From f5d43a784c86964e057c2d90de8ea98ec6a293ec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= Date: Tue, 28 Nov 2023 16:10:34 +0100 Subject: [PATCH] Restore compatibility with libxml-2.12.0 --- ...rnal-entity-from-an-ext_ent_handler-.patch | 76 +++++++++++++++++++ ...nction-prototypes-in-function-pointe.patch | 54 +++++++++++++ perl-XML-LibXML.spec | 14 +++- 3 files changed, 140 insertions(+), 4 deletions(-) create mode 100644 XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch create mode 100644 XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch diff --git a/XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch b/XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch new file mode 100644 index 0000000..693da9e --- /dev/null +++ b/XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch @@ -0,0 +1,76 @@ +From c2e705e650bc5569a7ea3b7c7ebace23538be808 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Tue, 28 Nov 2023 15:35:10 +0100 +Subject: [PATCH 2/2] Fix copying external entity from an ext_ent_handler + handler +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +With libxml2-2.12.0 and perl-5.38.0 t/44extent.t failed: + + $ perl -Iblib/{lib,arch} ./t/44extent.t + 1..7 + Entity: line 1: parser error : Char 0x0 out of allowed range + pseudoroot + ^ + Entity: line 1: parser error : PCDATA invalid Char value 0 + pseudoroot + ^ + [...] + :8: parser error : Entity 'b' failed to parse + &b; + ^ + # Looks like your test exited with 2 before it could output anything. + +The cause was xmlParserInputBufferCreateMem() which does not copy a supplied +buffer. A string returned by the ext_ent_handler handler. As a result, libxml2 +read from a deallocated memory parsing random garbage. + +This patch fixes it by copying the string with +xmlParserInputBufferPush(). + +https://github.com/shlomif/perl-XML-LibXML/issues/81 +Signed-off-by: Petr Písař +--- + LibXML.xs | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +diff --git a/LibXML.xs b/LibXML.xs +index b5b0b95..7e21ea8 100644 +--- a/LibXML.xs ++++ b/LibXML.xs +@@ -25,6 +25,7 @@ extern "C" { + #include "Av_CharPtrPtr.h" /* XS_*_charPtrPtr() */ + + #include ++#include /* INT_MAX */ + + #ifndef WIN32 + #include +@@ -869,11 +870,17 @@ LibXML_load_external_entity( + results = POPs; + + results_pv = SvPV(results, results_len); +- input_buf = xmlParserInputBufferCreateMem( +- results_pv, +- results_len, +- XML_CHAR_ENCODING_NONE +- ); ++ if (results_len > INT_MAX) { ++ croak("a buffer would be too big\n"); ++ } ++ input_buf = xmlAllocParserInputBuffer(XML_CHAR_ENCODING_NONE); ++ if (!input_buf) { ++ croak("cannot create a buffer!\n"); ++ } ++ if (-1 == xmlParserInputBufferPush(input_buf, (int)results_len, results_pv)) { ++ xmlFreeParserInputBuffer(input_buf); ++ croak("cannot push an external entity into a buffer!\n"); ++ } + + PUTBACK; + FREETMPS; +-- +2.42.0 + diff --git a/XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch b/XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch new file mode 100644 index 0000000..2fa2705 --- /dev/null +++ b/XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch @@ -0,0 +1,54 @@ +From 8751785951fbde48ffa16a476da3e4adb2bbcde5 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 16 Jan 2023 18:50:10 -0800 +Subject: [PATCH 1/2] libxml-mm: Fix function prototypes in function pointers +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is now detected with latest clang16+ + +Fixes +error: incompatible function pointer types passing 'void (void *, void *, xmlChar *)' (aka 'void (void *, void *, unsigned char *)') to parameter of type 'xmlHashScanner' (aka 'void (*)(void *, void *, const unsigned char *)') [-Wincompatible-function-pointer-types] + xmlHashScan(r, PmmRegistryDumpHashScanner, NULL); + +Signed-off-by: Khem Raj +Signed-off-by: Petr Písař +--- + perl-libxml-mm.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/perl-libxml-mm.c b/perl-libxml-mm.c +index a3e78a2..ec2b5ea 100644 +--- a/perl-libxml-mm.c ++++ b/perl-libxml-mm.c +@@ -121,7 +121,7 @@ PmmFreeHashTable(xmlHashTablePtr table) + extern SV* PROXY_NODE_REGISTRY_MUTEX; + + /* Utility method used by PmmDumpRegistry */ +-void PmmRegistryDumpHashScanner(void * payload, void * data, xmlChar * name) ++void PmmRegistryDumpHashScanner(void * payload, void * data, const xmlChar * name) + { + LocalProxyNodePtr lp = (LocalProxyNodePtr) payload; + ProxyNodePtr node = (ProxyNodePtr) lp->proxy; +@@ -215,7 +215,7 @@ PmmRegisterProxyNode(ProxyNodePtr proxy) + /* PP: originally this was static inline void, but on AIX the compiler + did not chew it, so I'm removing the inline */ + static void +-PmmRegistryHashDeallocator(void *payload, xmlChar *name) ++PmmRegistryHashDeallocator(void *payload, const xmlChar *name) + { + Safefree((LocalProxyNodePtr) payload); + } +@@ -279,7 +279,7 @@ PmmRegistryREFCNT_dec(ProxyNodePtr proxy) + * internal, used by PmmCloneProxyNodes + */ + void * +-PmmRegistryHashCopier(void *payload, xmlChar *name) ++PmmRegistryHashCopier(void *payload, const xmlChar *name) + { + ProxyNodePtr proxy = ((LocalProxyNodePtr) payload)->proxy; + LocalProxyNodePtr lp; +-- +2.42.0 + diff --git a/perl-XML-LibXML.spec b/perl-XML-LibXML.spec index 51df982..d805af3 100644 --- a/perl-XML-LibXML.spec +++ b/perl-XML-LibXML.spec @@ -8,7 +8,7 @@ Name: perl-XML-LibXML # it might not be needed anymore # this module is maintained, the other is not Version: 2.0209 -Release: 2%{?dist} +Release: 3%{?dist} Epoch: 1 Summary: Perl interface to the libxml2 library License: (GPL-1.0-or-later OR Artistic-1.0-Perl) AND MIT @@ -19,6 +19,11 @@ Source0: https://cpan.metacpan.org/authors/id/S/SH/SHLOMIF/XML-LibXML-%{v Patch0: XML-LibXML-2.0202-Parse-an-ampersand-entity-in-SAX-interface.patch # To reduce dependencies replace Alien::Libxml2 with pkg-config Patch1: XML-LibXML-2.0208-Use-pkgconfig-instead-of-Alien-Libxml2.patch +# Fix callback prototypes, in upstream after 2.0209, bug #2251181 +Patch2: XML-LibXML-2.0209-libxml-mm-Fix-function-prototypes-in-function-pointe.patch +# Adjust external entity callback to libxml2-2.12.0, proposed to the upstream, +# bug #2251181, +Patch3: XML-LibXML-2.0209-Fix-copying-external-entity-from-an-ext_ent_handler-.patch BuildRequires: coreutils BuildRequires: findutils BuildRequires: glibc-common @@ -120,9 +125,7 @@ Tests from %{name}. Execute them with "%{_libexecdir}/%{name}/test". %prep -%setup -q -n XML-LibXML-%{version} -%patch -P0 -p1 -%patch -P1 -p1 +%autosetup -p1 -n XML-LibXML-%{version} chmod -x *.c for i in Changes; do /usr/bin/iconv -f iso8859-1 -t utf-8 $i > $i.conv && /bin/mv -f $i.conv $i @@ -191,6 +194,9 @@ fi %{_libexecdir}/%{name} %changelog +* Tue Nov 28 2023 Petr Pisar - 1:2.0209-3 +- Restore compatibility with libxml-2.12.0 (bug #2251181) + * Fri Jul 21 2023 Fedora Release Engineering - 1:2.0209-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild