From 6a272753c81bd9f166a002560d3914588999767d Mon Sep 17 00:00:00 2001 From: Zhipeng Xie Date: Mon, 27 Feb 2023 19:39:37 +0800 Subject: [PATCH] backport upstream patches Signed-off-by: Zhipeng Xie --- ...able-warnings-with-disabled-features.patch | 233 ++++++++++++++++++ ...-xmlStrlen-to-use-POSIX-ISO-C-strlen.patch | 34 +++ ...nite-loop-in-xmlSchemaCheckElemSubst.patch | 31 +++ libxml2.spec | 11 +- 4 files changed, 308 insertions(+), 1 deletion(-) create mode 100644 backport-Fix-unused-variable-warnings-with-disabled-features.patch create mode 100644 backport-Update-xmlStrlen-to-use-POSIX-ISO-C-strlen.patch create mode 100644 backport-schemas-Fix-infinite-loop-in-xmlSchemaCheckElemSubst.patch diff --git a/backport-Fix-unused-variable-warnings-with-disabled-features.patch b/backport-Fix-unused-variable-warnings-with-disabled-features.patch new file mode 100644 index 0000000..0a20a81 --- /dev/null +++ b/backport-Fix-unused-variable-warnings-with-disabled-features.patch @@ -0,0 +1,233 @@ +From 1452dc5373e66a0752364d17ff9416b23e4e2268 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Tue, 22 Feb 2022 19:57:12 +0100 +Subject: [PATCH 1/3] Fix unused variable warnings with disabled features + +--- + SAX2.c | 65 +++++++++++++++++++++++++++++++++--------------------- + encoding.c | 3 +++ + parser.c | 4 ++++ + tree.c | 3 +++ + xmlIO.c | 3 +++ + xmllint.c | 3 +++ + xzlib.c | 8 +++++++ + 7 files changed, 64 insertions(+), 25 deletions(-) + +diff --git a/SAX2.c b/SAX2.c +index ae6181c..8f27113 100644 +--- a/SAX2.c ++++ b/SAX2.c +@@ -180,31 +180,6 @@ xmlWarnMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, + NULL, 0, 0, msg, str1); + } + +-/** +- * xmlNsErrMsg: +- * @ctxt: an XML parser context +- * @error: the error number +- * @msg: the error message +- * @str1: an error string +- * @str2: an error string +- * +- * Handle a namespace error +- */ +-static void LIBXML_ATTR_FORMAT(3,0) +-xmlNsErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, +- const char *msg, const xmlChar *str1, const xmlChar *str2) +-{ +- if ((ctxt != NULL) && (ctxt->disableSAX != 0) && +- (ctxt->instate == XML_PARSER_EOF)) +- return; +- if (ctxt != NULL) +- ctxt->errNo = error; +- __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_NAMESPACE, error, +- XML_ERR_ERROR, NULL, 0, +- (const char *) str1, (const char *) str2, +- NULL, 0, 0, msg, str1, str2); +-} +- + /** + * xmlNsWarnMsg: + * @ctxt: an XML parser context +@@ -709,6 +684,9 @@ xmlSAX2AttributeDecl(void *ctx, const xmlChar *elem, const xmlChar *fullname, + xmlAttributePtr attr; + xmlChar *name = NULL, *prefix = NULL; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) attr; ++ + if ((ctxt == NULL) || (ctxt->myDoc == NULL)) + return; + +@@ -776,6 +754,9 @@ xmlSAX2ElementDecl(void *ctx, const xmlChar * name, int type, + xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; + xmlElementPtr elem = NULL; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) elem; ++ + if ((ctxt == NULL) || (ctxt->myDoc == NULL)) + return; + +@@ -822,6 +803,9 @@ xmlSAX2NotationDecl(void *ctx, const xmlChar *name, + xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; + xmlNotationPtr nota = NULL; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) nota; ++ + if ((ctxt == NULL) || (ctxt->myDoc == NULL)) + return; + +@@ -1051,6 +1035,31 @@ xmlSAX2EndDocument(void *ctx) + } + + #if defined(LIBXML_SAX1_ENABLED) || defined(LIBXML_HTML_ENABLED) || defined(LIBXML_WRITER_ENABLED) || defined(LIBXML_DOCB_ENABLED) || defined(LIBXML_LEGACY_ENABLED) ++/** ++ * xmlNsErrMsg: ++ * @ctxt: an XML parser context ++ * @error: the error number ++ * @msg: the error message ++ * @str1: an error string ++ * @str2: an error string ++ * ++ * Handle a namespace error ++ */ ++static void LIBXML_ATTR_FORMAT(3,0) ++xmlNsErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, ++ const char *msg, const xmlChar *str1, const xmlChar *str2) ++{ ++ if ((ctxt != NULL) && (ctxt->disableSAX != 0) && ++ (ctxt->instate == XML_PARSER_EOF)) ++ return; ++ if (ctxt != NULL) ++ ctxt->errNo = error; ++ __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_NAMESPACE, error, ++ XML_ERR_ERROR, NULL, 0, ++ (const char *) str1, (const char *) str2, ++ NULL, 0, 0, msg, str1, str2); ++} ++ + /** + * xmlSAX2AttributeInternal: + * @ctx: the user data (XML parser context) +@@ -1144,6 +1153,9 @@ xmlSAX2AttributeInternal(void *ctx, const xmlChar *fullname, + xmlNsPtr nsret; + xmlChar *val; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) nsret; ++ + if (!ctxt->replaceEntities) { + ctxt->depth++; + val = xmlStringDecodeEntities(ctxt, value, XML_SUBSTITUTE_REF, +@@ -1206,6 +1218,9 @@ xmlSAX2AttributeInternal(void *ctx, const xmlChar *fullname, + xmlNsPtr nsret; + xmlChar *val; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) nsret; ++ + if (!ctxt->replaceEntities) { + ctxt->depth++; + val = xmlStringDecodeEntities(ctxt, value, XML_SUBSTITUTE_REF, +diff --git a/encoding.c b/encoding.c +index c14c9ff..ba03772 100644 +--- a/encoding.c ++++ b/encoding.c +@@ -2784,6 +2784,9 @@ xmlCharEncCloseFunc(xmlCharEncodingHandler *handler) { + int tofree = 0; + int i, handler_in_list = 0; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) handler_in_list; ++ + if (handler == NULL) return(-1); + if (handler->name == NULL) return(-1); + if (handlers != NULL) { +diff --git a/parser.c b/parser.c +index 0d5bcc1..0bdc252 100644 +--- a/parser.c ++++ b/parser.c +@@ -1106,6 +1106,10 @@ xmlHasFeature(xmlFeature feature) + static void + xmlDetectSAX2(xmlParserCtxtPtr ctxt) { + xmlSAXHandlerPtr sax; ++ ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) sax; ++ + if (ctxt == NULL) return; + sax = ctxt->sax; + #ifdef LIBXML_SAX1_ENABLED +diff --git a/tree.c b/tree.c +index 0cf2483..4345eea 100644 +--- a/tree.c ++++ b/tree.c +@@ -6542,6 +6542,9 @@ xmlGetPropNodeInternal(const xmlNode *node, const xmlChar *name, + { + xmlAttrPtr prop; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) useDTD; ++ + if ((node == NULL) || (node->type != XML_ELEMENT_NODE) || (name == NULL)) + return(NULL); + +diff --git a/xmlIO.c b/xmlIO.c +index 007144c..b716ed3 100644 +--- a/xmlIO.c ++++ b/xmlIO.c +@@ -3821,6 +3821,9 @@ xmlParserGetDirectory(const char *filename) { + */ + xmlParserInputPtr + xmlCheckHTTPInput(xmlParserCtxtPtr ctxt, xmlParserInputPtr ret) { ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) ctxt; ++ + #ifdef LIBXML_HTTP_ENABLED + if ((ret != NULL) && (ret->buf != NULL) && + (ret->buf->readcallback == xmlIOHTTPRead) && +diff --git a/xmllint.c b/xmllint.c +index ee6bfdc..b314189 100644 +--- a/xmllint.c ++++ b/xmllint.c +@@ -3853,6 +3853,9 @@ main(int argc, char **argv) { + xmlFreePattern(patternc); + #endif + ++ /* Avoid unused label warning if features are disabled. */ ++ goto error; ++ + error: + xmlCleanupParser(); + xmlMemoryDump(); +diff --git a/xzlib.c b/xzlib.c +index 9a34738..62cb2b0 100644 +--- a/xzlib.c ++++ b/xzlib.c +@@ -389,6 +389,10 @@ xz_head(xz_statep state) + int flags; + unsigned len; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) flags; ++ (void) len; ++ + /* allocate read buffers and inflate memory */ + if (state->size == 0) { + /* allocate buffers */ +@@ -536,6 +540,10 @@ xz_decomp(xz_statep state) + + lzma_action action = LZMA_RUN; + ++ /* Avoid unused variable warning if features are disabled. */ ++ (void) crc; ++ (void) len; ++ + /* fill output buffer up to end of deflate stream */ + had = strm->avail_out; + do { +-- +2.27.0 + diff --git a/backport-Update-xmlStrlen-to-use-POSIX-ISO-C-strlen.patch b/backport-Update-xmlStrlen-to-use-POSIX-ISO-C-strlen.patch new file mode 100644 index 0000000..d2626e6 --- /dev/null +++ b/backport-Update-xmlStrlen-to-use-POSIX-ISO-C-strlen.patch @@ -0,0 +1,34 @@ +From 43c97c9c203d9920b21db8b1d5a999eac2fa8d69 Mon Sep 17 00:00:00 2001 +From: Mike Dalessio +Date: Mon, 21 Feb 2022 09:35:59 -0500 +Subject: [PATCH 2/3] Update `xmlStrlen()` to use POSIX / ISO C `strlen()` + +This should be faster on a wide range of platforms. + +Closes #212 +--- + xmlstring.c | 8 +------- + 1 file changed, 1 insertion(+), 7 deletions(-) + +diff --git a/xmlstring.c b/xmlstring.c +index 5a6875f..281b8a7 100644 +--- a/xmlstring.c ++++ b/xmlstring.c +@@ -424,13 +424,7 @@ xmlStrsub(const xmlChar *str, int start, int len) { + + int + xmlStrlen(const xmlChar *str) { +- size_t len = 0; +- +- if (str == NULL) return(0); +- while (*str != 0) { /* non input consuming */ +- str++; +- len++; +- } ++ size_t len = str ? strlen((const char *)str) : 0; + return(len > INT_MAX ? 0 : len); + } + +-- +2.27.0 + diff --git a/backport-schemas-Fix-infinite-loop-in-xmlSchemaCheckElemSubst.patch b/backport-schemas-Fix-infinite-loop-in-xmlSchemaCheckElemSubst.patch new file mode 100644 index 0000000..e30f9b7 --- /dev/null +++ b/backport-schemas-Fix-infinite-loop-in-xmlSchemaCheckElemSubst.patch @@ -0,0 +1,31 @@ +From 4a568a14077bd4cf03878ee9e2d8fb7e79ff7641 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Wed, 2 Nov 2022 10:53:24 +0100 +Subject: [PATCH 3/3] schemas: Fix infinite loop in + xmlSchemaCheckElemSubstGroup + +Types like xmlSchemaTypeAnyTypeDef have a base type pointing to itself, +resulting in an infinite loop. + +Fixes #430. +--- + xmlschemas.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index 2da962b..a62db2d 100644 +--- a/xmlschemas.c ++++ b/xmlschemas.c +@@ -19957,7 +19957,8 @@ xmlSchemaCheckElemSubstGroup(xmlSchemaParserCtxtPtr ctxt, + /* + * The set of all {derivation method}s involved in the derivation + */ +- while ((type != NULL) && (type != headType)) { ++ while ((type != NULL) && (type != headType) && ++ (type != type->baseType)) { + if ((WXS_IS_EXTENSION(type)) && + ((methSet & XML_SCHEMAS_TYPE_BLOCK_RESTRICTION) == 0)) + methSet |= XML_SCHEMAS_TYPE_BLOCK_EXTENSION; +-- +2.27.0 + diff --git a/libxml2.spec b/libxml2.spec index 73461c1..b59682e 100644 --- a/libxml2.spec +++ b/libxml2.spec @@ -1,7 +1,7 @@ Summary: Library providing XML and HTML support Name: libxml2 Version: 2.9.14 -Release: 7 +Release: 8 License: MIT Group: Development/Libraries Source: https://download.gnome.org/sources/%{name}/2.9/%{name}-%{version}.tar.xz @@ -19,6 +19,9 @@ Patch9: backport-CVE-2022-40303-Fix-integer-overflows-with-XML_PARSE_.patch Patch10: backport-CVE-2022-40304-Fix-dict-corruption-caused-by-entity-.patch Patch11: backport-schemas-Fix-null-pointer-deref-in-xmlSchemaCheckCOSS.patch Patch12: backport-parser-Fix-potential-memory-leak-in-xmlParseAttValue.patch +Patch13: backport-Fix-unused-variable-warnings-with-disabled-features.patch +Patch14: backport-Update-xmlStrlen-to-use-POSIX-ISO-C-strlen.patch +Patch15: backport-schemas-Fix-infinite-loop-in-xmlSchemaCheckElemSubst.patch BuildRoot: %{_tmppath}/%{name}-%{version}-root BuildRequires: python3-devel @@ -174,6 +177,12 @@ rm -fr %{buildroot} %changelog +* Mon Feb 27 2023 Zhipeng Xie - 2.9.14-8 +- Type:bugfix +- CVE:NA +- SUG:NA +- DESC:backport upstream patches + * Tue Nov 29 2022 Zhipeng Xie - 2.9.14-7 - Type:bugfix - CVE:NA -- Gitee