summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2015-12-05 10:54:29 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-01-14 15:18:27 +0000
commitfdea03df12625eb2d6852decc30a2c6de9a300ad (patch)
tree0949fafc936dafcbbe3f5a4a6357325ee9107c6e
parent6fc1109f5db665e306e4c34d6198251675e15969 (diff)
downloadpoky-fdea03df12625eb2d6852decc30a2c6de9a300ad.tar.gz
libxml2: security fix CVE-2015-8317
(From OE-Core rev: 42086e309dfce3caa05e88681875f5f78cf5f095) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-core/libxml/libxml2.inc1
-rw-r--r--meta/recipes-core/libxml/libxml2/CVE-2015-8317-Fail-parsing-early-on-if-encoding-conversion-failed.patch42
2 files changed, 43 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2.inc b/meta/recipes-core/libxml/libxml2.inc
index 24b98a6f92..84217bf5dd 100644
--- a/meta/recipes-core/libxml/libxml2.inc
+++ b/meta/recipes-core/libxml/libxml2.inc
@@ -23,6 +23,7 @@ SRC_URI = "ftp://xmlsoft.org/libxml2/libxml2-${PV}.tar.gz;name=libtar \
23 file://0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch \ 23 file://0001-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch \
24 file://CVE-2015-7941-1-Stop-parsing-on-entities-boundaries-errors.patch \ 24 file://CVE-2015-7941-1-Stop-parsing-on-entities-boundaries-errors.patch \
25 file://CVE-2015-7941-2-Cleanup-conditional-section-error-handling.patch \ 25 file://CVE-2015-7941-2-Cleanup-conditional-section-error-handling.patch \
26 file://CVE-2015-8317-Fail-parsing-early-on-if-encoding-conversion-failed.patch \
26 " 27 "
27 28
28BINCONFIG = "${bindir}/xml2-config" 29BINCONFIG = "${bindir}/xml2-config"
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2015-8317-Fail-parsing-early-on-if-encoding-conversion-failed.patch b/meta/recipes-core/libxml/libxml2/CVE-2015-8317-Fail-parsing-early-on-if-encoding-conversion-failed.patch
new file mode 100644
index 0000000000..59425cbfc3
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2015-8317-Fail-parsing-early-on-if-encoding-conversion-failed.patch
@@ -0,0 +1,42 @@
1From 709a952110e98621c9b78c4f26462a9d8333102e Mon Sep 17 00:00:00 2001
2From: Daniel Veillard <veillard@redhat.com>
3Date: Mon, 29 Jun 2015 16:10:26 +0800
4Subject: [PATCH] Fail parsing early on if encoding conversion failed
5
6For https://bugzilla.gnome.org/show_bug.cgi?id=751631
7
8If we fail conversing the current input stream while
9processing the encoding declaration of the XMLDecl
10then it's safer to just abort there and not try to
11report further errors.
12
13Upstream-Status: Backport
14
15CVE-2015-8317
16
17Signed-off-by: Armin Kuster <akuster@mvista.com>
18
19---
20 parser.c | 6 +++++-
21 1 file changed, 5 insertions(+), 1 deletion(-)
22
23diff --git a/parser.c b/parser.c
24index a3a9568..0edd53b 100644
25--- a/parser.c
26+++ b/parser.c
27@@ -10471,7 +10471,11 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ctxt) {
28
29 handler = xmlFindCharEncodingHandler((const char *) encoding);
30 if (handler != NULL) {
31- xmlSwitchToEncoding(ctxt, handler);
32+ if (xmlSwitchToEncoding(ctxt, handler) < 0) {
33+ /* failed to convert */
34+ ctxt->errNo = XML_ERR_UNSUPPORTED_ENCODING;
35+ return(NULL);
36+ }
37 } else {
38 xmlFatalErrMsgStr(ctxt, XML_ERR_UNSUPPORTED_ENCODING,
39 "Unsupported encoding %s\n", encoding);
40--
412.3.5
42