aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2021-05-14 11:56:10 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2021-05-14 11:56:10 +0000
commit3ec3aafa689b134df3f999baf8841099c6e8c422 (patch)
tree1b04115a44e8c229d591d6f959d206cda67184ec
parent5c9853dc692f301403ce85f3ce5d94a7660697bf (diff)
downloadaports-3ec3aafa689b134df3f999baf8841099c6e8c422.tar.gz
aports-3ec3aafa689b134df3f999baf8841099c6e8c422.tar.bz2
aports-3ec3aafa689b134df3f999baf8841099c6e8c422.tar.xz
main/libxslt: backport fixes for build with libxml2-2.9.12
reported upstream: https://gitlab.gnome.org/GNOME/libxslt/-/issues/51
-rw-r--r--main/libxslt/APKBUILD15
-rw-r--r--main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch70
-rw-r--r--main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch37
-rw-r--r--main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch42
4 files changed, 161 insertions, 3 deletions
diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD
index 18e3a9782f..542caa143c 100644
--- a/main/libxslt/APKBUILD
+++ b/main/libxslt/APKBUILD
@@ -2,14 +2,18 @@
# Contributor: Francesco Colista <fcolista@alpinelinux.org>
pkgname=libxslt
pkgver=1.1.34
-pkgrel=0
+pkgrel=1
pkgdesc="XML stylesheet transformation library"
url="http://xmlsoft.org/XSLT/"
arch="all"
license="custom"
makedepends="libxml2-dev libgcrypt-dev libgpg-error-dev"
subpackages="$pkgname-dev $pkgname-doc"
-source="http://xmlsoft.org/sources/libxslt-$pkgver.tar.gz"
+source="http://xmlsoft.org/sources/libxslt-$pkgver.tar.gz
+ Stop-using-maxParserDepth-XPath-limit.patch
+ Transfer-XPath-limits-to-XPtr-context.patch
+ Dont-set-maxDepth-in-XPath-contexts.patch
+ "
# secfixes:
# 1.1.34-r0:
@@ -43,4 +47,9 @@ package() {
make DESTDIR="$pkgdir" install
install -D -m644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
}
-sha512sums="1516a11ad608b04740674060d2c5d733b88889de5e413b9a4e8bf8d1a90d712149df6d2b1345b615f529d7c7d3fa6dae12e544da828b39c7d415e54c0ee0776b libxslt-1.1.34.tar.gz"
+sha512sums="
+1516a11ad608b04740674060d2c5d733b88889de5e413b9a4e8bf8d1a90d712149df6d2b1345b615f529d7c7d3fa6dae12e544da828b39c7d415e54c0ee0776b libxslt-1.1.34.tar.gz
+e79a19b902dc72f9b04a70dfa9a4e242dced6903f3c78ed2aa562eebc99156ca71fe7f83662bafd94d1da7fdc8e447faee13d1c5e0bcf21b6a99eddbcccea129 Stop-using-maxParserDepth-XPath-limit.patch
+886c8a3b71848458d5713c998e473bfbdaed422110dd79d32eda514c9b24a404fd3a8c734b8ebc8c55d1c70eaf779c4ee6472e86f8666219b28e71dc1b894b8f Transfer-XPath-limits-to-XPtr-context.patch
+c4052ad3f0ffe737f8be4606ab1f65069a4c3eee18c4f34b0c4d6c6db4757b28c063bba029e031b2075954461f1cf0a4c1ed4db098289d60a8319f4c3358feb9 Dont-set-maxDepth-in-XPath-contexts.patch
+"
diff --git a/main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch b/main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch
new file mode 100644
index 0000000000..6b9dab8a85
--- /dev/null
+++ b/main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch
@@ -0,0 +1,70 @@
+From 77c26bad0433541f486b1e7ced44ca9979376908 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 26 Aug 2020 00:34:38 +0200
+Subject: [PATCH] Don't set maxDepth in XPath contexts
+
+The maximum recursion depth is hardcoded in libxml2 now.
+---
+ libxslt/functions.c | 2 +-
+ tests/fuzz/fuzz.c | 11 ++---------
+ 2 files changed, 3 insertions(+), 10 deletions(-)
+
+diff --git a/libxslt/functions.c b/libxslt/functions.c
+index 975ea790..7887dda7 100644
+--- a/libxslt/functions.c
++++ b/libxslt/functions.c
+@@ -182,7 +182,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI)
+ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
+ xptrctxt->opLimit = ctxt->context->opLimit;
+ xptrctxt->opCount = ctxt->context->opCount;
+- xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth;
++ xptrctxt->depth = ctxt->context->depth;
+
+ resObj = xmlXPtrEval(fragment, xptrctxt);
+
+diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c
+index 75234ad6..780c2d41 100644
+--- a/tests/fuzz/fuzz.c
++++ b/tests/fuzz/fuzz.c
+@@ -183,7 +183,6 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
+ xpctxt = tctxt->xpathCtxt;
+
+ /* Resource limits to avoid timeouts and call stack overflows */
+- xpctxt->maxDepth = 500;
+ xpctxt->opLimit = 500000;
+
+ /* Test namespaces used in xpath.xml */
+@@ -314,12 +313,6 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
+ return 0;
+ }
+
+-static void
+-xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) {
+- ctxt->maxDepth = 200;
+- ctxt->opLimit = 100000;
+-}
+-
+ xmlChar *
+ xsltFuzzXslt(const char *data, size_t size) {
+ xmlDocPtr xsltDoc;
+@@ -349,7 +342,7 @@ xsltFuzzXslt(const char *data, size_t size) {
+ xmlFreeDoc(xsltDoc);
+ return NULL;
+ }
+- xsltSetXPathResourceLimits(sheet->xpathCtxt);
++ sheet->xpathCtxt->opLimit = 100000;
+ sheet->xpathCtxt->opCount = 0;
+ if (xsltParseStylesheetUser(sheet, xsltDoc) != 0) {
+ xsltFreeStylesheet(sheet);
+@@ -361,7 +354,7 @@ xsltFuzzXslt(const char *data, size_t size) {
+ xsltSetCtxtSecurityPrefs(sec, ctxt);
+ ctxt->maxTemplateDepth = 100;
+ ctxt->opLimit = 20000;
+- xsltSetXPathResourceLimits(ctxt->xpathCtxt);
++ ctxt->xpathCtxt->opLimit = 100000;
+ ctxt->xpathCtxt->opCount = sheet->xpathCtxt->opCount;
+
+ result = xsltApplyStylesheetUser(sheet, doc, NULL, NULL, NULL, ctxt);
+--
+GitLab
+
diff --git a/main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch b/main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch
new file mode 100644
index 0000000000..ee9c2aad6b
--- /dev/null
+++ b/main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch
@@ -0,0 +1,37 @@
+From 9ae2f94df1721e002941b40665efb762aefcea1a Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 17 Aug 2020 03:42:11 +0200
+Subject: [PATCH] Stop using maxParserDepth XPath limit
+
+This will be removed again from libxml2.
+---
+ tests/fuzz/fuzz.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c
+index f502ca2c..75234ad6 100644
+--- a/tests/fuzz/fuzz.c
++++ b/tests/fuzz/fuzz.c
+@@ -183,8 +183,7 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
+ xpctxt = tctxt->xpathCtxt;
+
+ /* Resource limits to avoid timeouts and call stack overflows */
+- xpctxt->maxParserDepth = 15;
+- xpctxt->maxDepth = 100;
++ xpctxt->maxDepth = 500;
+ xpctxt->opLimit = 500000;
+
+ /* Test namespaces used in xpath.xml */
+@@ -317,8 +316,7 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p,
+
+ static void
+ xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) {
+- ctxt->maxParserDepth = 15;
+- ctxt->maxDepth = 100;
++ ctxt->maxDepth = 200;
+ ctxt->opLimit = 100000;
+ }
+
+--
+GitLab
+
diff --git a/main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch b/main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch
new file mode 100644
index 0000000000..e943e79045
--- /dev/null
+++ b/main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch
@@ -0,0 +1,42 @@
+From 824657768aea2cce9c23e72ba8085cb5e44350c7 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Mon, 17 Aug 2020 04:27:13 +0200
+Subject: [PATCH] Transfer XPath limits to XPtr context
+
+Expressions like document('doc.xml#xpointer(evil_expr)') ignored the
+XPath limits.
+---
+ libxslt/functions.c | 14 +++++++++++++-
+ 1 file changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/libxslt/functions.c b/libxslt/functions.c
+index b350545a..975ea790 100644
+--- a/libxslt/functions.c
++++ b/libxslt/functions.c
+@@ -178,10 +178,22 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI)
+ goto out_fragment;
+ }
+
++#if LIBXML_VERSION >= 20911 || \
++ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION)
++ xptrctxt->opLimit = ctxt->context->opLimit;
++ xptrctxt->opCount = ctxt->context->opCount;
++ xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth;
++
++ resObj = xmlXPtrEval(fragment, xptrctxt);
++
++ ctxt->context->opCount = xptrctxt->opCount;
++#else
+ resObj = xmlXPtrEval(fragment, xptrctxt);
+- xmlXPathFreeContext(xptrctxt);
+ #endif
+
++ xmlXPathFreeContext(xptrctxt);
++#endif /* LIBXML_XPTR_ENABLED */
++
+ if (resObj == NULL)
+ goto out_fragment;
+
+--
+GitLab
+