libxml2: remove libxml2-CVE-2014-3660.patch

It is a backport patch, and verified that the patch is in the source. (From OE-Core rev: 9a3178b4d3c454e76a0af59afc7b326589c4c666) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Robert Yang <liezhi.yang@windriver.com> 2015-04-27 20:43:23 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-04-30 23:04:13 +0100
commit: 7e23d9de653134fdf59d214cd2dfb5138f854cbf (patch)
tree: c5c436de4347071e56d9f55a9cec37b2ad2d9523
parent: 2e31add77165ce62977e1331069f0efe5cafb2c8 (diff)
download: poky-7e23d9de653134fdf59d214cd2dfb5138f854cbf.tar.gz
1 files changed, 0 insertions, 147 deletions
diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2014-3660.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2014-3660.patch
deleted file mode 100644
index b9621c93eb..0000000000
--- a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2014-3660.patch
+++ /dev/null
@@ -1,147 +0,0 @@
-From be2a7edaf289c5da74a4f9ed3a0b6c733e775230 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Thu, 16 Oct 2014 13:59:47 +0800
-Subject: Fix for CVE-2014-3660
-Issues related to the billion laugh entity expansion which happened to
-escape the initial set of fixes
-Upstream-status: Backport
-Reference: https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230&context=3&ignorews=0&ss=0
-Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
-diff --git a/parser.c b/parser.c
-index f51e8d2..1d93967 100644
--- a/parser.c
-+++ b/parser.c
-@@ -130,6 +130,29 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
-         return (0);
-     if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP)
-         return (1);
-+
-+    /*
-+     * This may look absurd but is needed to detect
-+     * entities problems
-+     */
-+    if ((ent != NULL) && (ent->etype != XML_INTERNAL_PREDEFINED_ENTITY) &&
-+       (ent->content != NULL) && (ent->checked == 0)) {
-+       unsigned long oldnbent = ctxt->nbentities;
-+       xmlChar *rep;
-+
-+       ent->checked = 1;
-+
-+       rep = xmlStringDecodeEntities(ctxt, ent->content,
-+                                 XML_SUBSTITUTE_REF, 0, 0, 0);
-+
-+       ent->checked = (ctxt->nbentities - oldnbent + 1) * 2;
-+       if (rep != NULL) {
-+           if (xmlStrchr(rep, '<'))
-+               ent->checked |= 1;
-+           xmlFree(rep);
-+           rep = NULL;
-+       }
-+    }
-     if (replacement != 0) {
-        if (replacement < XML_MAX_TEXT_LENGTH)
-            return(0);
-@@ -189,9 +212,12 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
-             return (0);
-     } else {
-         /*
-         * strange we got no data for checking just return
-+         * strange we got no data for checking
-          */
-        return (0);
-+       if (((ctxt->lastError.code != XML_ERR_UNDECLARED_ENTITY) &&
-+            (ctxt->lastError.code != XML_WAR_UNDECLARED_ENTITY)) ||
-+           (ctxt->nbentities <= 10000))
-+           return (0);
-     }
-     xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
-     return (1);
-@@ -2589,6 +2615,7 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
-                                      name, NULL);
-                    ctxt->valid = 0;
-                }
-+               xmlParserEntityCheck(ctxt, 0, NULL, 0);
-            } else if (ctxt->input->free != deallocblankswrapper) {
-                    input = xmlNewBlanksWrapperInputStream(ctxt, entity);
-                    if (xmlPushInput(ctxt, input) < 0)
-@@ -2759,6 +2786,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
-            if ((ctxt->lastError.code == XML_ERR_ENTITY_LOOP) ||
-                (ctxt->lastError.code == XML_ERR_INTERNAL_ERROR))
-                goto int_error;
-+           xmlParserEntityCheck(ctxt, 0, ent, 0);
-            if (ent != NULL)
-                ctxt->nbentities += ent->checked / 2;
-            if ((ent != NULL) &&
-@@ -2810,6 +2838,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
-            ent = xmlParseStringPEReference(ctxt, &str);
-            if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP)
