From 71bd0b2b7d9a9d70ac60cabe2e86470dfb70a648 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 01 2022 11:11:39 +0000 Subject: import libxslt-1.1.34-9.el9 --- diff --git a/SOURCES/libxslt-1.1.34-test-fuzz-build.patch b/SOURCES/libxslt-1.1.34-test-fuzz-build.patch new file mode 100644 index 0000000..b2fa73f --- /dev/null +++ b/SOURCES/libxslt-1.1.34-test-fuzz-build.patch @@ -0,0 +1,151 @@ +From 9ae2f94df1721e002941b40665efb762aefcea1a Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Mon, 17 Aug 2020 03:42:11 +0200 +Subject: [PATCH 1/3] Stop using maxParserDepth XPath limit + +This will be removed again from libxml2. +--- + tests/fuzz/fuzz.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c +index f502ca2c..75234ad6 100644 +--- a/tests/fuzz/fuzz.c ++++ b/tests/fuzz/fuzz.c +@@ -183,8 +183,7 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + xpctxt = tctxt->xpathCtxt; + + /* Resource limits to avoid timeouts and call stack overflows */ +- xpctxt->maxParserDepth = 15; +- xpctxt->maxDepth = 100; ++ xpctxt->maxDepth = 500; + xpctxt->opLimit = 500000; + + /* Test namespaces used in xpath.xml */ +@@ -317,8 +316,7 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + + static void + xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { +- ctxt->maxParserDepth = 15; +- ctxt->maxDepth = 100; ++ ctxt->maxDepth = 200; + ctxt->opLimit = 100000; + } + +-- +2.34.1 + + +From 824657768aea2cce9c23e72ba8085cb5e44350c7 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Mon, 17 Aug 2020 04:27:13 +0200 +Subject: [PATCH 2/3] Transfer XPath limits to XPtr context + +Expressions like document('doc.xml#xpointer(evil_expr)') ignored the +XPath limits. +--- + libxslt/functions.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/libxslt/functions.c b/libxslt/functions.c +index b350545a..975ea790 100644 +--- a/libxslt/functions.c ++++ b/libxslt/functions.c +@@ -178,10 +178,22 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) + goto out_fragment; + } + ++#if LIBXML_VERSION >= 20911 || \ ++ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) ++ xptrctxt->opLimit = ctxt->context->opLimit; ++ xptrctxt->opCount = ctxt->context->opCount; ++ xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; ++ ++ resObj = xmlXPtrEval(fragment, xptrctxt); ++ ++ ctxt->context->opCount = xptrctxt->opCount; ++#else + resObj = xmlXPtrEval(fragment, xptrctxt); +- xmlXPathFreeContext(xptrctxt); + #endif + ++ xmlXPathFreeContext(xptrctxt); ++#endif /* LIBXML_XPTR_ENABLED */ ++ + if (resObj == NULL) + goto out_fragment; + +-- +2.34.1 + + +From 77c26bad0433541f486b1e7ced44ca9979376908 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Wed, 26 Aug 2020 00:34:38 +0200 +Subject: [PATCH 3/3] Don't set maxDepth in XPath contexts + +The maximum recursion depth is hardcoded in libxml2 now. +--- + libxslt/functions.c | 2 +- + tests/fuzz/fuzz.c | 11 ++--------- + 2 files changed, 3 insertions(+), 10 deletions(-) + +diff --git a/libxslt/functions.c b/libxslt/functions.c +index 975ea790..7887dda7 100644 +--- a/libxslt/functions.c ++++ b/libxslt/functions.c +@@ -182,7 +182,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) + defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) + xptrctxt->opLimit = ctxt->context->opLimit; + xptrctxt->opCount = ctxt->context->opCount; +- xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; ++ xptrctxt->depth = ctxt->context->depth; + + resObj = xmlXPtrEval(fragment, xptrctxt); + +diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c +index 75234ad6..780c2d41 100644 +--- a/tests/fuzz/fuzz.c ++++ b/tests/fuzz/fuzz.c +@@ -183,7 +183,6 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + xpctxt = tctxt->xpathCtxt; + + /* Resource limits to avoid timeouts and call stack overflows */ +- xpctxt->maxDepth = 