summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/libxslt
diff options
context:
space:
mode:
authorAlexander Kanavin <alexander.kanavin@linux.intel.com>2017-10-04 14:35:08 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2017-11-09 12:33:16 +0000
commitc38e700644583b0833e8a9831a7dda3678a7d041 (patch)
treeb356aa39a47c15d8dca7e71d450dc8893a2d852f /meta/recipes-support/libxslt
parentc37b0922db0741cb6e84febc64e99268fdb50502 (diff)
downloadpoky-c38e700644583b0833e8a9831a7dda3678a7d041.tar.gz
libxslt: update to 1.1.31
Drop upstreamed patches, including pkg-config support patch, as upstream now does use pkg-config. configure.in is now configure.ac, adjust recipe accordingly. (From OE-Core rev: e9d487de8b5c03108c8c25c0365d5bd6b48f03e9) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/libxslt')
-rw-r--r--meta/recipes-support/libxslt/libxslt/0001-Check-for-integer-overflow-in-xsltAddTextString.patch80
-rw-r--r--meta/recipes-support/libxslt/libxslt/0001-Link-libraries-with-libm.patch48
-rw-r--r--meta/recipes-support/libxslt/libxslt/0001-Use-pkg-config-to-find-gcrypt-and-libxml2.patch130
-rw-r--r--meta/recipes-support/libxslt/libxslt_1.1.31.bb (renamed from meta/recipes-support/libxslt/libxslt_1.1.29.bb)9
4 files changed, 3 insertions, 264 deletions
diff --git a/meta/recipes-support/libxslt/libxslt/0001-Check-for-integer-overflow-in-xsltAddTextString.patch b/meta/recipes-support/libxslt/libxslt/0001-Check-for-integer-overflow-in-xsltAddTextString.patch
deleted file mode 100644
index 57aaacc587..0000000000
--- a/meta/recipes-support/libxslt/libxslt/0001-Check-for-integer-overflow-in-xsltAddTextString.patch
+++ /dev/null
@@ -1,80 +0,0 @@
1From 08ab2774b870de1c7b5a48693df75e8154addae5 Mon Sep 17 00:00:00 2001
2From: Nick Wellnhofer <wellnhofer@aevum.de>
3Date: Thu, 12 Jan 2017 15:39:52 +0100
4Subject: [PATCH] Check for integer overflow in xsltAddTextString
5
6Limit buffer size in xsltAddTextString to INT_MAX. The issue can be
7exploited to trigger an out of bounds write on 64-bit systems.
8
9Originally reported to Chromium:
10
11https://crbug.com/676623
12
13CVE: CVE-2017-5029
14Upstream-Status: Backport
15
16Signed-off-by: Fan Xin <fan.xin@jp.fujitus.com>
17
18---
19 libxslt/transform.c | 25 ++++++++++++++++++++++---
20 libxslt/xsltInternals.h | 4 ++--
21 2 files changed, 24 insertions(+), 5 deletions(-)
22
23diff --git a/libxslt/transform.c b/libxslt/transform.c
24index 519133f..02bff34 100644
25--- a/libxslt/transform.c
26+++ b/libxslt/transform.c
27@@ -813,13 +813,32 @@ xsltAddTextString(xsltTransformContextPtr ctxt, xmlNodePtr target,
28 return(target);
29
30 if (ctxt->lasttext == target->content) {
31+ int minSize;
32
33- if (ctxt->lasttuse + len >= ctxt->lasttsize) {
34+ /* Check for integer overflow accounting for NUL terminator. */
35+ if (len >= INT_MAX - ctxt->lasttuse) {
36+ xsltTransformError(ctxt, NULL, target,
37+ "xsltCopyText: text allocation failed\n");
38+ return(NULL);
39+ }
40+ minSize = ctxt->lasttuse + len + 1;
41+
42+ if (ctxt->lasttsize < minSize) {
43 xmlChar *newbuf;
44 int size;
45+ int extra;
46+
47+ /* Double buffer size but increase by at least 100 bytes. */
48+ extra = minSize < 100 ? 100 : minSize;
49+
50+ /* Check for integer overflow. */
51+ if (extra > INT_MAX - ctxt->lasttsize) {
52+ size = INT_MAX;
53+ }
54+ else {
55+ size = ctxt->lasttsize + extra;
56+ }
57
58- size = ctxt->lasttsize + len + 100;
