From d66c52c853a9533588149cc321f8945cfb7abcdc Mon Sep 17 00:00:00 2001 From: psykose Date: Tue, 15 Mar 2022 16:16:26 +0000 Subject: [PATCH] main/libxslt: upgrade to 1.1.35 --- main/libxslt/APKBUILD | 17 ++--- .../Dont-set-maxDepth-in-XPath-contexts.patch | 70 ------------------- ...top-using-maxParserDepth-XPath-limit.patch | 37 ---------- ...ransfer-XPath-limits-to-XPtr-context.patch | 42 ----------- 4 files changed, 6 insertions(+), 160 deletions(-) delete mode 100644 main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch delete mode 100644 main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch delete mode 100644 main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD index 542caa143c4..defc4a03d0c 100644 --- a/main/libxslt/APKBUILD +++ b/main/libxslt/APKBUILD @@ -1,21 +1,19 @@ # Maintainer: Natanael Copa # Contributor: Francesco Colista pkgname=libxslt -pkgver=1.1.34 -pkgrel=1 +pkgver=1.1.35 +pkgrel=0 pkgdesc="XML stylesheet transformation library" url="http://xmlsoft.org/XSLT/" arch="all" license="custom" makedepends="libxml2-dev libgcrypt-dev libgpg-error-dev" subpackages="$pkgname-dev $pkgname-doc" -source="http://xmlsoft.org/sources/libxslt-$pkgver.tar.gz - Stop-using-maxParserDepth-XPath-limit.patch - Transfer-XPath-limits-to-XPtr-context.patch - Dont-set-maxDepth-in-XPath-contexts.patch - " +source="https://download.gnome.org/sources/libxslt/${pkgver%.*}/libxslt-$pkgver.tar.xz" # secfixes: +# 1.1.35-r0: +# - CVE-2021-30560 # 1.1.34-r0: # - CVE-2019-13117 # - CVE-2019-13118 @@ -48,8 +46,5 @@ package() { install -D -m644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING } sha512sums=" -1516a11ad608b04740674060d2c5d733b88889de5e413b9a4e8bf8d1a90d712149df6d2b1345b615f529d7c7d3fa6dae12e544da828b39c7d415e54c0ee0776b libxslt-1.1.34.tar.gz -e79a19b902dc72f9b04a70dfa9a4e242dced6903f3c78ed2aa562eebc99156ca71fe7f83662bafd94d1da7fdc8e447faee13d1c5e0bcf21b6a99eddbcccea129 Stop-using-maxParserDepth-XPath-limit.patch -886c8a3b71848458d5713c998e473bfbdaed422110dd79d32eda514c9b24a404fd3a8c734b8ebc8c55d1c70eaf779c4ee6472e86f8666219b28e71dc1b894b8f Transfer-XPath-limits-to-XPtr-context.patch -c4052ad3f0ffe737f8be4606ab1f65069a4c3eee18c4f34b0c4d6c6db4757b28c063bba029e031b2075954461f1cf0a4c1ed4db098289d60a8319f4c3358feb9 Dont-set-maxDepth-in-XPath-contexts.patch +9dd4a699235f50ae9b75b25137e387471635b4b2da0a4e4380879cd49f1513470fcfbfd775269b066eac513a1ffa6860c77ec42747168e2348248f09f60c8c96 libxslt-1.1.35.tar.xz " diff --git a/main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch b/main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch deleted file mode 100644 index 6b9dab8a85e..00000000000 --- a/main/libxslt/Dont-set-maxDepth-in-XPath-contexts.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 77c26bad0433541f486b1e7ced44ca9979376908 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Wed, 26 Aug 2020 00:34:38 +0200 -Subject: [PATCH] Don't set maxDepth in XPath contexts - -The maximum recursion depth is hardcoded in libxml2 now. ---- - libxslt/functions.c | 2 +- - tests/fuzz/fuzz.c | 11 ++--------- - 2 files changed, 3 insertions(+), 10 deletions(-) - -diff --git a/libxslt/functions.c b/libxslt/functions.c -index 975ea790..7887dda7 100644 ---- a/libxslt/functions.c -+++ b/libxslt/functions.c -@@ -182,7 +182,7 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) - defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) - xptrctxt->opLimit = ctxt->context->opLimit; - xptrctxt->opCount = ctxt->context->opCount; -- xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; -+ xptrctxt->depth = ctxt->context->depth; - - resObj = xmlXPtrEval(fragment, xptrctxt); - -diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c -index 75234ad6..780c2d41 100644 ---- a/tests/fuzz/fuzz.c -+++ b/tests/fuzz/fuzz.c -@@ -183,7 +183,6 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, - xpctxt = tctxt->xpathCtxt; - - /* Resource limits to avoid timeouts and call stack overflows */ -- xpctxt->maxDepth = 