diff options
| author |   Pacho Ramos <pacho@gentoo.org> | 2011-06-13 14:55:35 +0000 |
|---|---|---|
| committer | Pacho Ramos <pacho@gentoo.org> | 2011-06-13 14:55:35 +0000 |
| commit | e1b3f8681d08924f23930b4f9e0c86b9fa7ed844 (patch) | |
| tree | a14bac166f3bda128c3b1ae78d37fce013b12e1a /dev-libs | |
| parent | No need to have econf die(). (diff) | |
| download | gentoo-2-e1b3f8681d08924f23930b4f9e0c86b9fa7ed844.tar.gz gentoo-2-e1b3f8681d08924f23930b4f9e0c86b9fa7ed844.tar.bz2 gentoo-2-e1b3f8681d08924f23930b4f9e0c86b9fa7ed844.zip | |
Fix some potential problems on reallocation failures (CVE-2011-1944), bug #370715 by Sylvia. Remove old.
(Portage version: 2.1.9.50/cvs/Linux x86_64)
Diffstat (limited to 'dev-libs')
| -rw-r--r-- | dev-libs/libxml2/ChangeLog | 9 | ||||
| -rw-r--r-- | dev-libs/libxml2/files/libxml2-2.7.8-reallocation-failures.patch | 101 | ||||
| -rw-r--r-- | dev-libs/libxml2/libxml2-2.7.8-r1.ebuild (renamed from dev-libs/libxml2/libxml2-2.7.7.ebuild) | 92 |
3 files changed, 173 insertions, 29 deletions
diff --git a/dev-libs/libxml2/ChangeLog b/dev-libs/libxml2/ChangeLog index 7d23be34b995..84ebbd2d3278 100644 --- a/dev-libs/libxml2/ChangeLog +++ b/dev-libs/libxml2/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for dev-libs/libxml2 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/libxml2/ChangeLog,v 1.304 2011/02/26 17:17:33 arfrever Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/libxml2/ChangeLog,v 1.305 2011/06/13 14:55:35 pacho Exp $ + +*libxml2-2.7.8-r1 (13 Jun 2011) + + 13 Jun 2011; Pacho Ramos <pacho@gentoo.org> -libxml2-2.7.7.ebuild, + +libxml2-2.7.8-r1.ebuild, +files/libxml2-2.7.8-reallocation-failures.patch: + Fix some potential problems on reallocation failures (CVE-2011-1944), bug + #370715 by Sylvia. Remove old. 26 Feb 2011; Arfrever Frehtes Taifersar Arahesis <arfrever@gentoo.org> libxml2-2.7.8.ebuild, +files/libxml2-2.7.8-disable_static_modules.patch: diff --git a/dev-libs/libxml2/files/libxml2-2.7.8-reallocation-failures.patch b/dev-libs/libxml2/files/libxml2-2.7.8-reallocation-failures.patch new file mode 100644 index 000000000000..a18756cb87a9 --- /dev/null +++ b/dev-libs/libxml2/files/libxml2-2.7.8-reallocation-failures.patch @@ -0,0 +1,101 @@ +From d7958b21e7f8c447a26bb2436f08402b2c308be4 Mon Sep 17 00:00:00 2001 +From: Chris Evans <scarybeasts@gmail.com> +Date: Wed, 23 Mar 2011 00:13:06 +0000 +Subject: Fix some potential problems on reallocation failures + +The count was incremented before the allocation +and not fixed in case of failure +* xpath.c: corrects a few instances where the available count of some + structure is updated before we know the allocation actually + succeeds +--- +diff --git a/xpath.c b/xpath.c +index 8b56189..608fe00 100644 +--- a/xpath.c ++++ b/xpath.c +@@ -3522,13 +3522,13 @@ xmlXPathNodeSetAddNs(xmlNodeSetPtr cur, xmlNodePtr node, xmlNsPtr ns) { + } else if (cur->nodeNr == cur->nodeMax) { + xmlNodePtr *temp; + +- cur->nodeMax *= 2; +- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * ++ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * + sizeof(xmlNodePtr)); + if (temp == NULL) { + xmlXPathErrMemory(NULL, "growing nodeset\n"); + return; + } ++ cur->nodeMax *= 2; + cur->nodeTab = temp; + } + cur->nodeTab[cur->nodeNr++] = xmlXPathNodeSetDupNs(node, ns); +@@ -3627,14 +3627,14 @@ xmlXPathNodeSetAddUnique(xmlNodeSetPtr cur, xmlNodePtr val) { + } else if (cur->nodeNr == cur->nodeMax) { + xmlNodePtr *temp; + +- cur->nodeMax *= 2; +- temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * ++ temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * + sizeof(xmlNodePtr)); + if (temp == NULL) { + xmlXPathErrMemory(NULL, "growing nodeset\n"); + return; + } + cur->nodeTab = temp; ++ cur->nodeMax *= 2; + } + if (val->type == XML_NAMESPACE_DECL) { + xmlNsPtr ns = (xmlNsPtr) val; +@@ -3738,14 +3738,14 @@ xmlXPathNodeSetMerge(xmlNodeSetPtr val1, xmlNodeSetPtr val2) { + } else if (val1->nodeNr == val1->nodeMax) { + xmlNodePtr *temp; + +- val1->nodeMax *= 2; +- temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * ++ temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 2 * + sizeof(xmlNodePtr)); + if (temp == NULL) { + xmlXPathErrMemory(NULL, "merging nodeset\n"); + return(NULL); + } + val1->nodeTab = temp; ++ val1->nodeMax *= 2; + } + if (n2->type == XML_NAMESPACE_DECL) { + xmlNsPtr ns = (xmlNsPtr) n2; +@@ -3907,14 +3907,14 @@ xmlXPathNodeSetMergeAndClear(xmlNodeSetPtr set1, xmlNodeSetPtr set2, + } else if (set1->nodeNr >= set1->nodeMax) { + xmlNodePtr *temp; + +- set1->nodeMax *= 2; + temp = (xmlNodePtr *) xmlRealloc( +- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr)); ++ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); + if (temp == NULL) { + xmlXPathErrMemory(NULL, "merging nodeset\n"); + return(NULL); + } + set1->nodeTab = temp; ++ set1->nodeMax *= 2; + } + if (n2->type == XML_NAMESPACE_DECL) { + xmlNsPtr ns = (xmlNsPtr) n2; +@@ -3991,14 +3991,14 @@ xmlXPathNodeSetMergeAndClearNoDupls(xmlNodeSetPtr set1, xmlNodeSetPtr set2, + } else if (set1->nodeNr >= set1->nodeMax) { + xmlNodePtr *temp; + +- set1->nodeMax *= 2; + temp = (xmlNodePtr *) xmlRealloc( +- set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr)); ++ set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); + if (temp == NULL) { + xmlXPathErrMemory(NULL, "merging nodeset\n"); + return(NULL); + } + set1->nodeTab = temp; ++ set1->nodeMax *= 2; + } + set1->nodeTab[set1->nodeNr++] = n2; + } +-- +cgit v0.9 diff --git a/dev-libs/libxml2/libxml2-2.7.7.ebuild b/dev-libs/libxml2/libxml2-2.7.8-r1.ebuild index e10eb8f02fb1..5934e7bc45bb 100644 --- a/dev-libs/libxml2/libxml2-2.7.7.ebuild +++ b/dev-libs/libxml2/libxml2-2.7.8-r1.ebuild @@ -1,20 +1,23 @@ -# Copyright 1999-2010 Gentoo Foundation +# Copyright 1999-2011 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/libxml2/libxml2-2.7.7.ebuild,v 1.14 2010/12/31 23:49:15 arfrever Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/libxml2/libxml2-2.7.8-r1.ebuild,v 1.1 2011/06/13 14:55:35 pacho Exp $ -EAPI="2" +EAPI="3" +PYTHON_DEPEND="python? 2" +PYTHON_USE_WITH="-build xml" +PYTHON_USE_WITH_OPT="python" SUPPORT_PYTHON_ABIS="1" RESTRICT_PYTHON_ABIS="3.* *-jython" -inherit libtool flag-o-matic eutils python +inherit libtool flag-o-matic eutils python autotools prefix DESCRIPTION="Version 2 of the library to manipulate XML files" HOMEPAGE="http://www.xmlsoft.org/" LICENSE="MIT" SLOT="2" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~sparc-fbsd ~x86-fbsd" -IUSE="debug doc examples ipv6 python readline test" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" +IUSE="debug doc examples icu ipv6 python readline test" XSTS_HOME="http://www.w3.org/XML/2004/xml-schema-test-suite" XSTS_NAME_1="xmlschema2002-01-16" @@ -28,7 +31,7 @@ SRC_URI="ftp://xmlsoft.org/${PN}/${P}.tar.gz ${XSTS_HOME}/${XSTS_NAME_2}/${XSTS_TARBALL_2} )" RDEPEND="sys-libs/zlib - python? ( || ( <dev-lang/python-3[xml] ( <dev-lang/python-3 dev-python/pyxml ) ) ) + icu? ( dev-libs/icu ) readline? ( sys-libs/readline )" DEPEND="${RDEPEND} @@ -55,14 +58,38 @@ src_unpack() { } src_prepare() { + # Patches needed for prefix support + epatch "${FILESDIR}"/${PN}-2.7.1-catalog_path.patch + epatch "${FILESDIR}"/${PN}-2.7.2-winnt.patch + + eprefixify catalog.c xmlcatalog.c runtest.c xmllint.c + epunt_cxx + # Reactivate the shared library versionning script + epatch "${FILESDIR}/${P}-reactivate-script.patch" + + # Fix a potential memory access error + epatch "${FILESDIR}/${P}-xpath-memory.patch" + + # Fix a potential freeing error in XPath + epatch "${FILESDIR}/${P}-xpath-freeing.patch" + epatch "${FILESDIR}/${P}-xpath-freeing2.patch" + + # Fix some potential problems on reallocation failures + epatch "${FILESDIR}/${P}-reallocation-failures.patch" + + epatch "${FILESDIR}/${P}-disable_static_modules.patch" + # Please do not remove, as else we get references to PORTAGE_TMPDIR # in /usr/lib/python?.?