svn commit: r421031 - in head/textproc: libxml2 libxml2/files py-libxml2 py3-libxml2

Koop Mast kwm at FreeBSD.org
Sun Aug 28 19:18:21 UTC 2016 

Author: kwm
Date: Sun Aug 28 19:18:20 2016
New Revision: 421031
URL: https://svnweb.freebsd.org/changeset/ports/421031

Log:
  Update libxml2 to 2.9.4.
  
  Add license block.
  Pull extra patch to fix NULL pointer deref. [1]
  
  Changelog:	https://mail.gnome.org/archives/xml/2016-May/msg00023.html
  
  PR:		209806
  Submitted by:	pi@
  Obtained from:	upstream [1]
  MFH:		2016Q3
  Security:	e195679d-045b-4953-bb33-be0073ba2ac6

Added:
  head/textproc/libxml2/files/patch-d8083bf   (contents, props changed)
Modified:
  head/textproc/libxml2/Makefile
  head/textproc/libxml2/distinfo
  head/textproc/py-libxml2/Makefile
  head/textproc/py3-libxml2/Makefile

Modified: head/textproc/libxml2/Makefile
==============================================================================
--- head/textproc/libxml2/Makefile	Sun Aug 28 17:53:49 2016	(r421030)
+++ head/textproc/libxml2/Makefile	Sun Aug 28 19:18:20 2016	(r421031)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	libxml2
-PORTVERSION=	2.9.3
+PORTVERSION=	2.9.4
 PORTREVISION?=	0
 CATEGORIES?=	textproc gnome
 MASTER_SITES=	ftp://xmlsoft.org/libxml2/ \
@@ -13,6 +13,9 @@ DIST_SUBDIR=	gnome2
 MAINTAINER?=	gnome at FreeBSD.org
 COMMENT?=	XML parser library for GNOME
 
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/COPYING
+
 .if !defined(REFERENCE_PORT)
 
 GNU_CONFIGURE=	yes

Modified: head/textproc/libxml2/distinfo
==============================================================================
--- head/textproc/libxml2/distinfo	Sun Aug 28 17:53:49 2016	(r421030)
+++ head/textproc/libxml2/distinfo	Sun Aug 28 19:18:20 2016	(r421031)
@@ -1,2 +1,3 @@
-SHA256 (gnome2/libxml2-2.9.3.tar.gz) = 4de9e31f46b44d34871c22f54bfc54398ef124d6f7cafb1f4a5958fbcd3ba12d
-SIZE (gnome2/libxml2-2.9.3.tar.gz) = 5477112
+TIMESTAMP = 1472161994
+SHA256 (gnome2/libxml2-2.9.4.tar.gz) = ffb911191e509b966deb55de705387f14156e1a56b21824357cdf0053233633c
+SIZE (gnome2/libxml2-2.9.4.tar.gz) = 5374830

Added: head/textproc/libxml2/files/patch-d8083bf
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/textproc/libxml2/files/patch-d8083bf	Sun Aug 28 19:18:20 2016	(r421031)
@@ -0,0 +1,57 @@
+From d8083bf77955b7879c1290f0c0a24ab8cc70f7fb Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer at aevum.de>
+Date: Sat, 25 Jun 2016 12:35:50 +0200
+Subject: Fix NULL pointer deref in XPointer range-to
+
+- Check for errors after evaluating first operand.
+- Add sanity check for empty stack.
+
+Found with afl-fuzz.
+---
+ result/XPath/xptr/viderror | 4 ++++
+ test/XPath/xptr/viderror   | 1 +
+ xpath.c                    | 7 ++++++-
+ 3 files changed, 11 insertions(+), 1 deletion(-)
+ create mode 100644 result/XPath/xptr/viderror
+ create mode 100644 test/XPath/xptr/viderror
+
+diff --git a/result/XPath/xptr/viderror b/result/XPath/xptr/viderror
+new file mode 100644
+index 0000000..d589882
+--- /dev/null
++++ result/XPath/xptr/viderror
+@@ -0,0 +1,4 @@
++
++========================
++Expression: xpointer(non-existing-fn()/range-to(id('chapter2')))
++Object is empty (NULL)
+diff --git a/test/XPath/xptr/viderror b/test/XPath/xptr/viderror
+new file mode 100644
+index 0000000..da8c53b
+--- /dev/null
++++ test/XPath/xptr/viderror
+@@ -0,0 +1 @@
++xpointer(non-existing-fn()/range-to(id('chapter2')))
+diff --git a/xpath.c b/xpath.c
+index 113bce6..751665b 100644
+--- xpath.c
++++ xpath.c
+@@ -14005,9 +14005,14 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
+                 xmlNodeSetPtr oldset;
+                 int i, j;
+ 
+-                if (op->ch1 != -1)
++                if (op->ch1 != -1) {
+                     total +=
+                         xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
++                    CHECK_ERROR0;
++                }
++                if (ctxt->value == NULL) {
++                    XP_ERROR0(XPATH_INVALID_OPERAND);
++                }
+                 if (op->ch2 == -1)
+                     return (total);
+ 
+-- 
+cgit v0.12
+

Modified: head/textproc/py-libxml2/Makefile
==============================================================================
--- head/textproc/py-libxml2/Makefile	Sun Aug 28 17:53:49 2016	(r421030)
+++ head/textproc/py-libxml2/Makefile	Sun Aug 28 19:18:20 2016	(r421031)
@@ -15,7 +15,7 @@ DESCR=		${.CURDIR}/pkg-descr
 PLIST=		${.CURDIR}/pkg-plist
 
 USE_GNOME+=	libxml2
-USES+=		python:2
+USES+=		python:2 gettext-runtime
 USE_PYTHON=	autoplist distutils
 
 CPPFLAGS+=	`${PYTHON_VERSION}-config --cflags`

Modified: head/textproc/py3-libxml2/Makefile
==============================================================================
--- head/textproc/py3-libxml2/Makefile	Sun Aug 28 17:53:49 2016	(r421030)
+++ head/textproc/py3-libxml2/Makefile	Sun Aug 28 19:18:20 2016	(r421031)
@@ -15,7 +15,7 @@ DESCR=		${.CURDIR}/pkg-descr
 PLIST=		${.CURDIR}/pkg-plist
 
 USE_GNOME+=	libxml2
-USES=		python:3
+USES=		python:3 gettext-runtime
 USE_PYTHON=	autoplist distutils
 
 CPPFLAGS+=	`${PYTHON_VERSION}-config --cflags`

More information about the svn-ports-all mailing list