500; - xpctxt->opLimit = 500000; - - /* Test namespaces used in xpath.xml */ -@@ -314,12 +313,6 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, - return 0; - } - --static void --xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { -- ctxt->maxDepth = 200; -- ctxt->opLimit = 100000; --} -- - xmlChar * - xsltFuzzXslt(const char *data, size_t size) { - xmlDocPtr xsltDoc; -@@ -349,7 +342,7 @@ xsltFuzzXslt(const char *data, size_t size) { - xmlFreeDoc(xsltDoc); - return NULL; - } -- xsltSetXPathResourceLimits(sheet->xpathCtxt); -+ sheet->xpathCtxt->opLimit = 100000; - sheet->xpathCtxt->opCount = 0; - if (xsltParseStylesheetUser(sheet, xsltDoc) != 0) { - xsltFreeStylesheet(sheet); -@@ -361,7 +354,7 @@ xsltFuzzXslt(const char *data, size_t size) { - xsltSetCtxtSecurityPrefs(sec, ctxt); - ctxt->maxTemplateDepth = 100; - ctxt->opLimit = 20000; -- xsltSetXPathResourceLimits(ctxt->xpathCtxt); -+ ctxt->xpathCtxt->opLimit = 100000; - ctxt->xpathCtxt->opCount = sheet->xpathCtxt->opCount; - - result = xsltApplyStylesheetUser(sheet, doc, NULL, NULL, NULL, ctxt); --- -GitLab - diff --git a/main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch b/main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch deleted file mode 100644 index ee9c2aad6bc..00000000000 --- a/main/libxslt/Stop-using-maxParserDepth-XPath-limit.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 9ae2f94df1721e002941b40665efb762aefcea1a Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Mon, 17 Aug 2020 03:42:11 +0200 -Subject: [PATCH] Stop using maxParserDepth XPath limit - -This will be removed again from libxml2. ---- - tests/fuzz/fuzz.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/tests/fuzz/fuzz.c b/tests/fuzz/fuzz.c -index f502ca2c..75234ad6 100644 ---- a/tests/fuzz/fuzz.c -+++ b/tests/fuzz/fuzz.c -@@ -183,8 +183,7 @@ xsltFuzzXPathInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, - xpctxt = tctxt->xpathCtxt; - - /* Resource limits to avoid timeouts and call stack overflows */ -- xpctxt->maxParserDepth = 15; -- xpctxt->maxDepth = 100; -+ xpctxt->maxDepth = 500; - xpctxt->opLimit = 500000; - - /* Test namespaces used in xpath.xml */ -@@ -317,8 +316,7 @@ xsltFuzzXsltInit(int *argc_p ATTRIBUTE_UNUSED, char ***argv_p, - - static void - xsltSetXPathResourceLimits(xmlXPathContextPtr ctxt) { -- ctxt->maxParserDepth = 15; -- ctxt->maxDepth = 100; -+ ctxt->maxDepth = 200; - ctxt->opLimit = 100000; - } - --- -GitLab - diff --git a/main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch b/main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch deleted file mode 100644 index e943e790459..00000000000 --- a/main/libxslt/Transfer-XPath-limits-to-XPtr-context.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 824657768aea2cce9c23e72ba8085cb5e44350c7 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer -Date: Mon, 17 Aug 2020 04:27:13 +0200 -Subject: [PATCH] Transfer XPath limits to XPtr context - -Expressions like document('doc.xml#xpointer(evil_expr)') ignored the -XPath limits. ---- - libxslt/functions.c | 14 +++++++++++++- - 1 file changed, 13 insertions(+), 1 deletion(-) - -diff --git a/libxslt/functions.c b/libxslt/functions.c -index b350545a..975ea790 100644 ---- a/libxslt/functions.c -+++ b/libxslt/functions.c -@@ -178,10 +178,22 @@ xsltDocumentFunctionLoadDocument(xmlXPathParserContextPtr ctxt, xmlChar* URI) - goto out_fragment; - } - -+#if LIBXML_VERSION >= 20911 || \ -+ defined(FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION) -+ xptrctxt->opLimit = ctxt->context->opLimit; -+ xptrctxt->opCount = ctxt->context->opCount; -+ xptrctxt->maxDepth = ctxt->context->maxDepth - ctxt->context->depth; -+ -+ resObj = xmlXPtrEval(fragment, xptrctxt); -+ -+ ctxt->context->opCount = xptrctxt->opCount; -+#else - resObj = xmlXPtrEval(fragment, xptrctxt); -- xmlXPathFreeContext(xptrctxt); - #endif - -+ xmlXPathFreeContext(xptrctxt); -+#endif /* LIBXML_XPTR_ENABLED */ -+ - if (resObj == NULL) - goto out_fragment; - --- -GitLab -