diff options
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2016-4448_1.patch | 1067 | ||||
-rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2016-4448_2.patch | 208 | ||||
-rw-r--r-- | meta/recipes-core/libxml/libxml2_2.9.2.bb | 2 |
3 files changed, 1277 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2016-4448_1.patch b/meta/recipes-core/libxml/libxml2/CVE-2016-4448_1.patch new file mode 100644 index 0000000000..1d08e57308 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2016-4448_1.patch | |||
@@ -0,0 +1,1067 @@ | |||
1 | From 4472c3a5a5b516aaf59b89be602fbce52756c3e9 Mon Sep 17 00:00:00 2001 | ||
2 | From: David Kilzer <ddkilzer@webkit.org> | ||
3 | Date: Fri, 13 May 2016 15:13:17 +0800 | ||
4 | Subject: [PATCH] Fix some format string warnings with possible format string | ||
5 | vulnerability | ||
6 | |||
7 | For https://bugzilla.gnome.org/show_bug.cgi?id=761029 | ||
8 | |||
9 | Decorate every method in libxml2 with the appropriate | ||
10 | LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups | ||
11 | following the reports. | ||
12 | |||
13 | Upstream-Status: Backport | ||
14 | CVE: CVE-2016-4448 patch #1 | ||
15 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
16 | |||
17 | --- | ||
18 | HTMLparser.c | 4 +-- | ||
19 | SAX2.c | 12 ++++---- | ||
20 | catalog.c | 2 +- | ||
21 | configure.ac | 4 +-- | ||
22 | debugXML.c | 4 +-- | ||
23 | encoding.c | 2 +- | ||
24 | entities.c | 2 +- | ||
25 | error.c | 2 +- | ||
26 | include/libxml/parserInternals.h | 2 +- | ||
27 | include/libxml/xmlerror.h | 2 +- | ||
28 | include/libxml/xmlstring.h | 8 ++--- | ||
29 | libxml.h | 2 +- | ||
30 | parser.c | 37 +++++++++++----------- | ||
31 | parserInternals.c | 4 +-- | ||
32 | relaxng.c | 4 +-- | ||
33 | schematron.c | 2 +- | ||
34 | testModule.c | 2 +- | ||
35 | valid.c | 8 ++--- | ||
36 | xinclude.c | 4 +-- | ||
37 | xmlIO.c | 14 ++++----- | ||
38 | xmllint.c | 20 ++++++------ | ||
39 | xmlreader.c | 16 +++++++--- | ||
40 | xmlschemas.c | 66 ++++++++++++++++++++-------------------- | ||
41 | xmlstring.c | 4 +-- | ||
42 | xmlwriter.c | 4 +-- | ||
43 | xpath.c | 2 +- | ||
44 | xpointer.c | 2 +- | ||
45 | 27 files changed, 121 insertions(+), 114 deletions(-) | ||
46 | |||
47 | Index: libxml2-2.9.2/HTMLparser.c | ||
48 | =================================================================== | ||
49 | --- libxml2-2.9.2.orig/HTMLparser.c | ||
50 | +++ libxml2-2.9.2/HTMLparser.c | ||
51 | @@ -105,7 +105,7 @@ htmlErrMemory(xmlParserCtxtPtr ctxt, con | ||
52 | * | ||
53 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
54 | */ | ||
55 | -static void | ||
56 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
57 | htmlParseErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
58 | const char *msg, const xmlChar *str1, const xmlChar *str2) | ||
59 | { | ||
60 | @@ -132,7 +132,7 @@ htmlParseErr(xmlParserCtxtPtr ctxt, xmlP | ||
61 | * | ||
62 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
63 | */ | ||
64 | -static void | ||
65 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
66 | htmlParseErrInt(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
67 | const char *msg, int val) | ||
68 | { | ||
69 | Index: libxml2-2.9.2/SAX2.c | ||
70 | =================================================================== | ||
71 | --- libxml2-2.9.2.orig/SAX2.c | ||
72 | +++ libxml2-2.9.2/SAX2.c | ||
73 | @@ -55,7 +55,7 @@ | ||
74 | * @ctxt: an XML validation parser context | ||
75 | * @msg: a string to accompany the error message | ||
76 | */ | ||
77 | -static void | ||
78 | +static void LIBXML_ATTR_FORMAT(2,0) | ||
79 | xmlSAX2ErrMemory(xmlParserCtxtPtr ctxt, const char *msg) { | ||
80 | xmlStructuredErrorFunc schannel = NULL; | ||
81 | const char *str1 = "out of memory\n"; | ||
82 | @@ -93,7 +93,7 @@ xmlSAX2ErrMemory(xmlParserCtxtPtr ctxt, | ||
83 | * | ||
84 | * Handle a validation error | ||
85 | */ | ||
86 | -static void | ||
87 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
88 | xmlErrValid(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
89 | const char *msg, const char *str1, const char *str2) | ||
90 | { | ||
91 | @@ -133,7 +133,7 @@ xmlErrValid(xmlParserCtxtPtr ctxt, xmlPa | ||
92 | * | ||
93 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
94 | */ | ||
95 | -static void | ||
96 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
97 | xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
98 | const char *msg, const xmlChar *str1, const xmlChar *str2) | ||
99 | { | ||
100 | @@ -164,7 +164,7 @@ xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xm | ||
101 | * | ||
102 | * Handle a parser warning | ||
103 | */ | ||
104 | -static void | ||
105 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
106 | xmlWarnMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
107 | const char *msg, const xmlChar *str1) | ||
108 | { | ||
109 | @@ -189,7 +189,7 @@ xmlWarnMsg(xmlParserCtxtPtr ctxt, xmlPar | ||
110 | * | ||
111 | * Handle a namespace error | ||
112 | */ | ||
113 | -static void | ||
114 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
115 | xmlNsErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
116 | const char *msg, const xmlChar *str1, const xmlChar *str2) | ||
117 | { | ||
118 | @@ -213,7 +213,7 @@ xmlNsErrMsg(xmlParserCtxtPtr ctxt, xmlPa | ||
119 | * | ||
120 | * Handle a namespace warning | ||
121 | */ | ||
122 | -static void | ||
123 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
124 | xmlNsWarnMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
125 | const char *msg, const xmlChar *str1, const xmlChar *str2) | ||
126 | { | ||
127 | Index: libxml2-2.9.2/catalog.c | ||
128 | =================================================================== | ||
129 | --- libxml2-2.9.2.orig/catalog.c | ||
130 | +++ libxml2-2.9.2/catalog.c | ||
131 | @@ -238,7 +238,7 @@ xmlCatalogErrMemory(const char *extra) | ||
132 | * | ||
133 | * Handle a catalog error | ||
134 | */ | ||
135 | -static void | ||
136 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
137 | xmlCatalogErr(xmlCatalogEntryPtr catal, xmlNodePtr node, int error, | ||
138 | const char *msg, const xmlChar *str1, const xmlChar *str2, | ||
139 | const xmlChar *str3) | ||
140 | Index: libxml2-2.9.2/configure.ac | ||
141 | =================================================================== | ||
142 | --- libxml2-2.9.2.orig/configure.ac | ||
143 | +++ libxml2-2.9.2/configure.ac | ||
144 | @@ -770,7 +770,7 @@ else | ||
145 | fi | ||
146 | |||
147 | # warnings we'd like to see | ||
148 | - CFLAGS="${CFLAGS} -pedantic -W -Wformat -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls" | ||
149 | + CFLAGS="${CFLAGS} -pedantic -W -Wformat -Wno-format-extra-args -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls" | ||
150 | # warnings we'd like to supress | ||
151 | CFLAGS="${CFLAGS} -Wno-long-long" | ||
152 | case "${host}" in | ||
153 | @@ -990,7 +990,7 @@ if [[ "${LOGNAME}" = "veillard" -a "`pwd | ||
154 | fi | ||
155 | fi | ||
156 | if test "${GCC}" = "yes" ; then | ||
157 | - CFLAGS="-g -O -pedantic -W -Wformat -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls -Wall" | ||
158 | + CFLAGS="-g -O -pedantic -W -Wformat -Wno-format-extra-args -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls -Wall" | ||
159 | fi | ||
160 | STATIC_BINARIES="-static" | ||
161 | dnl -Wcast-qual -ansi | ||
162 | Index: libxml2-2.9.2/debugXML.c | ||
163 | =================================================================== | ||
164 | --- libxml2-2.9.2.orig/debugXML.c | ||
165 | +++ libxml2-2.9.2/debugXML.c | ||
166 | @@ -164,7 +164,7 @@ xmlDebugErr(xmlDebugCtxtPtr ctxt, int er | ||
167 | NULL, NULL, NULL, 0, 0, | ||
168 | "%s", msg); | ||
169 | } | ||
170 | -static void | ||
171 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
172 | xmlDebugErr2(xmlDebugCtxtPtr ctxt, int error, const char *msg, int extra) | ||
173 | { | ||
174 | ctxt->errors++; | ||
175 | @@ -174,7 +174,7 @@ xmlDebugErr2(xmlDebugCtxtPtr ctxt, int e | ||
176 | NULL, NULL, NULL, 0, 0, | ||
177 | msg, extra); | ||
178 | } | ||
179 | -static void | ||
180 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
181 | xmlDebugErr3(xmlDebugCtxtPtr ctxt, int error, const char *msg, const char *extra) | ||
182 | { | ||
183 | ctxt->errors++; | ||
184 | Index: libxml2-2.9.2/encoding.c | ||
185 | =================================================================== | ||
186 | --- libxml2-2.9.2.orig/encoding.c | ||
187 | +++ libxml2-2.9.2/encoding.c | ||
188 | @@ -93,7 +93,7 @@ xmlEncodingErrMemory(const char *extra) | ||
189 | * | ||
190 | * n encoding error | ||
191 | */ | ||
192 | -static void | ||
193 | +static void LIBXML_ATTR_FORMAT(2,0) | ||
194 | xmlEncodingErr(xmlParserErrors error, const char *msg, const char *val) | ||
195 | { | ||
196 | __xmlRaiseError(NULL, NULL, NULL, NULL, NULL, | ||
197 | Index: libxml2-2.9.2/entities.c | ||
198 | =================================================================== | ||
199 | --- libxml2-2.9.2.orig/entities.c | ||
200 | +++ libxml2-2.9.2/entities.c | ||
201 | @@ -83,7 +83,7 @@ xmlEntitiesErrMemory(const char *extra) | ||
202 | * | ||
203 | * Handle an out of memory condition | ||
204 | */ | ||
205 | -static void | ||
206 | +static void LIBXML_ATTR_FORMAT(2,0) | ||
207 | xmlEntitiesErr(xmlParserErrors code, const char *msg) | ||
208 | { | ||
209 | __xmlSimpleError(XML_FROM_TREE, code, NULL, msg, NULL); | ||
210 | Index: libxml2-2.9.2/error.c | ||
211 | =================================================================== | ||
212 | --- libxml2-2.9.2.orig/error.c | ||
213 | +++ libxml2-2.9.2/error.c | ||
214 | @@ -18,7 +18,7 @@ | ||
215 | |||
216 | void XMLCDECL xmlGenericErrorDefaultFunc (void *ctx ATTRIBUTE_UNUSED, | ||
217 | const char *msg, | ||
218 | - ...); | ||
219 | + ...) LIBXML_ATTR_FORMAT(2,3); | ||
220 | |||
221 | #define XML_GET_VAR_STR(msg, str) { \ | ||
222 | int size, prev_size = -1; \ | ||
223 | Index: libxml2-2.9.2/include/libxml/parserInternals.h | ||
224 | =================================================================== | ||
225 | --- libxml2-2.9.2.orig/include/libxml/parserInternals.h | ||
226 | +++ libxml2-2.9.2/include/libxml/parserInternals.h | ||
227 | @@ -351,7 +351,7 @@ XMLPUBFUN void XMLCALL | ||
228 | xmlParserErrors xmlerr, | ||
229 | const char *msg, | ||
230 | const xmlChar * str1, | ||
231 | - const xmlChar * str2); | ||
232 | + const xmlChar * str2) LIBXML_ATTR_FORMAT(3,0); | ||
233 | #endif | ||
234 | |||
235 | /** | ||
236 | Index: libxml2-2.9.2/include/libxml/xmlerror.h | ||
237 | =================================================================== | ||
238 | --- libxml2-2.9.2.orig/include/libxml/xmlerror.h | ||
239 | +++ libxml2-2.9.2/include/libxml/xmlerror.h | ||
240 | @@ -937,7 +937,7 @@ XMLPUBFUN void XMLCALL | ||
241 | int code, | ||
242 | xmlNodePtr node, | ||
243 | const char *msg, | ||
244 | - const char *extra); | ||
245 | + const char *extra) LIBXML_ATTR_FORMAT(4,0); | ||
246 | #endif | ||
247 | #ifdef __cplusplus | ||
248 | } | ||
249 | Index: libxml2-2.9.2/include/libxml/xmlstring.h | ||
250 | =================================================================== | ||
251 | --- libxml2-2.9.2.orig/include/libxml/xmlstring.h | ||
252 | +++ libxml2-2.9.2/include/libxml/xmlstring.h | ||
253 | @@ -97,13 +97,13 @@ XMLPUBFUN xmlChar * XMLCALL | ||
254 | XMLPUBFUN int XMLCALL | ||
255 | xmlStrPrintf (xmlChar *buf, | ||
256 | int len, | ||
257 | - const xmlChar *msg, | ||
258 | - ...); | ||
259 | + const char *msg, | ||
260 | + ...) LIBXML_ATTR_FORMAT(3,4); | ||
261 | XMLPUBFUN int XMLCALL | ||
262 | xmlStrVPrintf (xmlChar *buf, | ||
263 | int len, | ||
264 | - const xmlChar *msg, | ||
265 | - va_list ap); | ||
266 | + const char *msg, | ||
267 | + va_list ap) LIBXML_ATTR_FORMAT(3,0); | ||
268 | |||
269 | XMLPUBFUN int XMLCALL | ||
270 | xmlGetUTF8Char (const unsigned char *utf, | ||
271 | Index: libxml2-2.9.2/libxml.h | ||
272 | =================================================================== | ||
273 | --- libxml2-2.9.2.orig/libxml.h | ||
274 | +++ libxml2-2.9.2/libxml.h | ||
275 | @@ -71,7 +71,7 @@ extern int __xmlRegisterCallbacks; | ||
276 | * internal error reporting routines, shared but not partof the API. | ||
277 | */ | ||
278 | void __xmlIOErr(int domain, int code, const char *extra); | ||
279 | -void __xmlLoaderErr(void *ctx, const char *msg, const char *filename); | ||
280 | +void __xmlLoaderErr(void *ctx, const char *msg, const char *filename) LIBXML_ATTR_FORMAT(2,0); | ||
281 | #ifdef LIBXML_HTML_ENABLED | ||
282 | /* | ||
283 | * internal function of HTML parser needed for xmlParseInNodeContext | ||
284 | Index: libxml2-2.9.2/parser.c | ||
285 | =================================================================== | ||
286 | --- libxml2-2.9.2.orig/parser.c | ||
287 | +++ libxml2-2.9.2/parser.c | ||
288 | @@ -350,7 +350,6 @@ static void | ||
289 | xmlFatalErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *info) | ||
290 | { | ||
291 | const char *errmsg; | ||
292 | - char errstr[129] = ""; | ||
293 | |||
294 | if ((ctxt != NULL) && (ctxt->disableSAX != 0) && | ||
295 | (ctxt->instate == XML_PARSER_EOF)) | ||
296 | @@ -537,15 +536,17 @@ xmlFatalErr(xmlParserCtxtPtr ctxt, xmlPa | ||
297 | default: | ||
298 | errmsg = "Unregistered error message"; | ||
299 | } | ||
300 | - if (info == NULL) | ||
301 | - snprintf(errstr, 128, "%s\n", errmsg); | ||
302 | - else | ||
303 | - snprintf(errstr, 128, "%s: %%s\n", errmsg); | ||
304 | if (ctxt != NULL) | ||
305 | ctxt->errNo = error; | ||
306 | - __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_PARSER, error, | ||
307 | - XML_ERR_FATAL, NULL, 0, info, NULL, NULL, 0, 0, &errstr[0], | ||
308 | - info); | ||
309 | + if (info == NULL) { | ||
310 | + __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_PARSER, error, | ||
311 | + XML_ERR_FATAL, NULL, 0, info, NULL, NULL, 0, 0, "%s\n", | ||
312 | + errmsg); | ||
313 | + } else { | ||
314 | + __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_PARSER, error, | ||
315 | + XML_ERR_FATAL, NULL, 0, info, NULL, NULL, 0, 0, "%s: %s\n", | ||
316 | + errmsg, info); | ||
317 | + } | ||
318 | if (ctxt != NULL) { | ||
319 | ctxt->wellFormed = 0; | ||
320 | if (ctxt->recovery == 0) | ||
321 | @@ -561,7 +562,7 @@ xmlFatalErr(xmlParserCtxtPtr ctxt, xmlPa | ||
322 | * | ||
323 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
324 | */ | ||
325 | -static void | ||
326 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
327 | xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
328 | const char *msg) | ||
329 | { | ||
330 | @@ -589,7 +590,7 @@ xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xm | ||
331 | * | ||
332 | * Handle a warning. | ||
333 | */ | ||
334 | -static void | ||
335 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
336 | xmlWarningMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
337 | const char *msg, const xmlChar *str1, const xmlChar *str2) | ||
338 | { | ||
339 | @@ -627,7 +628,7 @@ xmlWarningMsg(xmlParserCtxtPtr ctxt, xml | ||
340 | * | ||
341 | * Handle a validity error. | ||
342 | */ | ||
343 | -static void | ||
344 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
345 | xmlValidityError(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
346 | const char *msg, const xmlChar *str1, const xmlChar *str2) | ||
347 | { | ||
348 | @@ -667,7 +668,7 @@ xmlValidityError(xmlParserCtxtPtr ctxt, | ||
349 | * | ||
350 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
351 | */ | ||
352 | -static void | ||
353 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
354 | xmlFatalErrMsgInt(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
355 | const char *msg, int val) | ||
356 | { | ||
357 | @@ -697,7 +698,7 @@ xmlFatalErrMsgInt(xmlParserCtxtPtr ctxt, | ||
358 | * | ||
359 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
360 | */ | ||
361 | -static void | ||
362 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
363 | xmlFatalErrMsgStrIntStr(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
364 | const char *msg, const xmlChar *str1, int val, | ||
365 | const xmlChar *str2) | ||
366 | @@ -727,7 +728,7 @@ xmlFatalErrMsgStrIntStr(xmlParserCtxtPtr | ||
367 | * | ||
368 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
369 | */ | ||
370 | -static void | ||
371 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
372 | xmlFatalErrMsgStr(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
373 | const char *msg, const xmlChar * val) | ||
374 | { | ||
375 | @@ -756,7 +757,7 @@ xmlFatalErrMsgStr(xmlParserCtxtPtr ctxt, | ||
376 | * | ||
377 | * Handle a non fatal parser error | ||
378 | */ | ||
379 | -static void | ||
380 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
381 | xmlErrMsgStr(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
382 | const char *msg, const xmlChar * val) | ||
383 | { | ||
384 | @@ -781,7 +782,7 @@ xmlErrMsgStr(xmlParserCtxtPtr ctxt, xmlP | ||
385 | * | ||
386 | * Handle a fatal parser error, i.e. violating Well-Formedness constraints | ||
387 | */ | ||
388 | -static void | ||
389 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
390 | xmlNsErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
391 | const char *msg, | ||
392 | const xmlChar * info1, const xmlChar * info2, | ||
393 | @@ -810,7 +811,7 @@ xmlNsErr(xmlParserCtxtPtr ctxt, xmlParse | ||
394 | * | ||
395 | * Handle a namespace warning error | ||
396 | */ | ||
397 | -static void | ||
398 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
399 | xmlNsWarn(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
400 | const char *msg, | ||
401 | const xmlChar * info1, const xmlChar * info2, | ||
402 | @@ -5538,7 +5539,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt | ||
403 | skipped = SKIP_BLANKS; | ||
404 | if (skipped == 0) { | ||
405 | xmlFatalErrMsg(ctxt, XML_ERR_SPACE_REQUIRED, | ||
406 | - "Space required after '%'\n"); | ||
407 | + "Space required after '%%'\n"); | ||
408 | } | ||
409 | isParameter = 1; | ||
410 | } | ||
411 | Index: libxml2-2.9.2/parserInternals.c | ||
412 | =================================================================== | ||
413 | --- libxml2-2.9.2.orig/parserInternals.c | ||
414 | +++ libxml2-2.9.2/parserInternals.c | ||
415 | @@ -169,7 +169,7 @@ __xmlErrEncoding(xmlParserCtxtPtr ctxt, | ||
416 | * | ||
417 | * Handle an internal error | ||
418 | */ | ||
419 | -static void | ||
420 | +static void LIBXML_ATTR_FORMAT(2,0) | ||
421 | xmlErrInternal(xmlParserCtxtPtr ctxt, const char *msg, const xmlChar * str) | ||
422 | { | ||
423 | if ((ctxt != NULL) && (ctxt->disableSAX != 0) && | ||
424 | @@ -197,7 +197,7 @@ xmlErrInternal(xmlParserCtxtPtr ctxt, co | ||
425 | * | ||
426 | * n encoding error | ||
427 | */ | ||
428 | -static void | ||
429 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
430 | xmlErrEncodingInt(xmlParserCtxtPtr ctxt, xmlParserErrors error, | ||
431 | const char *msg, int val) | ||
432 | { | ||
433 | Index: libxml2-2.9.2/relaxng.c | ||
434 | =================================================================== | ||
435 | --- libxml2-2.9.2.orig/relaxng.c | ||
436 | +++ libxml2-2.9.2/relaxng.c | ||
437 | @@ -507,7 +507,7 @@ xmlRngVErrMemory(xmlRelaxNGValidCtxtPtr | ||
438 | * | ||
439 | * Handle a Relax NG Parsing error | ||
440 | */ | ||
441 | -static void | ||
442 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
443 | xmlRngPErr(xmlRelaxNGParserCtxtPtr ctxt, xmlNodePtr node, int error, | ||
444 | const char *msg, const xmlChar * str1, const xmlChar * str2) | ||
445 | { | ||
446 | @@ -541,7 +541,7 @@ xmlRngPErr(xmlRelaxNGParserCtxtPtr ctxt, | ||
447 | * | ||
448 | * Handle a Relax NG Validation error | ||
449 | */ | ||
450 | -static void | ||
451 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
452 | xmlRngVErr(xmlRelaxNGValidCtxtPtr ctxt, xmlNodePtr node, int error, | ||
453 | const char *msg, const xmlChar * str1, const xmlChar * str2) | ||
454 | { | ||
455 | Index: libxml2-2.9.2/schematron.c | ||
456 | =================================================================== | ||
457 | --- libxml2-2.9.2.orig/schematron.c | ||
458 | +++ libxml2-2.9.2/schematron.c | ||
459 | @@ -245,7 +245,7 @@ xmlSchematronPErrMemory(xmlSchematronPar | ||
460 | * | ||
461 | * Handle a parser error | ||
462 | */ | ||
463 | -static void | ||
464 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
465 | xmlSchematronPErr(xmlSchematronParserCtxtPtr ctxt, xmlNodePtr node, int error, | ||
466 | const char *msg, const xmlChar * str1, const xmlChar * str2) | ||
467 | { | ||
468 | Index: libxml2-2.9.2/testModule.c | ||
469 | =================================================================== | ||
470 | --- libxml2-2.9.2.orig/testModule.c | ||
471 | +++ libxml2-2.9.2/testModule.c | ||
472 | @@ -47,7 +47,7 @@ int main(int argc ATTRIBUTE_UNUSED, char | ||
473 | |||
474 | /* build the module filename, and confirm the module exists */ | ||
475 | xmlStrPrintf(filename, sizeof(filename), | ||
476 | - (const xmlChar*) "%s/testdso%s", | ||
477 | + "%s/testdso%s", | ||
478 | (const xmlChar*)MODULE_PATH, | ||
479 | (const xmlChar*)LIBXML_MODULE_EXTENSION); | ||
480 | |||
481 | Index: libxml2-2.9.2/valid.c | ||
482 | =================================================================== | ||
483 | --- libxml2-2.9.2.orig/valid.c | ||
484 | +++ libxml2-2.9.2/valid.c | ||
485 | @@ -93,7 +93,7 @@ xmlVErrMemory(xmlValidCtxtPtr ctxt, cons | ||
486 | * | ||
487 | * Handle a validation error | ||
488 | */ | ||
489 | -static void | ||
490 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
491 | xmlErrValid(xmlValidCtxtPtr ctxt, xmlParserErrors error, | ||
492 | const char *msg, const char *extra) | ||
493 | { | ||
494 | @@ -137,7 +137,7 @@ xmlErrValid(xmlValidCtxtPtr ctxt, xmlPar | ||
495 | * | ||
496 | * Handle a validation error, provide contextual informations | ||
497 | */ | ||
498 | -static void | ||
499 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
500 | xmlErrValidNode(xmlValidCtxtPtr ctxt, | ||
501 | xmlNodePtr node, xmlParserErrors error, | ||
502 | const char *msg, const xmlChar * str1, | ||
503 | @@ -180,7 +180,7 @@ xmlErrValidNode(xmlValidCtxtPtr ctxt, | ||
504 | * | ||
505 | * Handle a validation error, provide contextual informations | ||
506 | */ | ||
507 | -static void | ||
508 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
509 | xmlErrValidNodeNr(xmlValidCtxtPtr ctxt, | ||
510 | xmlNodePtr node, xmlParserErrors error, | ||
511 | const char *msg, const xmlChar * str1, | ||
512 | @@ -221,7 +221,7 @@ xmlErrValidNodeNr(xmlValidCtxtPtr ctxt, | ||
513 | * | ||
514 | * Handle a validation error, provide contextual information | ||
515 | */ | ||
516 | -static void | ||
517 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
518 | xmlErrValidWarning(xmlValidCtxtPtr ctxt, | ||
519 | xmlNodePtr node, xmlParserErrors error, | ||
520 | const char *msg, const xmlChar * str1, | ||
521 | Index: libxml2-2.9.2/xinclude.c | ||
522 | =================================================================== | ||
523 | --- libxml2-2.9.2.orig/xinclude.c | ||
524 | +++ libxml2-2.9.2/xinclude.c | ||
525 | @@ -125,7 +125,7 @@ xmlXIncludeErrMemory(xmlXIncludeCtxtPtr | ||
526 | * | ||
527 | * Handle an XInclude error | ||
528 | */ | ||
529 | -static void | ||
530 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
531 | xmlXIncludeErr(xmlXIncludeCtxtPtr ctxt, xmlNodePtr node, int error, | ||
532 | const char *msg, const xmlChar *extra) | ||
533 | { | ||
534 | @@ -147,7 +147,7 @@ xmlXIncludeErr(xmlXIncludeCtxtPtr ctxt, | ||
535 | * | ||
536 | * Emit an XInclude warning. | ||
537 | */ | ||
538 | -static void | ||
539 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
540 | xmlXIncludeWarn(xmlXIncludeCtxtPtr ctxt, xmlNodePtr node, int error, | ||
541 | const char *msg, const xmlChar *extra) | ||
542 | { | ||
543 | Index: libxml2-2.9.2/xmlIO.c | ||
544 | =================================================================== | ||
545 | --- libxml2-2.9.2.orig/xmlIO.c | ||
546 | +++ libxml2-2.9.2/xmlIO.c | ||
547 | @@ -1604,7 +1604,7 @@ xmlCreateZMemBuff( int compression ) { | ||
548 | xmlFreeZMemBuff( buff ); | ||
549 | buff = NULL; | ||
550 | xmlStrPrintf(msg, 500, | ||
551 | - (const xmlChar *) "xmlCreateZMemBuff: %s %d\n", | ||
552 | + "xmlCreateZMemBuff: %s %d\n", | ||
553 | "Error initializing compression context. ZLIB error:", | ||
554 | z_err ); | ||
555 | xmlIOErr(XML_IO_WRITE, (const char *) msg); | ||
556 | @@ -1672,7 +1672,7 @@ xmlZMemBuffExtend( xmlZMemBuffPtr buff, | ||
557 | else { | ||
558 | xmlChar msg[500]; | ||
559 | xmlStrPrintf(msg, 500, | ||
560 | - (const xmlChar *) "xmlZMemBuffExtend: %s %lu bytes.\n", | ||
561 | + "xmlZMemBuffExtend: %s %lu bytes.\n", | ||
562 | "Allocation failure extending output buffer to", | ||
563 | new_size ); | ||
564 | xmlIOErr(XML_IO_WRITE, (const char *) msg); | ||
565 | @@ -1718,7 +1718,7 @@ xmlZMemBuffAppend( xmlZMemBuffPtr buff, | ||
566 | if ( z_err != Z_OK ) { | ||
567 | xmlChar msg[500]; | ||
568 | xmlStrPrintf(msg, 500, | ||
569 | - (const xmlChar *) "xmlZMemBuffAppend: %s %d %s - %d", | ||
570 | + "xmlZMemBuffAppend: %s %d %s - %d", | ||
571 | "Compression error while appending", | ||
572 | len, "bytes to buffer. ZLIB error", z_err ); | ||
573 | xmlIOErr(XML_IO_WRITE, (const char *) msg); | ||
574 | @@ -1791,7 +1791,7 @@ xmlZMemBuffGetContent( xmlZMemBuffPtr bu | ||
575 | else { | ||
576 | xmlChar msg[500]; | ||
577 | xmlStrPrintf(msg, 500, | ||
578 | - (const xmlChar *) "xmlZMemBuffGetContent: %s - %d\n", | ||
579 | + "xmlZMemBuffGetContent: %s - %d\n", | ||
580 | "Error flushing zlib buffers. Error code", z_err ); | ||
581 | xmlIOErr(XML_IO_WRITE, (const char *) msg); | ||
582 | } | ||
583 | @@ -1996,7 +1996,7 @@ xmlIOHTTPWrite( void * context, const ch | ||
584 | if ( len < 0 ) { | ||
585 | xmlChar msg[500]; | ||
586 | xmlStrPrintf(msg, 500, | ||
587 | - (const xmlChar *) "xmlIOHTTPWrite: %s\n%s '%s'.\n", | ||
588 | + "xmlIOHTTPWrite: %s\n%s '%s'.\n", | ||
589 | "Error appending to internal buffer.", | ||
590 | "Error sending document to URI", | ||
591 | ctxt->uri ); | ||
592 | @@ -2068,7 +2068,7 @@ xmlIOHTTPCloseWrite( void * context, con | ||
593 | if ( http_content == NULL ) { | ||
594 | xmlChar msg[500]; | ||
595 | xmlStrPrintf(msg, 500, | ||
596 | - (const xmlChar *) "xmlIOHTTPCloseWrite: %s '%s' %s '%s'.\n", | ||
597 | + "xmlIOHTTPCloseWrite: %s '%s' %s '%s'.\n", | ||
598 | "Error retrieving content.\nUnable to", | ||
599 | http_mthd, "data to URI", ctxt->uri ); | ||
600 | xmlIOErr(XML_IO_WRITE, (const char *) msg); | ||
601 | @@ -2140,7 +2140,7 @@ xmlIOHTTPCloseWrite( void * context, con | ||
602 | else { | ||
603 | xmlChar msg[500]; | ||
604 | xmlStrPrintf(msg, 500, | ||
605 | - (const xmlChar *) "xmlIOHTTPCloseWrite: HTTP '%s' of %d %s\n'%s' %s %d\n", | ||
606 | + "xmlIOHTTPCloseWrite: HTTP '%s' of %d %s\n'%s' %s %d\n", | ||
607 | http_mthd, content_lgth, | ||
608 | "bytes to URI", ctxt->uri, | ||
609 | "failed. HTTP return code:", http_rtn ); | ||
610 | Index: libxml2-2.9.2/xmllint.c | ||
611 | =================================================================== | ||
612 | --- libxml2-2.9.2.orig/xmllint.c | ||
613 | +++ libxml2-2.9.2/xmllint.c | ||
614 | @@ -449,7 +449,7 @@ startTimer(void) | ||
615 | * message about the timing performed; format is a printf | ||
616 | * type argument | ||
617 | */ | ||
618 | -static void XMLCDECL | ||
619 | +static void XMLCDECL LIBXML_ATTR_FORMAT(1,2) | ||
620 | endTimer(const char *fmt, ...) | ||
621 | { | ||
622 | long msec; | ||
623 | @@ -485,7 +485,7 @@ startTimer(void) | ||
624 | { | ||
625 | begin = clock(); | ||
626 | } | ||
627 | -static void XMLCDECL | ||
628 | +static void XMLCDECL LIBXML_ATTR_FORMAT(1,2) | ||
629 | endTimer(const char *fmt, ...) | ||
630 | { | ||
