1 files changed, 0 insertions, 47 deletions
diff --git a/recipes-core/libxml/libxml2/CVE-2017-0663.patch b/recipes-core/libxml/libxml2/CVE-2017-0663.patch
deleted file mode 100644
index a4f88b6..0000000
--- a/recipes-core/libxml/libxml2/CVE-2017-0663.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 92b9e8c8b3787068565a1820ba575d042f9eec66 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Tue, 6 Jun 2017 12:56:28 +0200
-Subject: Fix type confusion in xmlValidateOneNamespace
-Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on
-namespace declarations make no practical sense anyway.
-Fixes bug 780228.
-Found with libFuzzer and ASan.
-CVE: CVE-2017-0663
-Upstream-Status: Backport [https://git.gnome.org/browse/libxml2/commit/?id=92b9e8c8b3787068565a1820ba575d042f9eec66]
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
- valid.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-diff --git a/valid.c b/valid.c
-index 8075d3a..c51ea29 100644
--- a/valid.c
-+++ b/valid.c
-@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
-        }
-     }
- 
-+    /*
-+     * Casting ns to xmlAttrPtr is wrong. We'd need separate functions
-+     * xmlAddID and xmlAddRef for namespace declarations, but it makes
-+     * no practical sense to use ID types anyway.
-+     */
-+#if 0
-     /* Validity Constraint: ID uniqueness */
-     if (attrDecl->atype == XML_ATTRIBUTE_ID) {
-         if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
-@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) {
-         if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
-            ret = 0;
-     }
-+#endif
- 
-     /* Validity Constraint: Notation Attributes */
-     if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) {
-- 
-cgit v0.12

diff --git a/recipes-core/libxml/libxml2/CVE-2017-0663.patch b/recipes-core/libxml/libxml2/CVE-2017-0663.patch deleted file mode 100644 index a4f88b6..0000000 --- a/recipes-core/libxml/libxml2/CVE-2017-0663.patch +++ /dev/null
@@ -1,47 +0,0 @@
1	From 92b9e8c8b3787068565a1820ba575d042f9eec66 Mon Sep 17 00:00:00 2001
2	From: Nick Wellnhofer <wellnhofer@aevum.de>
3	Date: Tue, 6 Jun 2017 12:56:28 +0200
4	Subject: Fix type confusion in xmlValidateOneNamespace
5
6	Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on
7	namespace declarations make no practical sense anyway.
8
9	Fixes bug 780228.
10
11	Found with libFuzzer and ASan.
12	CVE: CVE-2017-0663
13	Upstream-Status: Backport [https://git.gnome.org/browse/libxml2/commit/?id=92b9e8c8b3787068565a1820ba575d042f9eec66]
14
15	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
16	---
17	valid.c \| 7 +++++++
18	1 file changed, 7 insertions(+)
19
20	diff --git a/valid.c b/valid.c
21	index 8075d3a..c51ea29 100644
22	--- a/valid.c
23	+++ b/valid.c
24	@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar prefix, xmlNsPtr ns, const xmlChar value) {
25	}
26	}
27
28	+ /*
29	+ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions
30	+ * xmlAddID and xmlAddRef for namespace declarations, but it makes
31	+ * no practical sense to use ID types anyway.
32	+ */
33	+#if 0
34	/* Validity Constraint: ID uniqueness */
35	if (attrDecl->atype == XML_ATTRIBUTE_ID) {
36	if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
37	@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar prefix, xmlNsPtr ns, const xmlChar value) {
38	if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL)
39	ret = 0;
40	}
41	+#endif
42
43	/* Validity Constraint: Notation Attributes */
44	if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) {
45	--
46	cgit v0.12
47