500; + xpctxt->opLimit = 500000; + + /* Test namespaces used in xpath.xml */ +@@ -314,12 +313,6 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, + return 0; + } + +-static void +-xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { +- ctxt->maxDepth = 200; +- ctxt->opLimit = 100000; +-} +- + xmlChar * + xsltFuzzXslt(const char *data, size_t size) { + xmlDocPtr xsltDoc; +@@ -349,7 +342,7 @@ xsltFuzzXslt(const char *data, size_t size) { + xmlFreeDoc(xsltDoc); + return NULL; + } +- xsltSetXPathResourceLimits(sheet->xpathCtxt); ++ sheet->xpathCtxt->opLimit = 100000; + sheet->xpathCtxt->opCount = 0; + if (xsltParseStylesheetUser(sheet, xsltDoc) != 0) { + xsltFreeStylesheet(sheet); +@@ -361,7 +354,7 @@ xsltFuzzXslt(const char *data, size_t size) { + xsltSetCtxtSecurityPrefs(sec, ctxt); + ctxt->maxTemplateDepth = 100; + ctxt->opLimit = 20000; +- xsltSetXPathResourceLimits(ctxt->xpathCtxt); ++ ctxt->xpathCtxt->opLimit = 100000; + ctxt->xpathCtxt->opCount = sheet->xpathCtxt->opCount; + + result = xsltApplyStylesheetUser(sheet, doc, NULL, NULL, NULL, ctxt); +-- +2.34.1 + diff --git a/SOURCES/libxslt-1.1.34-tutorial2-dtd.patch b/SOURCES/libxslt-1.1.34-tutorial2-dtd.patch new file mode 100644 index 0000000..4a12a17 --- /dev/null +++ b/SOURCES/libxslt-1.1.34-tutorial2-dtd.patch @@ -0,0 +1,63 @@ +From 461af8b9ed05cae188b24db71949a9e7758693e7 Mon Sep 17 00:00:00 2001 +From: David King +Date: Thu, 27 Jan 2022 15:33:17 +0000 +Subject: [PATCH 1/2] Use DocBook URL for tutorial DTD + +--- + doc/tutorial2/libxslt_pipes.xml | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/doc/tutorial2/libxslt_pipes.xml b/doc/tutorial2/libxslt_pipes.xml +index 9a672a9b..2aaac95f 100644 +--- a/doc/tutorial2/libxslt_pipes.xml ++++ b/doc/tutorial2/libxslt_pipes.xml +@@ -1,6 +1,6 @@ + +- ++ + +
+ +-- +2.34.1 + + +From 634065b39285841eef7dab5bfb2a8ac71b0a5d05 Mon Sep 17 00:00:00 2001 +From: David King +Date: Fri, 28 Jan 2022 09:35:03 +0000 +Subject: [PATCH 2/2] Fix validity of tutorial XML + +Move the title element before articleinfo. + +https://tdg.docbook.org/tdg/4.5/article.html +--- + doc/tutorial2/libxslt_pipes.xml | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/doc/tutorial2/libxslt_pipes.xml b/doc/tutorial2/libxslt_pipes.xml +index 2aaac95f..f6fa0d64 100644 +--- a/doc/tutorial2/libxslt_pipes.xml ++++ b/doc/tutorial2/libxslt_pipes.xml +@@ -3,6 +3,8 @@ + "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> + +
++libxslt: An Extended Tutorial ++ + + PanosLouridas + +@@ -34,8 +36,6 @@ + + + +-libxslt: An Extended Tutorial +- + Introduction + + The Extensible Stylesheet Language Transformations (XSLT) +-- +2.34.1 + diff --git a/SPECS/libxslt.spec b/SPECS/libxslt.spec index 3a9cba4..85b5689 100644 --- a/SPECS/libxslt.spec +++ b/SPECS/libxslt.spec @@ -1,7 +1,7 @@ Name: libxslt Summary: Library providing the Gnome XSLT engine Version: 1.1.34 -Release: 7%{?dist} +Release: 9%{?dist} License: MIT URL: http://xmlsoft.org/XSLT @@ -20,6 +20,10 @@ Patch1: libxslt-1.1.26-utf8-docs.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1467435 Patch2: multilib2.patch Patch3: f165525fe744e6fe3b377b480d6cc5f9c546d360.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2047326 +Patch4: libxslt-1.1.34-tutorial2-dtd.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2047653 +Patch5: libxslt-1.1.34-test-fuzz-build.patch %description This C library allows to transform XML files into other XML files @@ -126,6 +130,13 @@ rm -vrf %{buildroot}%{_docdir} %endif %changelog +* Fri Jan 28 2022 David King - 1.1.34-9 +- Fix validity of tutorial XML (#2047326) +- Fix build of tests/fuzz (#2047653) + +* Thu Jan 27 2022 David King - 1.1.34-8 +- Fix DTD in tutorial XML (#2047326) + * Mon Aug 09 2021 Mohan Boddu - 1.1.34-7 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688