-                goto int_error;
-+           xmlParserEntityCheck(ctxt, 0, ent, 0);
-            if (ent != NULL)
-                ctxt->nbentities += ent->checked / 2;
-            if (ent != NULL) {
-@@ -7312,6 +7341,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
-                   (ret != XML_WAR_UNDECLARED_ENTITY)) {
-            xmlFatalErrMsgStr(ctxt, XML_ERR_UNDECLARED_ENTITY,
-                     "Entity '%s' failed to parse\n", ent->name);
-+           xmlParserEntityCheck(ctxt, 0, ent, 0);
-        } else if (list != NULL) {
-            xmlFreeNodeList(list);
-            list = NULL;
-@@ -7418,7 +7448,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
-                /*
-                 * We are copying here, make sure there is no abuse
-                 */
-               ctxt->sizeentcopy += ent->length;
-+               ctxt->sizeentcopy += ent->length + 5;
-                if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy))
-                    return;
- 
-@@ -7466,7 +7496,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
-                /*
-                 * We are copying here, make sure there is no abuse
-                 */
-               ctxt->sizeentcopy += ent->length;
-+               ctxt->sizeentcopy += ent->length + 5;
-                if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy))
-                    return;
- 
-@@ -7652,6 +7682,7 @@ xmlParseEntityRef(xmlParserCtxtPtr ctxt) {
-                ctxt->sax->reference(ctxt->userData, name);
-            }
-        }
-+       xmlParserEntityCheck(ctxt, 0, ent, 0);
-        ctxt->valid = 0;
-     }
- 
-@@ -7845,6 +7876,7 @@ xmlParseStringEntityRef(xmlParserCtxtPtr ctxt, const xmlChar ** str) {
-                          "Entity '%s' not defined\n",
-                          name);
-        }
-+       xmlParserEntityCheck(ctxt, 0, ent, 0);
-        /* TODO ? check regressions ctxt->valid = 0; */
-     }
- 
-@@ -8004,6 +8036,7 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
-                          name, NULL);
-            ctxt->valid = 0;
-        }
-+       xmlParserEntityCheck(ctxt, 0, NULL, 0);
-     } else {
-        /*
-         * Internal checking in case the entity quest barfed
-@@ -8243,6 +8276,7 @@ xmlParseStringPEReference(xmlParserCtxtPtr ctxt, const xmlChar **str) {
-                          name, NULL);
-            ctxt->valid = 0;
-        }
-+       xmlParserEntityCheck(ctxt, 0, NULL, 0);
-     } else {
-        /*
-         * Internal checking in case the entity quest barfed
-- 
-cgit v0.10.1
author	Robert Yang <liezhi.yang@windriver.com>	2015-04-27 20:43:23 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-04-30 23:04:13 +0100
commit	7e23d9de653134fdf59d214cd2dfb5138f854cbf (patch)
tree	c5c436de4347071e56d9f55a9cec37b2ad2d9523
parent	2e31add77165ce62977e1331069f0efe5cafb2c8 (diff)
download	poky-7e23d9de653134fdf59d214cd2dfb5138f854cbf.tar.gz

diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2014-3660.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2014-3660.patch deleted file mode 100644 index b9621c93eb..0000000000 --- a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2014-3660.patch +++ /dev/null
@@ -1,147 +0,0 @@
1	From be2a7edaf289c5da74a4f9ed3a0b6c733e775230 Mon Sep 17 00:00:00 2001
2	From: Daniel Veillard <veillard@redhat.com>
3	Date: Thu, 16 Oct 2014 13:59:47 +0800
4	Subject: Fix for CVE-2014-3660
5
6	Issues related to the billion laugh entity expansion which happened to
7	escape the initial set of fixes
8
9	Upstream-status: Backport
10	Reference: https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230&context=3&ignorews=0&ss=0
11
12	Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
13
14	diff --git a/parser.c b/parser.c
15	index f51e8d2..1d93967 100644
16	--- a/parser.c
17	+++ b/parser.c
18	@@ -130,6 +130,29 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
19	return (0);
20	if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP)
21	return (1);
22	+
23	+ /*
24	+ * This may look absurd but is needed to detect
25	+ * entities problems
26	+ */
27	+ if ((ent != NULL) && (ent->etype != XML_INTERNAL_PREDEFINED_ENTITY) &&
28	+ (ent->content != NULL) && (ent->checked == 0)) {
29	+ unsigned long oldnbent = ctxt->nbentities;
30	+ xmlChar *rep;
31	+
32	+ ent->checked = 1;
33	+
34	+ rep = xmlStringDecodeEntities(ctxt, ent->content,
35	+ XML_SUBSTITUTE_REF, 0, 0, 0);
36	+
37	+ ent->checked = (ctxt->nbentities - oldnbent + 1) * 2;
38	+ if (rep != NULL) {
39	+ if (xmlStrchr(rep, '<'))
40	+ ent->checked \|= 1;
41	+ xmlFree(rep);
42	+ rep = NULL;
43	+ }
44	+ }
45	if (replacement != 0) {
46	if (replacement < XML_MAX_TEXT_LENGTH)
47	return(0);
48	@@ -189,9 +212,12 @@ xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
49	return (0);
50	} else {
51	/*
52	- * strange we got no data for checking just return
53	+ * strange we got no data for checking
54	*/
55	- return (0);
56	+ if (((ctxt->lastError.code != XML_ERR_UNDECLARED_ENTITY) &&
57	+ (ctxt->lastError.code != XML_WAR_UNDECLARED_ENTITY)) \|\|
58	+ (ctxt->nbentities <= 10000))
59	+ return (0);
60	}
61	xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
62	return (1);
63	@@ -2589,6 +2615,7 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
64	name, NULL);
65	ctxt->valid = 0;
66	}
67	+ xmlParserEntityCheck(ctxt, 0, NULL, 0);
68	} else if (ctxt->input->free != deallocblankswrapper) {
69	input = xmlNewBlanksWrapperInputStream(ctxt, entity);
70	if (xmlPushInput(ctxt, input) < 0)
71	@@ -2759,6 +2786,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
72	if ((ctxt->lastError.code == XML_ERR_ENTITY_LOOP) \|\|
73	(ctxt->lastError.code == XML_ERR_INTERNAL_ERROR))
74	goto int_error;
75	+ xmlParserEntityCheck(ctxt, 0, ent, 0);
76	if (ent != NULL)
77	ctxt->nbentities += ent->checked / 2;
78	if ((ent != NULL) &&
79	@@ -2810,6 +2838,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
80	ent = xmlParseStringPEReference(ctxt, &str);
81	if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP)
82	goto int_error;
83	+ xmlParserEntityCheck(ctxt, 0, ent, 0);
84	if (ent != NULL)
85	ctxt->nbentities += ent->checked / 2;
86	if (ent != NULL) {
87	@@ -7312,6 +7341,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
88	(ret != XML_WAR_UNDECLARED_ENTITY)) {
89	xmlFatalErrMsgStr(ctxt, XML_ERR_UNDECLARED_ENTITY,
90	"Entity '%s' failed to parse\n", ent->name);
91	+ xmlParserEntityCheck(ctxt, 0, ent, 0);
92	} else if (list != NULL) {
93	xmlFreeNodeList(list);
94	list = NULL;
95	@@ -7418,7 +7448,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
96	/*
97	* We are copying here, make sure there is no abuse
98	*/
99	- ctxt->sizeentcopy += ent->length;
100	+ ctxt->sizeentcopy += ent->length + 5;
101	if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy))
102	return;
103
104	@@ -7466,7 +7496,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
105	/*
106	* We are copying here, make sure there is no abuse
107	*/
108	- ctxt->sizeentcopy += ent->length;
109	+ ctxt->sizeentcopy += ent->length + 5;
110	if (xmlParserEntityCheck(ctxt, 0, ent, ctxt->sizeentcopy))
111	return;
112
113	@@ -7652,6 +7682,7 @@ xmlParseEntityRef(xmlParserCtxtPtr ctxt) {
114	ctxt->sax->reference(ctxt->userData, name);
115	}
116	}
117	+ xmlParserEntityCheck(ctxt, 0, ent, 0);
118	ctxt->valid = 0;
119	}
120
121	@@ -7845,6 +7876,7 @@ xmlParseStringEntityRef(xmlParserCtxtPtr ctxt, const xmlChar ** str) {
122	"Entity '%s' not defined\n",
123	name);
124	}
125	+ xmlParserEntityCheck(ctxt, 0, ent, 0);
126	/* TODO ? check regressions ctxt->valid = 0; */
127	}
128
129	@@ -8004,6 +8036,7 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
130	name, NULL);
131	ctxt->valid = 0;
132	}
133	+ xmlParserEntityCheck(ctxt, 0, NULL, 0);
134	} else {
135	/*
136	* Internal checking in case the entity quest barfed
137	@@ -8243,6 +8276,7 @@ xmlParseStringPEReference(xmlParserCtxtPtr ctxt, const xmlChar **str) {
138	name, NULL);
139	ctxt->valid = 0;
140	}
141	+ xmlParserEntityCheck(ctxt, 0, NULL, 0);
142	} else {
143	/*
144	* Internal checking in case the entity quest barfed
145	--
146	cgit v0.10.1
147