631 | long msec; | ||
632 | @@ -514,7 +514,7 @@ startTimer(void) | ||
633 | * Do nothing | ||
634 | */ | ||
635 | } | ||
636 | -static void XMLCDECL | ||
637 | +static void XMLCDECL LIBXML_ATTR_FORMAT(1,2) | ||
638 | endTimer(char *format, ...) | ||
639 | { | ||
640 | /* | ||
641 | @@ -634,7 +634,7 @@ xmlHTMLPrintFileContext(xmlParserInputPt | ||
642 | * Display and format an error messages, gives file, line, position and | ||
643 | * extra parameters. | ||
644 | */ | ||
645 | -static void XMLCDECL | ||
646 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
647 | xmlHTMLError(void *ctx, const char *msg, ...) | ||
648 | { | ||
649 | xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; | ||
650 | @@ -671,7 +671,7 @@ xmlHTMLError(void *ctx, const char *msg, | ||
651 | * Display and format a warning messages, gives file, line, position and | ||
652 | * extra parameters. | ||
653 | */ | ||
654 | -static void XMLCDECL | ||
655 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
656 | xmlHTMLWarning(void *ctx, const char *msg, ...) | ||
657 | { | ||
658 | xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; | ||
659 | @@ -709,7 +709,7 @@ xmlHTMLWarning(void *ctx, const char *ms | ||
660 | * Display and format an validity error messages, gives file, | ||
661 | * line, position and extra parameters. | ||
662 | */ | ||
663 | -static void XMLCDECL | ||
664 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
665 | xmlHTMLValidityError(void *ctx, const char *msg, ...) | ||
666 | { | ||
667 | xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; | ||
668 | @@ -746,7 +746,7 @@ xmlHTMLValidityError(void *ctx, const ch | ||
669 | * Display and format a validity warning messages, gives file, line, | ||
670 | * position and extra parameters. | ||
671 | */ | ||
672 | -static void XMLCDECL | ||
673 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
674 | xmlHTMLValidityWarning(void *ctx, const char *msg, ...) | ||
675 | { | ||
676 | xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; | ||
677 | @@ -1410,7 +1410,7 @@ commentDebug(void *ctx ATTRIBUTE_UNUSED, | ||
678 | * Display and format a warning messages, gives file, line, position and | ||
679 | * extra parameters. | ||
680 | */ | ||
681 | -static void XMLCDECL | ||
682 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
683 | warningDebug(void *ctx ATTRIBUTE_UNUSED, const char *msg, ...) | ||
684 | { | ||
685 | va_list args; | ||
686 | @@ -1433,7 +1433,7 @@ warningDebug(void *ctx ATTRIBUTE_UNUSED, | ||
687 | * Display and format a error messages, gives file, line, position and | ||
688 | * extra parameters. | ||
689 | */ | ||
690 | -static void XMLCDECL | ||
691 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
692 | errorDebug(void *ctx ATTRIBUTE_UNUSED, const char *msg, ...) | ||
693 | { | ||
694 | va_list args; | ||
695 | @@ -1456,7 +1456,7 @@ errorDebug(void *ctx ATTRIBUTE_UNUSED, c | ||
696 | * Display and format a fatalError messages, gives file, line, position and | ||
697 | * extra parameters. | ||
698 | */ | ||
699 | -static void XMLCDECL | ||
700 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
701 | fatalErrorDebug(void *ctx ATTRIBUTE_UNUSED, const char *msg, ...) | ||
702 | { | ||
703 | va_list args; | ||
704 | Index: libxml2-2.9.2/xmlreader.c | ||
705 | =================================================================== | ||
706 | --- libxml2-2.9.2.orig/xmlreader.c | ||
707 | +++ libxml2-2.9.2/xmlreader.c | ||
708 | @@ -4050,13 +4050,19 @@ xmlTextReaderCurrentDoc(xmlTextReaderPtr | ||
709 | } | ||
710 | |||
711 | #ifdef LIBXML_SCHEMAS_ENABLED | ||
712 | -static char *xmlTextReaderBuildMessage(const char *msg, va_list ap); | ||
713 | +static char *xmlTextReaderBuildMessage(const char *msg, va_list ap) LIBXML_ATTR_FORMAT(1,0); | ||
714 | |||
715 | static void XMLCDECL | ||
716 | -xmlTextReaderValidityError(void *ctxt, const char *msg, ...); | ||
717 | +xmlTextReaderValidityError(void *ctxt, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); | ||
718 | |||
719 | static void XMLCDECL | ||
720 | -xmlTextReaderValidityWarning(void *ctxt, const char *msg, ...); | ||
721 | +xmlTextReaderValidityWarning(void *ctxt, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); | ||
722 | + | ||
723 | +static void XMLCDECL | ||
724 | +xmlTextReaderValidityErrorRelay(void *ctx, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); | ||
725 | + | ||
726 | +static void XMLCDECL | ||
727 | +xmlTextReaderValidityWarningRelay(void *ctx, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); | ||
728 | |||
729 | static void XMLCDECL | ||
730 | xmlTextReaderValidityErrorRelay(void *ctx, const char *msg, ...) | ||
731 | @@ -4850,7 +4856,7 @@ xmlTextReaderStructuredError(void *ctxt, | ||
732 | } | ||
733 | } | ||
734 | |||
735 | -static void XMLCDECL | ||
736 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
737 | xmlTextReaderError(void *ctxt, const char *msg, ...) | ||
738 | { | ||
739 | va_list ap; | ||
740 | @@ -4863,7 +4869,7 @@ xmlTextReaderError(void *ctxt, const cha | ||
741 | |||
742 | } | ||
743 | |||
744 | -static void XMLCDECL | ||
745 | +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) | ||
746 | xmlTextReaderWarning(void *ctxt, const char *msg, ...) | ||
747 | { | ||
748 | va_list ap; | ||
749 | Index: libxml2-2.9.2/xmlschemas.c | ||
750 | =================================================================== | ||
751 | --- libxml2-2.9.2.orig/xmlschemas.c | ||
752 | +++ libxml2-2.9.2/xmlschemas.c | ||
753 | @@ -1085,7 +1085,7 @@ xmlSchemaGetUnionSimpleTypeMemberTypes(x | ||
754 | static void | ||
755 | xmlSchemaInternalErr(xmlSchemaAbstractCtxtPtr actxt, | ||
756 | const char *funcName, | ||
757 | - const char *message); | ||
758 | + const char *message) LIBXML_ATTR_FORMAT(3,0); | ||
759 | static int | ||
760 | xmlSchemaCheckCOSSTDerivedOK(xmlSchemaAbstractCtxtPtr ctxt, | ||
761 | xmlSchemaTypePtr type, | ||
762 | @@ -1889,7 +1889,7 @@ xmlSchemaPErrMemory(xmlSchemaParserCtxtP | ||
763 | * | ||
764 | * Handle a parser error | ||
765 | */ | ||
766 | -static void | ||
767 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
768 | xmlSchemaPErr(xmlSchemaParserCtxtPtr ctxt, xmlNodePtr node, int error, | ||
769 | const char *msg, const xmlChar * str1, const xmlChar * str2) | ||
770 | { | ||
771 | @@ -1922,7 +1922,7 @@ xmlSchemaPErr(xmlSchemaParserCtxtPtr ctx | ||
772 | * | ||
773 | * Handle a parser error | ||
774 | */ | ||
775 | -static void | ||
776 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
777 | xmlSchemaPErr2(xmlSchemaParserCtxtPtr ctxt, xmlNodePtr node, | ||
778 | xmlNodePtr child, int error, | ||
779 | const char *msg, const xmlChar * str1, const xmlChar * str2) | ||
780 | @@ -1951,7 +1951,7 @@ xmlSchemaPErr2(xmlSchemaParserCtxtPtr ct | ||
781 | * | ||
782 | * Handle a parser error | ||
783 | */ | ||
784 | -static void | ||
785 | +static void LIBXML_ATTR_FORMAT(7,0) | ||
786 | xmlSchemaPErrExt(xmlSchemaParserCtxtPtr ctxt, xmlNodePtr node, int error, | ||
