diff options
Diffstat (limited to 'meta/recipes-core/libxml/libxml2/CVE-2023-39615-0002.patch')
-rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2023-39615-0002.patch | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2023-39615-0002.patch b/meta/recipes-core/libxml/libxml2/CVE-2023-39615-0002.patch new file mode 100644 index 0000000000..ebd9868fac --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2023-39615-0002.patch | |||
@@ -0,0 +1,71 @@ | |||
1 | From 235b15a590eecf97b09e87bdb7e4f8333e9de129 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Wellnhofer <wellnhofer@aevum.de> | ||
3 | Date: Mon, 8 May 2023 17:58:02 +0200 | ||
4 | Subject: [PATCH] SAX: Always initialize SAX1 element handlers | ||
5 | |||
6 | Follow-up to commit d0c3f01e. A parser context will be initialized to | ||
7 | SAX version 2, but this can be overridden with XML_PARSE_SAX1 later, | ||
8 | so we must initialize the SAX1 element handlers as well. | ||
9 | |||
10 | Change the check in xmlDetectSAX2 to only look for XML_SAX2_MAGIC, so | ||
11 | we don't switch to SAX1 if the SAX2 element handlers are NULL. | ||
12 | |||
13 | Upstream-Status: Backport from [https://gitlab.gnome.org/GNOME/libxml2/-/commit/235b15a590eecf97b09e87bdb7e4f8333e9de129] | ||
14 | CVE: CVE-2023-39615 | ||
15 | Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> | ||
16 | --- | ||
17 | SAX2.c | 11 +++++++---- | ||
18 | parser.c | 5 +---- | ||
19 | 2 files changed, 8 insertions(+), 8 deletions(-) | ||
20 | |||
21 | diff --git a/SAX2.c b/SAX2.c | ||
22 | index 5f141f9..902d34d 100644 | ||
23 | --- a/SAX2.c | ||
24 | +++ b/SAX2.c | ||
25 | @@ -2869,20 +2869,23 @@ xmlSAXVersion(xmlSAXHandler *hdlr, int version) | ||
26 | { | ||
27 | if (hdlr == NULL) return(-1); | ||
28 | if (version == 2) { | ||
29 | - hdlr->startElement = NULL; | ||
30 | - hdlr->endElement = NULL; | ||
31 | hdlr->startElementNs = xmlSAX2StartElementNs; | ||
32 | hdlr->endElementNs = xmlSAX2EndElementNs; | ||
33 | hdlr->serror = NULL; | ||
34 | hdlr->initialized = XML_SAX2_MAGIC; | ||
35 | #ifdef LIBXML_SAX1_ENABLED | ||
36 | } else if (version == 1) { | ||
37 | - hdlr->startElement = xmlSAX2StartElement; | ||
38 | - hdlr->endElement = xmlSAX2EndElement; | ||
39 | hdlr->initialized = 1; | ||
40 | #endif /* LIBXML_SAX1_ENABLED */ | ||
41 | } else | ||
42 | return(-1); | ||
43 | +#ifdef LIBXML_SAX1_ENABLED | ||
44 | + hdlr->startElement = xmlSAX2StartElement; | ||
45 | + hdlr->endElement = xmlSAX2EndElement; | ||
46 | +#else | ||
47 | + hdlr->startElement = NULL; | ||
48 | + hdlr->endElement = NULL; | ||
49 | +#endif /* LIBXML_SAX1_ENABLED */ | ||
50 | hdlr->internalSubset = xmlSAX2InternalSubset; | ||
51 | hdlr->externalSubset = xmlSAX2ExternalSubset; | ||
52 | hdlr->isStandalone = xmlSAX2IsStandalone; | ||
53 | diff --git a/parser.c b/parser.c | ||
54 | index 7814e6e..cf0fb38 100644 | ||
55 | --- a/parser.c | ||
56 | +++ b/parser.c | ||
57 | @@ -1102,10 +1102,7 @@ xmlDetectSAX2(xmlParserCtxtPtr ctxt) { | ||
58 | if (ctxt == NULL) return; | ||
59 | sax = ctxt->sax; | ||
60 | #ifdef LIBXML_SAX1_ENABLED | ||
61 | - if ((sax) && (sax->initialized == XML_SAX2_MAGIC) && | ||
62 | - ((sax->startElementNs != NULL) || | ||
63 | - (sax->endElementNs != NULL) || | ||
64 | - ((sax->startElement == NULL) && (sax->endElement == NULL)))) | ||
65 | + if ((sax) && (sax->initialized == XML_SAX2_MAGIC)) | ||
66 | ctxt->sax2 = 1; | ||
67 | #else | ||
68 | ctxt->sax2 = 1; | ||
69 | -- | ||
70 | 2.24.4 | ||
71 | |||