svn commit: r566164 - in head/textproc/raptor2: . files
Adriaan de Groot
adridg at FreeBSD.org
Sat Feb 20 16:23:20 UTC 2021
Author: adridg
Date: Sat Feb 20 16:23:19 2021
New Revision: 566164
URL: https://svnweb.freebsd.org/changeset/ports/566164
Log:
Add fix for CVE-2020-25713 raptor2: malformed input file segfault
The sample file in the upstream bug report from the PR causes a
bus error in PORTREVISION 16, and returns an error (as I suppose
it should) now.
PR: 251102
Reported by: pi
Obtained from: upstream
Added:
head/textproc/raptor2/files/patch-CVE-2020-25713 (contents, props changed)
Modified:
head/textproc/raptor2/Makefile
Modified: head/textproc/raptor2/Makefile
==============================================================================
--- head/textproc/raptor2/Makefile Sat Feb 20 15:30:51 2021 (r566163)
+++ head/textproc/raptor2/Makefile Sat Feb 20 16:23:19 2021 (r566164)
@@ -3,7 +3,7 @@
PORTNAME= raptor2
PORTVERSION= 2.0.15
-PORTREVISION= 16
+PORTREVISION= 17
CATEGORIES= textproc
MASTER_SITES= http://download.librdf.org/source/ \
SF/librdf/${PORTNAME}/${PORTVERSION}
Added: head/textproc/raptor2/files/patch-CVE-2020-25713
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/textproc/raptor2/files/patch-CVE-2020-25713 Sat Feb 20 16:23:19 2021 (r566164)
@@ -0,0 +1,33 @@
+From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm at redhat.com>
+Date: Tue, 24 Nov 2020 10:30:20 +0000
+Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a
+ segfault
+
+due to an out of bounds array access in
+raptor_xml_writer_start_element_common
+
+See:
+https://bugs.mageia.org/show_bug.cgi?id=27605
+https://www.openwall.com/lists/oss-security/2020/11/13/1
+https://gerrit.libreoffice.org/c/core/+/106249
+---
+ src/raptor_xml_writer.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
+index 56993dc3..4426d38c 100644
+--- src/raptor_xml_writer.c
++++ src/raptor_xml_writer.c
+@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+
+ /* check it wasn't an earlier declaration too */
+ for(j = 0; j < nspace_declarations_count; j++)
+- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) {
++ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) {
+ declare_me = 0;
+ break;
+ }
+--
+2.28.0
+
More information about the svn-ports-all
mailing list