787 | const xmlChar * strData1, const xmlChar * strData2, | ||
788 | const xmlChar * strData3, const char *msg, const xmlChar * str1, | ||
789 | @@ -2002,7 +2002,7 @@ xmlSchemaVErrMemory(xmlSchemaValidCtxtPt | ||
790 | extra); | ||
791 | } | ||
792 | |||
793 | -static void | ||
794 | +static void LIBXML_ATTR_FORMAT(2,0) | ||
795 | xmlSchemaPSimpleInternalErr(xmlNodePtr node, | ||
796 | const char *msg, const xmlChar *str) | ||
797 | { | ||
798 | @@ -2013,18 +2013,21 @@ xmlSchemaPSimpleInternalErr(xmlNodePtr n | ||
799 | #define WXS_ERROR_TYPE_ERROR 1 | ||
800 | #define WXS_ERROR_TYPE_WARNING 2 | ||
801 | /** | ||
802 | - * xmlSchemaErr3: | ||
803 | + * xmlSchemaErr4Line: | ||
804 | * @ctxt: the validation context | ||
805 | - * @node: the context node | ||
806 | + * @errorLevel: the error level | ||
807 | * @error: the error code | ||
808 | + * @node: the context node | ||
809 | + * @line: the line number | ||
810 | * @msg: the error message | ||
811 | * @str1: extra data | ||
812 | * @str2: extra data | ||
813 | * @str3: extra data | ||
814 | + * @str4: extra data | ||
815 | * | ||
816 | * Handle a validation error | ||
817 | */ | ||
818 | -static void | ||
819 | +static void LIBXML_ATTR_FORMAT(6,0) | ||
820 | xmlSchemaErr4Line(xmlSchemaAbstractCtxtPtr ctxt, | ||
821 | xmlErrorLevel errorLevel, | ||
822 | int error, xmlNodePtr node, int line, const char *msg, | ||
823 | @@ -2139,7 +2142,7 @@ xmlSchemaErr4Line(xmlSchemaAbstractCtxtP | ||
824 | * | ||
825 | * Handle a validation error | ||
826 | */ | ||
827 | -static void | ||
828 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
829 | xmlSchemaErr3(xmlSchemaAbstractCtxtPtr actxt, | ||
830 | int error, xmlNodePtr node, const char *msg, | ||
831 | const xmlChar *str1, const xmlChar *str2, const xmlChar *str3) | ||
832 | @@ -2148,7 +2151,7 @@ xmlSchemaErr3(xmlSchemaAbstractCtxtPtr a | ||
833 | msg, str1, str2, str3, NULL); | ||
834 | } | ||
835 | |||
836 | -static void | ||
837 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
838 | xmlSchemaErr4(xmlSchemaAbstractCtxtPtr actxt, | ||
839 | int error, xmlNodePtr node, const char *msg, | ||
840 | const xmlChar *str1, const xmlChar *str2, | ||
841 | @@ -2158,7 +2161,7 @@ xmlSchemaErr4(xmlSchemaAbstractCtxtPtr a | ||
842 | msg, str1, str2, str3, str4); | ||
843 | } | ||
844 | |||
845 | -static void | ||
846 | +static void LIBXML_ATTR_FORMAT(4,0) | ||
847 | xmlSchemaErr(xmlSchemaAbstractCtxtPtr actxt, | ||
848 | int error, xmlNodePtr node, const char *msg, | ||
849 | const xmlChar *str1, const xmlChar *str2) | ||
850 | @@ -2181,7 +2184,7 @@ xmlSchemaFormatNodeForError(xmlChar ** m | ||
851 | /* | ||
852 | * Don't try to format other nodes than element and | ||
853 | * attribute nodes. | ||
854 | - * Play save and return an empty string. | ||
855 | + * Play safe and return an empty string. | ||
856 | */ | ||
857 | *msg = xmlStrdup(BAD_CAST ""); | ||
858 | return(*msg); | ||
859 | @@ -2262,7 +2265,7 @@ xmlSchemaFormatNodeForError(xmlChar ** m | ||
860 | return (*msg); | ||
861 | } | ||
862 | |||
863 | -static void | ||
864 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
865 | xmlSchemaInternalErr2(xmlSchemaAbstractCtxtPtr actxt, | ||
866 | const char *funcName, | ||
867 | const char *message, | ||
868 | @@ -2273,24 +2276,21 @@ xmlSchemaInternalErr2(xmlSchemaAbstractC | ||
869 | |||
870 | if (actxt == NULL) | ||
871 | return; | ||
872 | - msg = xmlStrdup(BAD_CAST "Internal error: "); | ||
873 | - msg = xmlStrcat(msg, BAD_CAST funcName); | ||
874 | - msg = xmlStrcat(msg, BAD_CAST ", "); | ||
875 | + msg = xmlStrdup(BAD_CAST "Internal error: %s, "); | ||
876 | msg = xmlStrcat(msg, BAD_CAST message); | ||
877 | msg = xmlStrcat(msg, BAD_CAST ".\n"); | ||
878 | |||
879 | if (actxt->type == XML_SCHEMA_CTXT_VALIDATOR) | ||
880 | - xmlSchemaErr(actxt, XML_SCHEMAV_INTERNAL, NULL, | ||
881 | - (const char *) msg, str1, str2); | ||
882 | - | ||
883 | + xmlSchemaErr3(actxt, XML_SCHEMAV_INTERNAL, NULL, | ||
884 | + (const char *) msg, (const xmlChar *) funcName, str1, str2); | ||
885 | else if (actxt->type == XML_SCHEMA_CTXT_PARSER) | ||
886 | - xmlSchemaErr(actxt, XML_SCHEMAP_INTERNAL, NULL, | ||
887 | - (const char *) msg, str1, str2); | ||
888 | + xmlSchemaErr3(actxt, XML_SCHEMAP_INTERNAL, NULL, | ||
889 | + (const char *) msg, (const xmlChar *) funcName, str1, str2); | ||
890 | |||
891 | FREE_AND_NULL(msg) | ||
892 | } | ||
893 | |||
894 | -static void | ||
895 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
896 | xmlSchemaInternalErr(xmlSchemaAbstractCtxtPtr actxt, | ||
897 | const char *funcName, | ||
898 | const char *message) | ||
899 | @@ -2299,7 +2299,7 @@ xmlSchemaInternalErr(xmlSchemaAbstractCt | ||
900 | } | ||
901 | |||
902 | #if 0 | ||
903 | -static void | ||
904 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
905 | xmlSchemaPInternalErr(xmlSchemaParserCtxtPtr pctxt, | ||
906 | const char *funcName, | ||
907 | const char *message, | ||
908 | @@ -2311,7 +2311,7 @@ xmlSchemaPInternalErr(xmlSchemaParserCtx | ||
909 | } | ||
910 | #endif | ||
911 | |||
912 | -static void | ||
913 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
914 | xmlSchemaCustomErr4(xmlSchemaAbstractCtxtPtr actxt, | ||
915 | xmlParserErrors error, | ||
916 | xmlNodePtr node, | ||
917 | @@ -2336,7 +2336,7 @@ xmlSchemaCustomErr4(xmlSchemaAbstractCtx | ||
918 | FREE_AND_NULL(msg) | ||
919 | } | ||
920 | |||
921 | -static void | ||
922 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
923 | xmlSchemaCustomErr(xmlSchemaAbstractCtxtPtr actxt, | ||
924 | xmlParserErrors error, | ||
925 | xmlNodePtr node, | ||
926 | @@ -2351,7 +2351,7 @@ xmlSchemaCustomErr(xmlSchemaAbstractCtxt | ||
927 | |||
928 | |||
929 | |||
930 | -static void | ||
931 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
932 | xmlSchemaCustomWarning(xmlSchemaAbstractCtxtPtr actxt, | ||
933 | xmlParserErrors error, | ||
934 | xmlNodePtr node, | ||
935 | @@ -2376,7 +2376,7 @@ xmlSchemaCustomWarning(xmlSchemaAbstract | ||
936 | |||
937 | |||
938 | |||
939 | -static void | ||
940 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
941 | xmlSchemaKeyrefErr(xmlSchemaValidCtxtPtr vctxt, | ||
942 | xmlParserErrors error, | ||
943 | xmlSchemaPSVIIDCNodePtr idcNode, | ||
944 | @@ -2525,7 +2525,7 @@ xmlSchemaIllegalAttrErr(xmlSchemaAbstrac | ||
945 | FREE_AND_NULL(msg) | ||
946 | } | ||
947 | |||
948 | -static void | ||
949 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
950 | xmlSchemaComplexTypeErr(xmlSchemaAbstractCtxtPtr actxt, | ||
951 | xmlParserErrors error, | ||
952 | xmlNodePtr node, | ||
953 | @@ -2625,7 +2625,7 @@ xmlSchemaComplexTypeErr(xmlSchemaAbstrac | ||
954 | xmlFree(msg); | ||
955 | } | ||
956 | |||
957 | -static void | ||
958 | +static void LIBXML_ATTR_FORMAT(8,0) | ||
959 | xmlSchemaFacetErr(xmlSchemaAbstractCtxtPtr actxt, | ||
960 | xmlParserErrors error, | ||
961 | xmlNodePtr node, | ||