59- size *= 2;
60 newbuf = (xmlChar *) xmlRealloc(target->content,size);
61 if (newbuf == NULL) {
62 xsltTransformError(ctxt, NULL, target,
63diff --git a/libxslt/xsltInternals.h b/libxslt/xsltInternals.h
64index 060b178..5ad1771 100644
65--- a/libxslt/xsltInternals.h
66+++ b/libxslt/xsltInternals.h
67@@ -1754,8 +1754,8 @@ struct _xsltTransformContext {
68 * Speed optimization when coalescing text nodes
69 */
70 const xmlChar *lasttext; /* last text node content */
71- unsigned int lasttsize; /* last text node size */
72- unsigned int lasttuse; /* last text node use */
73+ int lasttsize; /* last text node size */
74+ int lasttuse; /* last text node use */
75 /*
76 * Per Context Debugging
77 */
78--
791.9.1
80
diff --git a/meta/recipes-support/libxslt/libxslt/0001-Link-libraries-with-libm.patch b/meta/recipes-support/libxslt/libxslt/0001-Link-libraries-with-libm.patch
deleted file mode 100644
index 16ffeba106..0000000000
--- a/meta/recipes-support/libxslt/libxslt/0001-Link-libraries-with-libm.patch
+++ /dev/null
@@ -1,48 +0,0 @@
1From 487e2f7e35dad3deec7978ce4478a3d4ea5070e7 Mon Sep 17 00:00:00 2001
2From: Jussi Kukkonen <jussi.kukkonen@intel.com>
3Date: Fri, 10 Feb 2017 14:26:59 +0200
4Subject: [PATCH] Link libraries with libm
5
6Otherwise linking the resulting libraries to a binary (e.g. xsltproc)
7fails when using gold linker:
8| ../libxslt/.libs/libxslt.so: error: undefined reference to 'fmod'
9| ../libxslt/.libs/libxslt.so: error: undefined reference to 'pow'
10| ../libexslt/.libs/libexslt.so: error: undefined reference to 'floor'
11| collect2: error: ld returned 1 exit status
12
13Upstream-Status: Submitted [mailing list, Feb 10 2017]
14Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
15---
16 libexslt/Makefile.am | 2 +-
17 libxslt/Makefile.am | 2 +-
18 2 files changed, 2 insertions(+), 2 deletions(-)
19
20diff --git a/libexslt/Makefile.am b/libexslt/Makefile.am
21index 1cf5138..5449524 100644
22--- a/libexslt/Makefile.am
23+++ b/libexslt/Makefile.am
24@@ -27,7 +27,7 @@ libexslt_la_SOURCES = \
25 libexslt.h \
26 dynamic.c
27
28-libexslt_la_LIBADD = $(top_builddir)/libxslt/libxslt.la $(EXTRA_LIBS) $(LIBGCRYPT_LIBS)
29+libexslt_la_LIBADD = $(top_builddir)/libxslt/libxslt.la $(EXTRA_LIBS) $(LIBGCRYPT_LIBS) $(M_LIBS)
30 libexslt_la_LDFLAGS = $(WIN32_EXTRA_LDFLAGS) -version-info $(LIBEXSLT_VERSION_INFO)
31
32 man_MANS = libexslt.3
33diff --git a/libxslt/Makefile.am b/libxslt/Makefile.am
34index d9fed68..9d44c3d 100644
35--- a/libxslt/Makefile.am
36+++ b/libxslt/Makefile.am
37@@ -62,7 +62,7 @@ else
38 LIBXSLT_VERSION_SCRIPT =
39 endif
40
41-libxslt_la_LIBADD = $(LIBXML_LIBS) $(EXTRA_LIBS)
42+libxslt_la_LIBADD = $(LIBXML_LIBS) $(M_LIBS) $(EXTRA_LIBS)
43 libxslt_la_LDFLAGS = \
44 $(WIN32_EXTRA_LDFLAGS) \
45 $(LIBXSLT_VERSION_SCRIPT) \
46--
472.1.4
48
diff --git a/meta/recipes-support/libxslt/libxslt/0001-Use-pkg-config-to-find-gcrypt-and-libxml2.patch b/meta/recipes-support/libxslt/libxslt/0001-Use-pkg-config-to-find-gcrypt-and-libxml2.patch
deleted file mode 100644
index 71867067b6..0000000000
--- a/meta/recipes-support/libxslt/libxslt/0001-Use-pkg-config-to-find-gcrypt-and-libxml2.patch
+++ /dev/null
@@ -1,130 +0,0 @@
1From ed71ac9548a2bb6ecd2dc5ad880c604975f872b0 Mon Sep 17 00:00:00 2001
2From: Alexander Kanavin <alex.kanavin@gmail.com>
3Date: Thu, 2 Jun 2016 14:20:04 +0300
4Subject: [PATCH] Use pkg-config to find gcrypt and libxml2.
