diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/ChangeLog b/sdk_container/src/third_party/portage-stable/dev-libs/expat/ChangeLog index 69d9ab96f7..1b3c9a15c7 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/expat/ChangeLog +++ b/sdk_container/src/third_party/portage-stable/dev-libs/expat/ChangeLog @@ -1,6 +1,68 @@ # ChangeLog for dev-libs/expat -# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/ChangeLog,v 1.164 2014/04/28 17:27:28 mgorny Exp $ +# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/ChangeLog,v 1.183 2015/08/06 04:54:29 maekke Exp $ + + 06 Aug 2015; Markus Meier expat-2.1.0-r5.ebuild: + arm stable, bug #555642 + + 05 Aug 2015; Jeroen Roovers expat-2.1.0-r5.ebuild: + Stable for HPPA PPC64 (bug #555642). + + 04 Aug 2015; Mike Frysinger expat-2.1.0-r5.ebuild: + Mark arm64/m68k/s390/sh stable. + + 30 Jul 2015; Mikle Kolyada expat-2.1.0-r5.ebuild: + ia64 stable wrt bug #555642 + + 30 Jul 2015; Agostino Sarubbo expat-2.1.0-r5.ebuild: + Stable for sparc, wrt bug #555642 + + 30 Jul 2015; Tobias Klausmann expat-2.1.0-r5.ebuild: + Stable on alpha, bug 555642 + + 30 Jul 2015; Agostino Sarubbo expat-2.1.0-r5.ebuild: + Stable for x86, wrt bug #555642 + + 30 Jul 2015; Agostino Sarubbo expat-2.1.0-r5.ebuild: + Stable for amd64, wrt bug #555642 + +*expat-2.1.0-r5 (30 Jul 2015) + + 30 Jul 2015; Alexandre Rostovtsev + -expat-2.1.0-r2.ebuild, -expat-2.1.0-r3.ebuild, expat-2.1.0-r4.ebuild, + +expat-2.1.0-r5.ebuild, +files/expat-2.1.0-mozilla-sanity-check-size.patch: + Fix buffer overflow (bug #555642, CVE-2015-1283, thanks to Agostino Sarubbo + and Paweł Hajdan, Jr.). Improve description. Clean out old ebuilds. + + 09 Jun 2015; Justin Lecher metadata.xml: + Updating remote-id in metadata.xml + + 27 May 2015; Mikle Kolyada expat-2.1.0-r4.ebuild: + arm stable wrt bug #545846 + + 30 Apr 2015; Jeroen Roovers expat-2.1.0-r4.ebuild: + Stable for PPC64 (bug #545846). + + 26 Apr 2015; Mikle Kolyada expat-2.1.0-r4.ebuild: + sparc stable wrt bug #545846 + + 21 Apr 2015; Pacho Ramos expat-2.1.0-r4.ebuild: + ppc stable wrt bug #545846 + + 19 Apr 2015; Agostino Sarubbo expat-2.1.0-r4.ebuild: + Stable for x86, wrt bug #545846 + + 14 Apr 2015; Agostino Sarubbo expat-2.1.0-r4.ebuild: + Stable for ia64, wrt bug #545846 + + 13 Apr 2015; Agostino Sarubbo expat-2.1.0-r4.ebuild: + Stable for alpha, wrt bug #545846 + + 08 Apr 2015; Jeroen Roovers expat-2.1.0-r4.ebuild: + Stable for HPPA (bug #545846). + + 08 Apr 2015; Agostino Sarubbo expat-2.1.0-r4.ebuild: + Stable for amd64, wrt bug #545846 28 Apr 2014; Michał