962 | @@ -2916,7 +2916,7 @@ xmlSchemaPIllegalAttrErr(xmlSchemaParser | ||
963 | * | ||
964 | * Reports an error during parsing. | ||
965 | */ | ||
966 | -static void | ||
967 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
968 | xmlSchemaPCustomErrExt(xmlSchemaParserCtxtPtr ctxt, | ||
969 | xmlParserErrors error, | ||
970 | xmlSchemaBasicItemPtr item, | ||
971 | @@ -2952,7 +2952,7 @@ xmlSchemaPCustomErrExt(xmlSchemaParserCt | ||
972 | * | ||
973 | * Reports an error during parsing. | ||
974 | */ | ||
975 | -static void | ||
976 | +static void LIBXML_ATTR_FORMAT(5,0) | ||
977 | xmlSchemaPCustomErr(xmlSchemaParserCtxtPtr ctxt, | ||
978 | xmlParserErrors error, | ||
979 | xmlSchemaBasicItemPtr item, | ||
980 | @@ -2977,7 +2977,7 @@ xmlSchemaPCustomErr(xmlSchemaParserCtxtP | ||
981 | * | ||
982 | * Reports an attribute use error during parsing. | ||
983 | */ | ||
984 | -static void | ||
985 | +static void LIBXML_ATTR_FORMAT(6,0) | ||
986 | xmlSchemaPAttrUseErr4(xmlSchemaParserCtxtPtr ctxt, | ||
987 | xmlParserErrors error, | ||
988 | xmlNodePtr node, | ||
989 | @@ -3099,7 +3099,7 @@ xmlSchemaPMutualExclAttrErr(xmlSchemaPar | ||
990 | * Reports a simple type validation error. | ||
991 | * TODO: Should this report the value of an element as well? | ||
992 | */ | ||
993 | -static void | ||
994 | +static void LIBXML_ATTR_FORMAT(8,0) | ||
995 | xmlSchemaPSimpleTypeErr(xmlSchemaParserCtxtPtr ctxt, | ||
996 | xmlParserErrors error, | ||
997 | xmlSchemaBasicItemPtr ownerItem ATTRIBUTE_UNUSED, | ||
998 | Index: libxml2-2.9.2/xmlstring.c | ||
999 | =================================================================== | ||
1000 | --- libxml2-2.9.2.orig/xmlstring.c | ||
1001 | +++ libxml2-2.9.2/xmlstring.c | ||
1002 | @@ -545,7 +545,7 @@ xmlStrcat(xmlChar *cur, const xmlChar *a | ||
1003 | * Returns the number of characters written to @buf or -1 if an error occurs. | ||
1004 | */ | ||
1005 | int XMLCDECL | ||
1006 | -xmlStrPrintf(xmlChar *buf, int len, const xmlChar *msg, ...) { | ||
1007 | +xmlStrPrintf(xmlChar *buf, int len, const char *msg, ...) { | ||
1008 | va_list args; | ||
1009 | int ret; | ||
1010 | |||
1011 | @@ -573,7 +573,7 @@ xmlStrPrintf(xmlChar *buf, int len, cons | ||
1012 | * Returns the number of characters written to @buf or -1 if an error occurs. | ||
1013 | */ | ||
1014 | int | ||
1015 | -xmlStrVPrintf(xmlChar *buf, int len, const xmlChar *msg, va_list ap) { | ||
1016 | +xmlStrVPrintf(xmlChar *buf, int len, const char *msg, va_list ap) { | ||
1017 | int ret; | ||
1018 | |||
1019 | if((buf == NULL) || (msg == NULL)) { | ||
1020 | Index: libxml2-2.9.2/xmlwriter.c | ||
1021 | =================================================================== | ||
1022 | --- libxml2-2.9.2.orig/xmlwriter.c | ||
1023 | +++ libxml2-2.9.2/xmlwriter.c | ||
1024 | @@ -113,7 +113,7 @@ static int xmlTextWriterWriteDocCallback | ||
1025 | const xmlChar * str, int len); | ||
1026 | static int xmlTextWriterCloseDocCallback(void *context); | ||
1027 | |||
1028 | -static xmlChar *xmlTextWriterVSprintf(const char *format, va_list argptr); | ||
1029 | +static xmlChar *xmlTextWriterVSprintf(const char *format, va_list argptr) LIBXML_ATTR_FORMAT(1,0); | ||
1030 | static int xmlOutputBufferWriteBase64(xmlOutputBufferPtr out, int len, | ||
1031 | const unsigned char *data); | ||
1032 | static void xmlTextWriterStartDocumentCallback(void *ctx); | ||
1033 | @@ -153,7 +153,7 @@ xmlWriterErrMsg(xmlTextWriterPtr ctxt, x | ||
1034 | * | ||
1035 | * Handle a writer error | ||
1036 | */ | ||
1037 | -static void | ||
1038 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
1039 | xmlWriterErrMsgInt(xmlTextWriterPtr ctxt, xmlParserErrors error, | ||
1040 | const char *msg, int val) | ||
1041 | { | ||
1042 | Index: libxml2-2.9.2/xpath.c | ||
1043 | =================================================================== | ||
1044 | --- libxml2-2.9.2.orig/xpath.c | ||
1045 | +++ libxml2-2.9.2/xpath.c | ||
1046 | @@ -639,7 +639,7 @@ xmlXPathErrMemory(xmlXPathContextPtr ctx | ||
1047 | xmlChar buf[200]; | ||
1048 | |||
1049 | xmlStrPrintf(buf, 200, | ||
1050 | - BAD_CAST "Memory allocation failed : %s\n", | ||
1051 | + "Memory allocation failed : %s\n", | ||
1052 | extra); | ||
1053 | ctxt->lastError.message = (char *) xmlStrdup(buf); | ||
1054 | } else { | ||
1055 | Index: libxml2-2.9.2/xpointer.c | ||
1056 | =================================================================== | ||
1057 | --- libxml2-2.9.2.orig/xpointer.c | ||
1058 | +++ libxml2-2.9.2/xpointer.c | ||
1059 | @@ -85,7 +85,7 @@ xmlXPtrErrMemory(const char *extra) | ||
1060 | * | ||
1061 | * Handle a redefinition of attribute error | ||
1062 | */ | ||
1063 | -static void | ||
1064 | +static void LIBXML_ATTR_FORMAT(3,0) | ||
1065 | xmlXPtrErr(xmlXPathParserContextPtr ctxt, int error, | ||
1066 | const char * msg, const xmlChar *extra) | ||
1067 | { | ||
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2016-4448_2.patch b/meta/recipes-core/libxml/libxml2/CVE-2016-4448_2.patch new file mode 100644 index 0000000000..bfea8fde55 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2016-4448_2.patch | |||
@@ -0,0 +1,208 @@ | |||
1 | From 502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b Mon Sep 17 00:00:00 2001 | ||
2 | From: David Kilzer <ddkilzer@apple.com> | ||
3 | Date: Mon, 23 May 2016 14:58:41 +0800 | ||
4 | Subject: [PATCH] More format string warnings with possible format string | ||
5 | vulnerability | ||
6 | |||
7 | For https://bugzilla.gnome.org/show_bug.cgi?id=761029 | ||
8 | |||
9 | adds a new xmlEscapeFormatString() function to escape composed format | ||
10 | strings | ||
11 | |||
12 | Upstream-Status: Backport | ||
13 | CVE: CVE-2016-4448 patch #2 | ||
14 | |||
15 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
16 | |||
17 | --- | ||
18 | libxml.h | 3 +++ | ||
19 | relaxng.c | 3 ++- | ||
20 | xmlschemas.c | 39 ++++++++++++++++++++++++++------------- | ||
21 | xmlstring.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ | ||
22 | 4 files changed, 86 insertions(+), 14 deletions(-) | ||
23 | |||
24 | Index: libxml2-2.9.2/libxml.h | ||
25 | =================================================================== | ||
26 | --- libxml2-2.9.2.orig/libxml.h | ||
27 | +++ libxml2-2.9.2/libxml.h | ||
28 | @@ -9,6 +9,8 @@ | ||
29 | #ifndef __XML_LIBXML_H__ | ||
30 | #define __XML_LIBXML_H__ | ||
31 | |||
32 | +#include <libxml/xmlstring.h> | ||
33 | + | ||
34 | #ifndef NO_LARGEFILE_SOURCE | ||
35 | #ifndef _LARGEFILE_SOURCE | ||
36 | #define _LARGEFILE_SOURCE | ||
37 | @@ -96,6 +98,7 @@ int __xmlInitializeDict(void); | ||
38 | int __xmlRandom(void); | ||
39 | #endif | ||
40 | |||
41 | +XMLPUBFUN xmlChar * XMLCALL xmlEscapeFormatString(xmlChar **msg); | ||
42 | int xmlNop(void); | ||
43 | |||
44 | #ifdef IN_LIBXML | ||
45 | Index: libxml2-2.9.2/relaxng.c | ||
46 | =================================================================== | ||
47 | --- libxml2-2.9.2.orig/relaxng.c | ||
