From 7005fb8af628193ae6af840350e4e87cb3be19ec Mon Sep 17 00:00:00 2001
From: Sona Sarmadi <sona.sarmadi@enea.com>
Date: Fri, 18 Aug 2017 13:24:05 +0200
Subject: libxslt: Fix CVE-2015-9019

Fixes a  vulnerability in libxslt where the EXSLT math.random
function was not initialized with a random seed during startup,
which could cause usage of this function to produce predictable outputs.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-9019

Upstream patch:
https://bug758400.bugzilla-attachments.gnome.org/attachment.cgi?id=349240&action=diff&collapsed=&context=patch&format=raw&headers=1

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
---
 .../libxslt/libxslt/CVE-2015-9019.patch            | 55 ++++++++++++++++++++++
 recipes-support/libxslt/libxslt_%.bbappend         |  5 ++
 2 files changed, 60 insertions(+)
 create mode 100644 recipes-support/libxslt/libxslt/CVE-2015-9019.patch
 create mode 100644 recipes-support/libxslt/libxslt_%.bbappend

diff --git a/recipes-support/libxslt/libxslt/CVE-2015-9019.patch b/recipes-support/libxslt/libxslt/CVE-2015-9019.patch
new file mode 100644
index 0000000..1ab8225
--- /dev/null
+++ b/recipes-support/libxslt/libxslt/CVE-2015-9019.patch
@@ -0,0 +1,55 @@
+commit 047a0fd99e64c554c4edf44cc67ee765b09af017
+Author: Marcus Meissner <meissner@suse.de>
+Date:   Tue Apr 4 16:27:39 2017 +0200
+
+initialize the random seed
+
+In libxslt 1.1.29 and earlier, the EXSLT math.random function was
+not initialized with a random seed during startup, which could
+cause usage of this function to produce predictable outputs.
+
+CVE: CVE-2015-9019
+Upstream-Status: Backport [https://bug758400.bugzilla-attachments.gnome.org/attachment.cgi?id=349240&action=diff&collapsed=&context=patch&format=raw&headers=1]
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff --git a/libexslt/math.c b/libexslt/math.c
+index 6b24dbe0..b7a8d6e1 100644
+--- a/libexslt/math.c
++++ b/libexslt/math.c
+@@ -23,6 +23,14 @@
+ #ifdef HAVE_STDLIB_H
+ #include <stdlib.h>
+ #endif
++#ifdef HAVE_UNISTD_H
++#include <unistd.h>
++#endif
++#include <fcntl.h>
++#ifdef HAVE_TIME_H
++#include <time.h>
++#endif
++
+ 
+ #include "exslt.h"
+ 
+@@ -474,6 +482,20 @@ static double
+ exsltMathRandom (void) {
+     double ret;
+     int num;
++    long seed;
++    static int randinit = 0;
++
++    if (!randinit) {
++	int fd = open("/dev/urandom",O_RDONLY);
++
++	seed = time(NULL); /* just in case /dev/urandom is not there */
++	if (fd == -1) {
++		read (fd, &seed, sizeof(seed));
++		close (fd);
++	}
++	srand(seed);
++	randinit = 1;
++    }
+ 
+     num = rand();
+     ret = (double)num / (double)RAND_MAX;
diff --git a/recipes-support/libxslt/libxslt_%.bbappend b/recipes-support/libxslt/libxslt_%.bbappend
new file mode 100644
index 0000000..aba6e6a
--- /dev/null
+++ b/recipes-support/libxslt/libxslt_%.bbappend
@@ -0,0 +1,5 @@
+# look for files in the layer first
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+
+SRC_URI += "file://CVE-2015-9019.patch \
+           "
-- 
cgit v1.2.3-54-g00ecf