Górny expat-2.1.0-r3.ebuild, expat-2.1.0-r4.ebuild: diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/Manifest b/sdk_container/src/third_party/portage-stable/dev-libs/expat/Manifest index 02055c4f74..ca914761e5 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/expat/Manifest +++ b/sdk_container/src/third_party/portage-stable/dev-libs/expat/Manifest @@ -1,29 +1,6 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA256 - +AUX expat-2.1.0-mozilla-sanity-check-size.patch 2414 SHA256 513aee4359a79efb7eb0c55768aff55dd4688d4468d2f95e8b1c4efb495c8547 SHA512 70d2504d4b280b5e5efaaf23e51c17a427573a1844d89a45e4b47fa778015e5c41b6187865bdab1003e06fbf1d98badae724887d9dadcbc59e47d6420f874117 WHIRLPOOL a46662fea2bb90dae1a8ebb51e8627014a09ee822226aba434fcdafaa353585dee80e17468d93e636a67bbf8a445c570bd10f0ae3b79b11d604b87a29b771952 AUX expat-2.1.0-xmlwfargs.patch 478 SHA256 738a06abaafebb301a98992d686b9a55699f6dcac09663071a4e1cac283b2834 SHA512 db7e75a6d1b43f20352223ccc3703683426ce10d67e68dce4ac5faeba8bbe42270281796a9db495e98d53f6d2c7ead8bfb3e2e2668cf5dfa0bc9c1acb0170e26 WHIRLPOOL 85df93895e392c44bb5cd648aa017b2b95adddd5ec765023a7a82223c1c55b677ec3199960afb027d67372c7acc605068d089d49488225bb39aaaea6b7e3c4f9 DIST expat-2.1.0.tar.gz 562616 SHA256 823705472f816df21c8f6aa026dd162b280806838bb55b3432b0fb1fcca7eb86 SHA512 2a9ad2b44b87b84087979fe4114d661838df3b03dbdcb74d590cb74096bf35ce9d5a86617b0941a2655ea441a94537bcbcd78252da92342238823be36de2d09d WHIRLPOOL 147eb383fdb79116e2215982e9741939f80249a0bb690e93b00218fa335d483d88f82d9256632b458b13592252aeb100ec4ef830c72bb8eb5df7675cd15f41e1 -EBUILD expat-2.1.0-r2.ebuild 2322 SHA256 cf8865566582aabced12c76802dab72396ab1192a7bbba288c072d5afcd80259 SHA512 14cdcfd29d89db43d28e258f8048888f7cbe2cdf37a219421dee7d28f331a79815c78591d3635b2d7e169a9762c7b51a7c0db044b291f2cbee198e4831cb24fd WHIRLPOOL a6e8ecdd76d01121ac3545e5e8dc1a0a82aac89bdda77ccbe2d94f8188c59e9244f76f4c966240bfd4fbaf82e102e6ac59eb10681580a28fa4629754c1b270ca -EBUILD expat-2.1.0-r3.ebuild 2430 SHA256 6f92becbd91ef00a07f30bc6146f7ee3ee54196a88e7ca8c25a5e7bbf9a79d8a SHA512 0e474abdcc85f12f9ead86becb04c1f9567b5bca96afdfa45796ecc8c6a4e8ef2414284acc4620db3c633d0b6efc6f3c1306bbd04f0262a44e282d7ce26f8b16 WHIRLPOOL b5e8b91b3c20f747d1d89208a1b31a829b179f29075a6332dc73043b46eecc37fc3f7a8b59a14c0d39f309f599a7c7efe3d4eb4d5625d7a061968ab11b90962e -EBUILD expat-2.1.0-r4.ebuild 2485 SHA256 2328e8c11fbe9ddebbd20d90a95476f4d47476d8f9fb720a103e80c2aed22ffe SHA512 e7bd6b789b0d335901b72c35a0254753582aba3876154ba22f390f09f0cfa83b46e2a0ae7101fdb1648d651fe222d28bd22bab541ef1fe0ceca5cf6256805d47 