5
6Upstream-Status: Pending [libxml2 is upstreamable]
7
8RP 2014/5/22
9
10Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
11---
12 configure.in | 70 +++++++++++-------------------------------------------------
13 1 file changed, 12 insertions(+), 58 deletions(-)
14
15diff --git a/configure.in b/configure.in
16index 8bdf45a..0b2b312 100644
17--- a/configure.in
18+++ b/configure.in
19@@ -377,6 +377,8 @@ AC_SUBST(pythondir)
20 AC_SUBST(PYTHON_SUBDIR)
21 AC_SUBST(PYTHON_LIBS)
22
23+PKG_PROG_PKG_CONFIG
24+
25 AC_ARG_WITH(crypto, [ --with-crypto Add crypto support to exslt (on)])
26 WITH_CRYPTO=0
27 CRYPTO_TESTDIR=
28@@ -394,27 +396,14 @@ case $host in
29 CRYPTO_TESTDIR=crypto
30 ;;
31 *)
32- AC_PATH_TOOL(LIBGCRYPT_CONFIG, libgcrypt-config, no)
33- if test "$LIBGCRYPT_CONFIG" != "no" ; then
34- LIBGCRYPT_VERSION=`$LIBGCRYPT_CONFIG --version`
35- if test VERSION_TO_NUMBER(echo $LIBGCRYPT_VERSION) -lt VERSION_TO_NUMBER(echo "1.1.42")
36- then
37- LIBGCRYPT_CFLAGS=""
38- LIBGCRYPT_LIBS=""
39- echo 'gcrypt library version < 1.1.42 - Crypto extensions will not be available.'
40- else
41- LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG $libgcrypt_config_args --cflags`
42- LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG $libgcrypt_config_args --libs`
43- AC_DEFINE(HAVE_GCRYPT, 1, [Define if gcrypt library is available.])
44- echo 'Crypto extensions will be available.'
45+ PKG_CHECK_MODULES(LIBGCRYPT, [libgcrypt >= 1.1.42], [
46+ AC_DEFINE(HAVE_GCRYPT, 1, [Define if gcrypt library is available.])
47+ echo 'Crypto extensions will be available.'
48 WITH_CRYPTO=1
49 CRYPTO_TESTDIR=crypto
50- fi
51- else
52- LIBGCRYPT_CFLAGS=""
53- LIBGCRYPT_LIBS=""
54- echo 'Crypto extensions will not be available. Install libgcrypt and reconfigure to make available.'
55- fi
56+ ], [
57+ echo 'Crypto extensions will not be available. Install libgcrypt >= 1.1.42 and reconfigure to make available.'
58+ ])
59 esac
60 fi
61 AC_SUBST(WITH_CRYPTO)
62@@ -476,24 +465,8 @@ dnl original work - Mathieu Lacage 30/03/2000
63 dnl some tweaking - David Härdeman 30/10/2001
64 dnl
65
66-LIBXML_CONFIG_PREFIX=""
67 LIBXML_SRC=""
68
69-AC_ARG_WITH(libxml-prefix,
70- [ --with-libxml-prefix=[PFX] Specify location of libxml config],
71- LIBXML_CONFIG_PREFIX=$withval
72-)
73-
74-AC_ARG_WITH(libxml-include-prefix,
75- [ --with-libxml-include-prefix=[PFX] Specify location of libxml headers],
76- LIBXML_CFLAGS="-I$withval"
77-)
78-
79-AC_ARG_WITH(libxml-libs-prefix,
80- [ --with-libxml-libs-prefix=[PFX] Specify location of libxml libs],
81- LIBXML_LIBS="-L$withval"
82-)
83-
84 AC_ARG_WITH(libxml-src,
85 [ --with-libxml-src=[DIR] For libxml thats not installed yet (sets all three above)],
86 LIBXML_SRC="$withval"
87@@ -556,28 +529,9 @@ then
88 fi
89 fi
90
91-dnl
92-dnl make sure xml2-config is executable,
93-dnl test version and init our variables
94-dnl
95-
96-if ${XML_CONFIG} --libs print > /dev/null 2>&1
97-then
98- XMLVERS=`$XML_CONFIG --version`
99- if test VERSION_TO_NUMBER(echo $XMLVERS) -ge VERSION_TO_NUMBER(echo $LIBXML_REQUIRED_VERSION)
100- then
101- AC_MSG_RESULT($XMLVERS found)
102- else
103- AC_MSG_ERROR(Version $XMLVERS found. You need at least libxml2 $LIBXML_REQUIRED_VERSION for this version of libxslt)
104- fi
105- LIBXML_LIBS="$LIBXML_LIBS `$XML_CONFIG --libs`"
106- if test "x$LIBXML_SRC" = "x"; then
107- LIBXML_CFLAGS="$LIBXML_CFLAGS `$XML_CONFIG --cflags`"
108- fi
109-else
110- AC_MSG_ERROR([Could not find libxml2 anywhere, check ftp://xmlsoft.org/.])
111-fi
112-
113+PKG_CHECK_MODULES(LIBXML, [libxml-2.0 >= $LIBXML_REQUIRED_VERSION],,
114+ [AC_MSG_ERROR([Could not find libxml-2.0 >= $LIBXML_REQUIRED_VERSION anywhere, check ftp://xmlsoft.org/.])]
115+)
116
117 AC_SUBST(CFLAGS)
118 AC_SUBST(CPPFLAGS)
119@@ -602,7 +556,7 @@ fi
120
121 if test "$with_plugins" = "yes" ; then
122 AC_MSG_CHECKING([libxml2 module support])
123- WITH_MODULES="`$XML_CONFIG --modules`"
124+ WITH_MODULES="`$PKG_CONFIG --variable=modules libxml-2.0`"
125 if test "${WITH_MODULES}" = "1"; then
126 AC_MSG_RESULT(yes)
127 else
128--
1292.8.1
130
diff --git a/meta/recipes-support/libxslt/libxslt_1.1.29.bb b/meta/recipes-support/libxslt/libxslt_1.1.31.bb
index d27c706602..77b8b768eb 100644
--- a/meta/recipes-support/libxslt/libxslt_1.1.29.bb
+++ b/meta/recipes-support/libxslt/libxslt_1.1.31.bb
@@ -10,13 +10,10 @@ DEPENDS = "libxml2"
10 10
11SRC_URI = "ftp://xmlsoft.org/libxslt/libxslt-${PV}.tar.gz \ 11SRC_URI = "ftp://xmlsoft.org/libxslt/libxslt-${PV}.tar.gz \
12 file://pkgconfig_fix.patch \ 12 file://pkgconfig_fix.patch \
13 file://0001-Use-pkg-config-to-find-gcrypt-and-libxml2.patch \
14 file://0001-Link-libraries-with-libm.patch \
15 file://0001-Check-for-integer-overflow-in-xsltAddTextString.patch \
16 " 13 "
17 14
18SRC_URI[md5sum] = "a129d3c44c022de3b9dcf6d6f288d72e" 15SRC_URI[md5sum] = "14e9842a70fda476065f2eefcbc29af0"
19SRC_URI[sha256sum] = "b5976e3857837e7617b29f2249ebb5eeac34e249208d31f1fbf7a6ba7a4090ce" 16SRC_URI[sha256sum] = "db25e96b6b801144277e67c05b10560ac09dfff82ccd53a154ce86e43622f3ab"
20 17
21UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar" 18UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar"
22 19
@@ -28,7 +25,7 @@ inherit autotools pkgconfig binconfig-disabled lib_package
28 25
29# We don't DEPEND on binutils for ansidecl.h so ensure we don't use the header 26# We don't DEPEND on binutils for ansidecl.h so ensure we don't use the header
30do_configure_prepend () { 27do_configure_prepend () {
31 sed -i -e 's/ansidecl.h//' ${S}/configure.in 28 sed -i -e 's/ansidecl.h//' ${S}/configure.ac
32 29
33 # The timestamps in the 1.1.28 tarball are messed up causing this file to 30 # The timestamps in the 1.1.28 tarball are messed up causing this file to
34 # appear out of date. Touch it so that we don't try to regenerate it. 31 # appear out of date. Touch it so that we don't try to regenerate it.