/site-packages/libxml2mod.la among things. - elibtoolize + # We now need to run eautoreconf at the end to prevent maintainer mode. +# elibtoolize # Python bindings are built/tested/installed manually. - sed -e "s/@PYTHON_SUBDIR@//" -i Makefile.in || die "sed failed" + sed -e "s/@PYTHON_SUBDIR@//" -i Makefile.am || die "sed failed" + + eautoreconf } src_configure() { @@ -75,10 +102,10 @@ src_configure() { # --with-mem-debug causes unusual segmentation faults (bug #105120). - local myconf="--with-zlib - --with-html-subdir=${PF}/html - --docdir=/usr/share/doc/${PF} + local myconf="--with-html-subdir=${PF}/html + --docdir=${EPREFIX}/usr/share/doc/${PF} $(use_with debug run-debug) + $(use_with icu) $(use_with python) $(use_with readline) $(use_with readline history) @@ -96,8 +123,8 @@ src_compile() { if use python; then python_copy_sources python building() { - emake PYTHON_INCLUDES="$(python_get_includedir)" \ - PYTHON_SITE_PACKAGES="$(python_get_sitedir)" + emake PYTHON_INCLUDES="${EPREFIX}$(python_get_includedir)" \ + PYTHON_SITE_PACKAGES="${EPREFIX}$(python_get_sitedir)" } python_execute_function -s --source-dir python building fi @@ -116,15 +143,24 @@ src_test() { src_install() { emake DESTDIR="${D}" \ - EXAMPLES_DIR=/usr/share/doc/${PF}/examples \ + EXAMPLES_DIR="${EPREFIX}"/usr/share/doc/${PF}/examples \ install || die "Installation failed" + # on windows, xmllint is installed by interix libxml2 in parent prefix. + # this is the version to use. the native winnt version does not support + # symlinks, which makes repoman fail if the portage tree is linked in + # from another location (which is my default). -- mduft + if [[ ${CHOST} == *-winnt* ]]; then + rm -rf "${ED}"/usr/bin/xmllint + rm -rf "${ED}"/usr/bin/xmlcatalog + fi + if use python; then installation() { emake DESTDIR="${D}" \ - PYTHON_SITE_PACKAGES="$(python_get_sitedir)" \ - docsdir=/usr/share/doc/${PF}/python \ - exampledir=/usr/share/doc/${PF}/python/examples \ + PYTHON_SITE_PACKAGES="${EPREFIX}$(python_get_sitedir)" \ + docsdir="${EPREFIX}"/usr/share/doc/${PF}/python \ + exampledir="${EPREFIX}"/usr/share/doc/${PF}/python/examples \ install } python_execute_function -s --source-dir python installation @@ -132,22 +168,22 @@ src_install() { python_clean_installation_image fi - rm -rf "${D}"/usr/share/doc/${P} + rm -rf "${ED}"/usr/share/doc/${P} dodoc AUTHORS ChangeLog Copyright NEWS README* TODO* || die "dodoc failed" if ! use python; then - rm -rf "${D}"/usr/share/doc/${PF}/python - rm -rf "${D}"/usr/share/doc/${PN}-python-${PV} + rm -rf "${ED}"/usr/share/doc/${PF}/python + rm -rf "${ED}"/usr/share/doc/${PN}-python-${PV} fi if ! use doc; then - rm -rf "${D}"/usr/share/gtk-doc - rm -rf "${D}"/usr/share/doc/${PF}/html + rm -rf "${ED}"/usr/share/gtk-doc + rm -rf "${ED}"/usr/share/doc/${PF}/html fi if ! use examples; then - rm -rf "${D}/usr/share/doc/${PF}/examples" - rm -rf "${D}/usr/share/doc/${PF}/python/examples" + rm -rf "${ED}/usr/share/doc/${PF}/examples" + rm -rf "${ED}/usr/share/doc/${PF}/python/examples" fi } @@ -163,14 +199,14 @@ pkg_postinst() { elog "Skipping XML catalog creation for stage building (bug #208887)." else # need an XML catalog, so no-one writes to a non-existent one - CATALOG="${ROOT}etc/xml/catalog" + CATALOG="${EROOT}etc/xml/catalog" # we dont want to clobber an existing catalog though, # only ensure that one is there # <obz@gentoo.org> if [ ! -e ${CATALOG} ]; then - [ -d "${ROOT}etc/xml" ] || mkdir -p "${ROOT}etc/xml" - /usr/bin/xmlcatalog --create > ${CATALOG} + [ -d "${EROOT}etc/xml" ] || mkdir -p "${EROOT}etc/xml" + "${EPREFIX}"/usr/bin/xmlcatalog --create > ${CATALOG} einfo "Created XML catalog in ${CATALOG}" fi fi |