 file changed, 2 deletions(-) | ||
|
|
||
| diff --git a/parser.c b/parser.c | ||
| index bb05791d3..0c8bed129 100644 | ||
| --- a/parser.c | ||
| +++ b/parser.c | ||
| @@ -14479,8 +14479,6 @@ xmlCtxtUseOptionsInternal(xmlParserCtxtPtr ctxt, int options, const char *encodi | ||
| } | ||
| #ifdef LIBXML_SAX1_ENABLED | ||
| if (options & XML_PARSE_SAX1) { | ||
| - ctxt->sax->startElement = xmlSAX2StartElement; | ||
| - ctxt->sax->endElement = xmlSAX2EndElement; | ||
| ctxt->sax->startElementNs = NULL; | ||
| ctxt->sax->endElementNs = NULL; | ||
| ctxt->sax->initialized = 1; | ||
| -- | ||
| GitLab | ||
|
|
67 changes: 67 additions & 0 deletions
67
gvsbuild/patches/libxml2/0002-sax-always-initialize-SAX1-element-handlers.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| From 235b15a590eecf97b09e87bdb7e4f8333e9de129 Mon Sep 17 00:00:00 2001 | ||
| From: Nick Wellnhofer <wellnhofer@aevum.de> | ||
| Date: Mon, 8 May 2023 17:58:02 +0200 | ||
| Subject: [PATCH] SAX: Always initialize SAX1 element handlers | ||
|
|
||
| Follow-up to commit d0c3f01e. A parser context will be initialized to | ||
| SAX version 2, but this can be overridden with XML_PARSE_SAX1 later, | ||
| so we must initialize the SAX1 element handlers as well. | ||
|
|
||
| Change the check in xmlDetectSAX2 to only look for XML_SAX2_MAGIC, so | ||
| we don't switch to SAX1 if the SAX2 element handlers are NULL. | ||
| --- | ||
| SAX2.c | 11 +++++++---- | ||
| parser.c | 5 +---- | ||
| 2 files changed, 8 insertions(+), 8 deletions(-) | ||
|
|
||
| diff --git a/SAX2.c b/SAX2.c | ||
| index b6be1a6c4..910193892 100644 | ||
| --- a/SAX2.c | ||
| +++ b/SAX2.c | ||
| @@ -2874,20 +2874,23 @@ xmlSAXVersion(xmlSAXHandler *hdlr, int version) | ||
| { | ||
| if (hdlr == NULL) return(-1); | ||
| if (version == 2) { | ||
| - hdlr->startElement = NULL; | ||
| - hdlr->endElement = NULL; | ||
| hdlr->startElementNs = xmlSAX2StartElementNs; | ||
| hdlr->endElementNs = xmlSAX2EndElementNs; | ||
| hdlr->serror = NULL; | ||
| hdlr->initialized = XML_SAX2_MAGIC; | ||
| #ifdef LIBXML_SAX1_ENABLED | ||
| } else if (version == 1) { | ||
| - hdlr->startElement = xmlSAX2StartElement; | ||
| - hdlr->endElement = xmlSAX2EndElement; | ||
| hdlr->initialized = 1; | ||
| #endif /* LIBXML_SAX1_ENABLED */ | ||
| } else | ||
| return(-1); | ||
| +#ifdef LIBXML_SAX1_ENABLED | ||
| + hdlr->startElement = xmlSAX2StartElement; | ||
| + hdlr->endElement = xmlSAX2EndElement; | ||
| +#else | ||
| + hdlr->startElement = NULL; | ||
| + hdlr->endElement = NULL; | ||
| +#endif /* LIBXML_SAX1_ENABLED */ | ||
| hdlr->internalSubset = xmlSAX2InternalSubset; | ||
| hdlr->externalSubset = xmlSAX2ExternalSubset; | ||
| hdlr->isStandalone = xmlSAX2IsStandalone; | ||
| diff --git a/parser.c b/parser.c | ||
| index 0c8bed129..e133fe0a6 100644 | ||
| --- a/parser.c | ||
| +++ b/parser.c | ||
| @@ -842,10 +842,7 @@ xmlDetectSAX2(xmlParserCtxtPtr ctxt) { | ||
| if (ctxt == NULL) return; | ||
| sax = ctxt->sax; | ||
| #ifdef LIBXML_SAX1_ENABLED | ||
| - if ((sax) && (sax->initialized == XML_SAX2_MAGIC) && | ||
| - ((sax->startElementNs != NULL) || | ||
| - (sax->endElementNs != NULL) || | ||
| - ((sax->startElement == NULL) && (sax->endElement == NULL)))) | ||
| + if ((sax) && (sax->initialized == XML_SAX2_MAGIC)) | ||
| ctxt->sax2 = 1; | ||
| #else | ||
| ctxt->sax2 = 1; | ||
| -- | ||
| GitLab | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters