rpms/xmlsec1
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: rhbz#1566748

Browse Source 
xmlSecOpenSSLX509DataNodeRead fails to return error
This commit is contained in:
John Dennis 2018-04-12 19:20:39 -04:00
parent 75e45a8a61
commit e373d503fd
2 changed files with 63 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
xmlSecOpenSSLX509DataNodeRead-error.patch Normal file
View File

@ -0,0 +1,55 @@
Please see this bug report for full details:
https://github.com/lsh123/xmlsec/issues/164
commit e303e077fb3e13654ba711b2816ff1a94247338b
Author: lsh123 <aleksey@aleksey.com>
Date: Wed Apr 11 17:13:43 2018 -1000
Add missing return(-1). (#165)
Fixed issue #164. All other crypto libraries are ok.
diff --git a/src/openssl/x509.c b/src/openssl/x509.c
index 15fe70db..b98e62d1 100644
--- a/src/openssl/x509.c
+++ b/src/openssl/x509.c
@@ -870,6 +870,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
xmlSecInternalError2("xmlSecOpenSSLX509CertificateNodeRead",
xmlSecKeyDataGetName(data),
"node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SubjectName, xmlSecDSigNs)) {
ret = xmlSecOpenSSLX509SubjectNameNodeRead(data, cur, keyInfoCtx);
@@ -877,6 +878,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
xmlSecInternalError2("xmlSecOpenSSLX509SubjectNameNodeRead",
xmlSecKeyDataGetName(data),
"node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509IssuerSerial, xmlSecDSigNs)) {
ret = xmlSecOpenSSLX509IssuerSerialNodeRead(data, cur, keyInfoCtx);
@@ -884,6 +886,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
xmlSecInternalError2("xmlSecOpenSSLX509IssuerSerialNodeRead",
xmlSecKeyDataGetName(data),
"node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509SKI, xmlSecDSigNs)) {
ret = xmlSecOpenSSLX509SKINodeRead(data, cur, keyInfoCtx);
@@ -891,6 +894,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
xmlSecInternalError2("xmlSecOpenSSLX509SKINodeRead",
xmlSecKeyDataGetName(data),
"node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
}
} else if(xmlSecCheckNodeName(cur, xmlSecNodeX509CRL, xmlSecDSigNs)) {
ret = xmlSecOpenSSLX509CRLNodeRead(data, cur, keyInfoCtx);
@@ -898,6 +902,7 @@ xmlSecOpenSSLX509DataNodeRead(xmlSecKeyDataPtr data, xmlNodePtr node, xmlSecKeyI
xmlSecInternalError2("xmlSecOpenSSLX509CRLNodeRead",
xmlSecKeyDataGetName(data),
"node=%s", xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
}
} else if((keyInfoCtx->flags & XMLSEC_KEYINFO_FLAGS_X509DATA_STOP_ON_UNKNOWN_CHILD) != 0) {
/* laxi schema validation: ignore unknown nodes */

9
xmlsec1.spec
View File

@ -1,7 +1,7 @@
Summary: Library providing support for "XML Signature" and "XML Encryption" standards
Name: xmlsec1
Version: 1.2.25
Release: 3%{?dist}%{?extra_release}
Release: 4%{?dist}%{?extra_release}
License: MIT
Source0: http://www.aleksey.com/xmlsec/download/xmlsec1-%{version}.tar.gz
URL: http://www.aleksey.com/xmlsec/
@ -19,6 +19,8 @@ BuildRequires: automake
BuildRequires: gettext-devel
BuildRequires: libtool
Patch1: xmlSecOpenSSLX509DataNodeRead-error.patch
%description
XML Security Library is a C library based on LibXML2 and OpenSSL.
The library was created with a goal to support major XML security
@ -101,6 +103,7 @@ Libraries, includes, etc. for developing XML Security applications with NSS.
%prep
%setup -q
%patch1 -p1
%build
autoreconf -vfi
@ -177,6 +180,10 @@ mv %{buildroot}%{_docdir}/xmlsec1/* __tmp_doc
%{_libdir}/pkgconfig/xmlsec1-nss.pc
%changelog
* Thu Apr 12 2018 John Dennis <jdennis@redhat.com> - 1.2.25-4
- Resolves: rhbz#1566748
xmlSecOpenSSLX509DataNodeRead fails to return error
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.25-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild