2.0210 bump (rhbz#2260127)

2024-01-25 15:11:10 +01:00 · 2024-01-25 15:11:10 +01:00 · 1d2c30416d
commit 1d2c30416d
parent 72053113df
5 changed files with 7 additions and 138 deletions
--- a/.gitignore
+++ b/.gitignore
@ -61,3 +61,4 @@ XML-LibXML-1.70.tar.gz
 /XML-LibXML-2.0207.tar.gz
 /XML-LibXML-2.0208.tar.gz
 /XML-LibXML-2.0209.tar.gz
 /XML-LibXML-2.0210.tar.gz
--- a/XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch
+++ b/XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch
@ -1,76 +0,0 @@
 From c2e705e650bc5569a7ea3b7c7ebace23538be808 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
 Date: Tue, 28 Nov 2023 15:35:10 +0100
 Subject: [PATCH 2/2] Fix copying external entity from an ext_ent_handler
 handler
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 With libxml2-2.12.0 and perl-5.38.0 t/44extent.t failed:
    $ perl -Iblib/{lib,arch} ./t/44extent.t
    1..7
    Entity: line 1: parser error : Char 0x0 out of allowed range
    pseudoroot
 	      ^
    Entity: line 1: parser error : PCDATA invalid Char value 0
    pseudoroot
 	      ^
    [...]
    :8: parser error : Entity 'b' failed to parse
      <b>&b;</b>
 	    ^
    # Looks like your test exited with 2 before it could output anything.
 The cause was xmlParserInputBufferCreateMem() which does not copy a supplied
 buffer. A string returned by the ext_ent_handler handler. As a result, libxml2
 read from a deallocated memory parsing random garbage.
 This patch fixes it by copying the string with
 xmlParserInputBufferPush().
 https://github.com/shlomif/perl-XML-LibXML/issues/81
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 LibXML.xs | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)
 diff --git a/LibXML.xs b/LibXML.xs
 index b5b0b95..7e21ea8 100644
 --- a/LibXML.xs
 +++ b/LibXML.xs
@@ -25,6 +25,7 @@ extern "C" {
 #include "Av_CharPtrPtr.h"  /* XS_*_charPtrPtr() */
 #include <fcntl.h>
 +#include <limits.h> /* INT_MAX */
 #ifndef WIN32
 #include <unistd.h>
@@ -869,11 +870,17 @@ LibXML_load_external_entity(
         results = POPs;
         results_pv = SvPV(results, results_len);
 -        input_buf = xmlParserInputBufferCreateMem(
 -                        results_pv,
 -                        results_len,
 -                        XML_CHAR_ENCODING_NONE
 -                        );
 +        if (results_len > INT_MAX) {
 +            croak("a buffer would be too big\n");
 +        }
 +        input_buf = xmlAllocParserInputBuffer(XML_CHAR_ENCODING_NONE);
 +        if (!input_buf) {
 +            croak("cannot create a buffer!\n");
 +        }
 +        if (-1 == xmlParserInputBufferPush(input_buf, (int)results_len, results_pv)) {
 +            xmlFreeParserInputBuffer(input_buf);
 +            croak("cannot push an external entity into a buffer!\n");
 +        }
         PUTBACK;
         FREETMPS;
 -- 
 2.42.0
--- a/XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch
+++ b/XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch
@ -1,54 +0,0 @@
 From 8751785951fbde48ffa16a476da3e4adb2bbcde5 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Mon, 16 Jan 2023 18:50:10 -0800
 Subject: [PATCH 1/2] libxml-mm: Fix function prototypes in function pointers
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 This is now detected with latest clang16+
 Fixes
 error: incompatible function pointer types passing 'void (void *, void *, xmlChar *)' (aka 'void (void *, void *, unsigned char *)') to parameter of type 'xmlHashScanner' (aka 'void (*)(void *, void *, const unsigned char *)') [-Wincompatible-function-pointer-types]
                xmlHashScan(r, PmmRegistryDumpHashScanner, NULL);
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 Signed-off-by: Petr Písař <ppisar@redhat.com>
 ---
 perl-libxml-mm.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 diff --git a/perl-libxml-mm.c b/perl-libxml-mm.c
 index a3e78a2..ec2b5ea 100644
 --- a/perl-libxml-mm.c
 +++ b/perl-libxml-mm.c
@@ -121,7 +121,7 @@ PmmFreeHashTable(xmlHashTablePtr table)
 extern SV* PROXY_NODE_REGISTRY_MUTEX;
 /* Utility method used by PmmDumpRegistry */
 -void PmmRegistryDumpHashScanner(void * payload, void * data, xmlChar * name)
 +void PmmRegistryDumpHashScanner(void * payload, void * data, const xmlChar * name)
 {
 	LocalProxyNodePtr lp = (LocalProxyNodePtr) payload;
 	ProxyNodePtr node = (ProxyNodePtr) lp->proxy;
@@ -215,7 +215,7 @@ PmmRegisterProxyNode(ProxyNodePtr proxy)
 /* PP: originally this was static inline void, but on AIX the compiler
    did not chew it, so I'm removing the inline */
 static void
 -PmmRegistryHashDeallocator(void *payload, xmlChar *name)
 +PmmRegistryHashDeallocator(void *payload, const xmlChar *name)
 {
 	Safefree((LocalProxyNodePtr) payload);
 }
@@ -279,7 +279,7 @@ PmmRegistryREFCNT_dec(ProxyNodePtr proxy)
  * internal, used by PmmCloneProxyNodes
  */
 void *
 -PmmRegistryHashCopier(void *payload, xmlChar *name)
 +PmmRegistryHashCopier(void *payload, const xmlChar *name)
 {
 	ProxyNodePtr proxy = ((LocalProxyNodePtr) payload)->proxy;
 	LocalProxyNodePtr lp;
 -- 
 2.42.0
--- a/perl-XML-LibXML.spec
+++ b/perl-XML-LibXML.spec
@ -7,8 +7,8 @@ Name:           perl-XML-LibXML
 # https://bugzilla.redhat.com/show_bug.cgi?id=469480
 # it might not be needed anymore
 # this module is maintained, the other is not
-Version:        2.0209
+Version:        2.0210
-Release:        4%{?dist}
+Release:        1%{?dist}
 Epoch:          1
 Summary:        Perl interface to the libxml2 library
 License:        (GPL-1.0-or-later OR Artistic-1.0-Perl) AND MIT
@ -19,11 +19,6 @@ Source0:        https://cpan.metacpan.org/authors/id/S/SH/SHLOMIF/XML-LibXML-%{v
 Patch0:         XML-LibXML-2.0202-Parse-an-ampersand-entity-in-SAX-interface.patch
 # To reduce dependencies replace Alien::Libxml2 with pkg-config
 Patch1:         XML-LibXML-2.0208-Use-pkgconfig-instead-of-Alien-Libxml2.patch
 # Fix callback prototypes, in upstream after 2.0209, bug #2251181
 Patch2:         XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch
 # Adjust external entity callback to libxml2-2.12.0, in upstream after 2.0209,
 # bug #2251181, <https://github.com/shlomif/perl-XML-LibXML/issues/82>
 Patch3:         XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch
 BuildRequires:  coreutils
 BuildRequires:  findutils
 BuildRequires:  glibc-common
@ -194,6 +189,9 @@ fi
 %{_libexecdir}/%{name}
 %changelog
 * Thu Jan 25 2024 Jitka Plesnikova <jplesnik@redhat.com> - 1:2.0210-1
 - 2.0210 bump (rhbz#2260127)
 * Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:2.0209-4
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (XML-LibXML-2.0209.tar.gz) = 3fd41775477ccb2eb9c72c72453436edcf2ed3db9aa1bbf53451c1407c5b6feeafd3ecc9f30507679f4dba15476044f43b5048da787c20a200831c0669b49262
+SHA512 (XML-LibXML-2.0210.tar.gz) = ae72b25ac6362152fa85ec9fed03fad694382bde29f459e1bd95b3ca4d1b0dffb76d2f8319bc6fbc6e291583696c3b95b41a23cc2bb509ce6f3fd7d74666fd77
`@ -1 +1 @@`
	`SHA512 (XML-LibXML-2.0209.tar.gz) = 3fd41775477ccb2eb9c72c72453436edcf2ed3db9aa1bbf53451c1407c5b6feeafd3ecc9f30507679f4dba15476044f43b5048da787c20a200831c0669b49262`	`SHA512 (XML-LibXML-2.0210.tar.gz) = ae72b25ac6362152fa85ec9fed03fad694382bde29f459e1bd95b3ca4d1b0dffb76d2f8319bc6fbc6e291583696c3b95b41a23cc2bb509ce6f3fd7d74666fd77`