rpms/perl-XML-LibXML
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix CVE-2017-10672

Browse Source
This commit is contained in:
Petr Písař 2017-07-17 13:23:33 +02:00
parent 57c60f31f6
commit 8874c00a80
2 changed files with 86 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
XML-LibXML-2.0129-CVE-2017-10672.patch Normal file
View File

@ -0,0 +1,77 @@
diff -urN XML-LibXML-2.0129.orig/LibXML.xs XML-LibXML-2.0129/LibXML.xs
--- XML-LibXML-2.0129.orig/LibXML.xs 2016-06-24 18:01:53.000000000 +0200
+++ XML-LibXML-2.0129/LibXML.xs 2017-07-13 12:41:48.000000000 +0200
@@ -4829,38 +4829,42 @@
PREINIT:
xmlNodePtr ret = NULL;
CODE:
- if ( self->type == XML_DOCUMENT_NODE ) {
- switch ( nNode->type ) {
- case XML_ELEMENT_NODE:
- warn("replaceChild with an element on a document node not supported yet!");
- XSRETURN_UNDEF;
- break;
- case XML_DOCUMENT_FRAG_NODE:
- warn("replaceChild with a document fragment node on a document node not supported yet!");
- XSRETURN_UNDEF;
- break;
- case XML_TEXT_NODE:
- case XML_CDATA_SECTION_NODE:
- warn("replaceChild with a text node not supported on a document node!");
- XSRETURN_UNDEF;
- break;
- default:
- break;
- }
- }
- ret = domReplaceChild( self, nNode, oNode );
- if (ret == NULL) {
- XSRETURN_UNDEF;
- }
- else {
- LibXML_reparent_removed_node(ret);
- RETVAL = PmmNodeToSv(ret, PmmOWNERPO(PmmPROXYNODE(ret)));
- if (nNode->type == XML_DTD_NODE) {
- LibXML_set_int_subset(nNode->doc, nNode);
+ if( nNode == oNode ) {
+ RETVAL = nNode;
+ }else{
+ if ( self->type == XML_DOCUMENT_NODE ) {
+ switch ( nNode->type ) {
+ case XML_ELEMENT_NODE:
+ warn("replaceChild with an element on a document node not supported yet!");
+ XSRETURN_UNDEF;
+ break;
+ case XML_DOCUMENT_FRAG_NODE:
+ warn("replaceChild with a document fragment node on a document node not supported yet!");
+ XSRETURN_UNDEF;
+ break;
+ case XML_TEXT_NODE:
+ case XML_CDATA_SECTION_NODE:
+ warn("replaceChild with a text node not supported on a document node!");
+ XSRETURN_UNDEF;
+ break;
+ default:
+ break;
+ }
}
- if ( nNode->_private != NULL ) {
- PmmFixOwner( PmmPROXYNODE(nNode),
- PmmOWNERPO(PmmPROXYNODE(self)) );
+ ret = domReplaceChild( self, nNode, oNode );
+ if (ret == NULL) {
+ XSRETURN_UNDEF;
+ }
+ else {
+ LibXML_reparent_removed_node(ret);
+ RETVAL = PmmNodeToSv(ret, PmmOWNERPO(PmmPROXYNODE(ret)));
+ if (nNode->type == XML_DTD_NODE) {
+ LibXML_set_int_subset(nNode->doc, nNode);
+ }
+ if ( nNode->_private != NULL ) {
+ PmmFixOwner( PmmPROXYNODE(nNode),
+ PmmOWNERPO(PmmPROXYNODE(self)) );
+ }
}
}
OUTPUT:

10
perl-XML-LibXML.spec
View File

@ -8,13 +8,16 @@ Name: perl-XML-LibXML
# it might not be needed anymore
# this module is maintained, the other is not
Version: 2.0129
Release: 4%{?dist}
Release: 5%{?dist}
Epoch: 1
Summary: Perl interface to the libxml2 library
Group: Development/Libraries
License: (GPL+ or Artistic) and MIT
URL: http://search.cpan.org/dist/XML-LibXML/
Source0: http://search.cpan.org/CPAN/authors/id/S/SH/SHLOMIF/XML-LibXML-%{version}.tar.gz
# Fix CVE-2017-10672 (use-after-free by controlling the arguments to
# a replaceChild call), bug #1470205
Patch0: XML-LibXML-2.0129-CVE-2017-10672.patch
BuildRequires: coreutils
BuildRequires: findutils
BuildRequires: glibc-common
@ -93,6 +96,7 @@ validating XML parser and the high performance DOM implementation.
%prep
%setup -q -n XML-LibXML-%{version}
%patch0 -p1
chmod -x *.c
for i in Changes; do
/usr/bin/iconv -f iso8859-1 -t utf-8 $i > $i.conv && /bin/mv -f $i.conv $i
@ -136,6 +140,10 @@ fi
%{_mandir}/man3/*.3*
%changelog
* Mon Jul 17 2017 Petr Pisar <ppisar@redhat.com> - 1:2.0129-5
- Fix CVE-2017-10672 (use-after-free by controlling the arguments to
a replaceChild call) (bug #1470205)
* Fri Jul 14 2017 Petr Pisar <ppisar@redhat.com> - 1:2.0129-4
- Rename perl dependency in scriptlets