48 | +++ libxml2-2.9.2/relaxng.c | ||
49 | @@ -2215,7 +2215,8 @@ xmlRelaxNGGetErrorString(xmlRelaxNGValid | ||
50 | snprintf(msg, 1000, "Unknown error code %d\n", err); | ||
51 | } | ||
52 | msg[1000 - 1] = 0; | ||
53 | - return (xmlStrdup((xmlChar *) msg)); | ||
54 | + xmlChar *result = xmlCharStrdup(msg); | ||
55 | + return (xmlEscapeFormatString(&result)); | ||
56 | } | ||
57 | |||
58 | /** | ||
59 | Index: libxml2-2.9.2/xmlschemas.c | ||
60 | =================================================================== | ||
61 | --- libxml2-2.9.2.orig/xmlschemas.c | ||
62 | +++ libxml2-2.9.2/xmlschemas.c | ||
63 | @@ -1769,7 +1769,7 @@ xmlSchemaFormatItemForReport(xmlChar **b | ||
64 | } | ||
65 | FREE_AND_NULL(str) | ||
66 | |||
67 | - return (*buf); | ||
68 | + return (xmlEscapeFormatString(buf)); | ||
69 | } | ||
70 | |||
71 | /** | ||
72 | @@ -2249,6 +2249,13 @@ xmlSchemaFormatNodeForError(xmlChar ** m | ||
73 | TODO | ||
74 | return (NULL); | ||
75 | } | ||
76 | + | ||
77 | + /* | ||
78 | + * xmlSchemaFormatItemForReport() also returns an escaped format | ||
79 | + * string, so do this before calling it below (in the future). | ||
80 | + */ | ||
81 | + xmlEscapeFormatString(msg); | ||
82 | + | ||
83 | /* | ||
84 | * VAL TODO: The output of the given schema component is currently | ||
85 | * disabled. | ||
86 | @@ -2476,11 +2483,13 @@ xmlSchemaSimpleTypeErr(xmlSchemaAbstract | ||
87 | msg = xmlStrcat(msg, BAD_CAST " '"); | ||
88 | if (type->builtInType != 0) { | ||
89 | msg = xmlStrcat(msg, BAD_CAST "xs:"); | ||
90 | - msg = xmlStrcat(msg, type->name); | ||
91 | - } else | ||
92 | - msg = xmlStrcat(msg, | ||
93 | - xmlSchemaFormatQName(&str, | ||
94 | - type->targetNamespace, type->name)); | ||
95 | + str = xmlStrdup(type->name); | ||
96 | + } else { | ||
97 | + const xmlChar *qName = xmlSchemaFormatQName(&str, type->targetNamespace, type->name); | ||
98 | + if (!str) | ||
99 | + str = xmlStrdup(qName); | ||
100 | + } | ||
101 | + msg = xmlStrcat(msg, xmlEscapeFormatString(&str)); | ||
102 | msg = xmlStrcat(msg, BAD_CAST "'"); | ||
103 | FREE_AND_NULL(str); | ||
104 | } | ||
105 | @@ -2617,7 +2626,7 @@ xmlSchemaComplexTypeErr(xmlSchemaAbstrac | ||
106 | str = xmlStrcat(str, BAD_CAST ", "); | ||
107 | } | ||
108 | str = xmlStrcat(str, BAD_CAST " ).\n"); | ||
109 | - msg = xmlStrcat(msg, BAD_CAST str); | ||
110 | + msg = xmlStrcat(msg, xmlEscapeFormatString(&str)); | ||
111 | FREE_AND_NULL(str) | ||
112 | } else | ||
113 | msg = xmlStrcat(msg, BAD_CAST "\n"); | ||
114 | @@ -3141,11 +3150,13 @@ xmlSchemaPSimpleTypeErr(xmlSchemaParserC | ||
115 | msg = xmlStrcat(msg, BAD_CAST " '"); | ||
116 | if (type->builtInType != 0) { | ||
117 | msg = xmlStrcat(msg, BAD_CAST "xs:"); | ||
118 | - msg = xmlStrcat(msg, type->name); | ||
119 | - } else | ||
120 | - msg = xmlStrcat(msg, | ||
121 | - xmlSchemaFormatQName(&str, | ||
122 | - type->targetNamespace, type->name)); | ||
123 | + str = xmlStrdup(type->name); | ||
124 | + } else { | ||
125 | + const xmlChar *qName = xmlSchemaFormatQName(&str, type->targetNamespace, type->name); | ||
126 | + if (!str) | ||
127 | + str = xmlStrdup(qName); | ||
128 | + } | ||
129 | + msg = xmlStrcat(msg, xmlEscapeFormatString(&str)); | ||
130 | msg = xmlStrcat(msg, BAD_CAST "'."); | ||
131 | FREE_AND_NULL(str); | ||
132 | } | ||
133 | @@ -3158,7 +3169,9 @@ xmlSchemaPSimpleTypeErr(xmlSchemaParserC | ||
134 | } | ||
135 | if (expected) { | ||
136 | msg = xmlStrcat(msg, BAD_CAST " Expected is '"); | ||
137 | - msg = xmlStrcat(msg, BAD_CAST expected); | ||
138 | + xmlChar *expectedEscaped = xmlCharStrdup(expected); | ||
139 | + msg = xmlStrcat(msg, xmlEscapeFormatString(&expectedEscaped)); | ||
140 | + FREE_AND_NULL(expectedEscaped); | ||
141 | msg = xmlStrcat(msg, BAD_CAST "'.\n"); | ||
142 | } else | ||
143 | msg = xmlStrcat(msg, BAD_CAST "\n"); | ||
144 | Index: libxml2-2.9.2/xmlstring.c | ||
145 | =================================================================== | ||
146 | --- libxml2-2.9.2.orig/xmlstring.c | ||
147 | +++ libxml2-2.9.2/xmlstring.c | ||
148 | @@ -987,5 +987,60 @@ xmlUTF8Strsub(const xmlChar *utf, int st | ||
149 | return(xmlUTF8Strndup(utf, len)); | ||
150 | } | ||
151 | |||
152 | +/** | ||
153 | + * xmlEscapeFormatString: | ||
154 | + * @msg: a pointer to the string in which to escape '%' characters. | ||
155 | + * Must be a heap-allocated buffer created by libxml2 that may be | ||
156 | + * returned, or that may be freed and replaced. | ||
157 | + * | ||
158 | + * Replaces the string pointed to by 'msg' with an escaped string. | ||
159 | + * Returns the same string with all '%' characters escaped. | ||
160 | + */ | ||
161 | +xmlChar * | ||
162 | +xmlEscapeFormatString(xmlChar **msg) | ||
163 | +{ | ||
164 | + xmlChar *msgPtr = NULL; | ||
165 | + xmlChar *result = NULL; | ||
166 | + xmlChar *resultPtr = NULL; | ||
167 | + size_t count = 0; | ||
168 | + size_t msgLen = 0; | ||
169 | + size_t resultLen = 0; | ||
170 | + | ||
171 | + if (!msg || !*msg) | ||
172 | + return(NULL); | ||
173 | + | ||
174 | + for (msgPtr = *msg; *msgPtr != '\0'; ++msgPtr) { | ||
175 | + ++msgLen; | ||
176 | + if (*msgPtr == '%') | ||
177 | + ++count; | ||
178 | + } | ||
179 | + | ||
180 | + if (count == 0) | ||
181 | + return(*msg); | ||
182 | + | ||
183 | + resultLen = msgLen + count + 1; | ||
184 | + result = (xmlChar *) xmlMallocAtomic(resultLen * sizeof(xmlChar)); | ||
185 | + if (result == NULL) { | ||
186 | + /* Clear *msg to prevent format string vulnerabilities in | ||
187 | + out-of-memory situations. */ | ||
188 | + xmlFree(*msg); | ||
189 | + *msg = NULL; | ||
190 | + xmlErrMemory(NULL, NULL); | ||
191 | + return(NULL); | ||
192 | + } | ||
193 | + | ||
194 | + for (msgPtr = *msg, resultPtr = result; *msgPtr != '\0'; ++msgPtr, ++resultPtr) { | ||
195 | + *resultPtr = *msgPtr; | ||
196 | + if (*msgPtr == '%') | ||
197 | + *(++resultPtr) = '%'; | ||
198 | + } | ||
199 | + result[resultLen - 1] = '\0'; | ||
200 | + | ||
201 | + xmlFree(*msg); | ||
202 | + *msg = result; | ||
203 | + | ||
204 | + return *msg; | ||
205 | +} | ||
206 | + | ||
207 | #define bottom_xmlstring | ||
208 | #include "elfgcchack.h" | ||
diff --git a/meta/recipes-core/libxml/libxml2_2.9.2.bb b/meta/recipes-core/libxml/libxml2_2.9.2.bb index c7db1de14e..e221a4f702 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.2.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.2.bb | |||
@@ -18,6 +18,8 @@ SRC_URI += "file://CVE-2016-1762.patch \ | |||
18 | file://CVE-2016-1833.patch \ | 18 | file://CVE-2016-1833.patch \ |
19 | file://CVE-2016-3627.patch \ | 19 | file://CVE-2016-3627.patch \ |
20 | file://CVE-2016-4447.patch \ | 20 | file://CVE-2016-4447.patch \ |
21 | file://CVE-2016-4448_1.patch \ | ||
22 | file://CVE-2016-4448_2.patch \ | ||
21 | " | 23 | " |
22 | 24 | ||
23 | SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788" | 25 | SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788" |