WHIRLPOOL 61d8f7d86d45ad3137bff5e2ae7bf3304e4dc71868bc54152a418c965e6ea3a6273ac69f1317e286dfbb8d22599cc66972d43111a7dfa8f2baa9f6183739a97b -MISC ChangeLog 21554 SHA256 77867351565710ab8ebdabcd34a2523703400b003a9fd7f5ddd791c4c659f86a SHA512 b89b9631a5e0d99c77557999553c8cb4462921aa6be7cef9178256d64906078caa02015eae71df864f039684d16e7a30b162d94cb2a93e78af3a32c7dc5c8392 WHIRLPOOL fb6d751c8a657d5aa4fce4fc5e1f6763053ea769359b31b3d28125722b4693954ea7c4ae2d8051ece74a0f711098b95a29dc4265fd9ca62a0a09ddbc29b0a876 -MISC metadata.xml 253 SHA256 100ff5eae8571b7fa427f25400fba2ba79683860ec39467180bc8c9a7c73420f SHA512 549874f0fc26095c2d80c34bd0cae74b75ffdd4a9c19c52931047857f51f7461e7b51495cbb7575a19537ddfb4d2762c1fa4b36cafe47ca8057a6bbf6e6778e5 WHIRLPOOL 7c080dd571730c2c8aea4a19fcddc9f6fb947a8b2534d44bff5aa02d85a9ca1e24de2444ed42f326f13de4b082845e68aec41397c0424ca15b6020c0f5ae704f ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.22 (GNU/Linux) - -iQJ8BAEBCABmBQJTXo+CXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w -ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2REJCMDdDQzRGMERBRDA2RUEwQUZFNDFC -MDdBMUFFQUVGQjQ0NjRFAAoJELB6GurvtEZOa1IQALH7B4U63vja60CzMctYhEpP -Oytf8aYZcxQ0iMzBMGDmLUUCx6xVh4cJykqToL2o5r9Y0GFCQ6ezhResX6hDrXmv -/a75QxTnwK0E6xxf0842sslT1SKrhmHQZOUmK7TN3Cel/oosEUyVrMww5phRkVv3 -vURBUe1SHZ/ETsvmY+rD3tYJ5sor1WICxwZ6J+m9f9EK2XaYtySwXXJkUvBd4GIM -chGKrHeGtA+8xJ+18wu36tU8/3vf8j941gj61dU1Fj1dBecJFriYBa0ITUxGJeYD -fD6ou+KILpXA0haoBtlJiqP0+bpr4cP88RWMf9xW4foA+9xwWIJIznX3NQEBetS0 -PjTE7KAnQUnRub2KX8z/CPSUN5BkLGutmq/LqxuR+cZ7PFbMNh6ri1Wr0t4Dr8uo -JUREdlRlcui+3gSahNzgpbwMGmWY0qdMPWjdMuS0OD330m8azuPqj9UB652GkRYy -7Bp2bdYWG1e+QstOKQueegGoJt9YRtm5AZvrPaMnZxYrJNk5WC7mw95BcstzmSpZ -pYl9b+TFPDrSkroILdjK4dWwpfnuQdVJ3vZQftkc2y7xweShlfp63avqFNR0qrDK -t0ZUicUPi9irYmIx5ln80busKCsWUTAjdCtTJMzhpZUtWTIeutjI9f8nIVqPG9FJ -UGN+2hkDao24SyTdD6Ck -=0GoQ ------END PGP SIGNATURE----- +EBUILD expat-2.1.0-r5.ebuild 2448 SHA256 87dfd41ad4736c5d71bc58b5e2a36b339f667279c05bdc845de579c817ab2fb0 SHA512 82332ba2cd96ab079f92483f991f7d9b3ea1839e6925f4f73adedbd3680c53f9c91dd469ce6e1f2ef2ad8d79d03569badc39e8b5597db19aaddc3643712060d5 WHIRLPOOL c176f76e808cb126fa1211f3a4d15f5813f6bc1bd054dbc9e6b3b27ce029c9890c5f25e77752d13133545283f65ff19abaa80b82d39f68d4eda993492cbc27ff +MISC ChangeLog 23846 SHA256 b3def05f3722d69bced3909610d042a4014f2ea76ec73e754b8d0d47911fe595 SHA512 a7ec156a1bba3a2dd68c3b27838ce67f1a6dbeb1b928d788f18c23d169af0129a68c1e42cac4aeeef323a0e12869e6fd9209f96c1865e2624d84a06af4f0455c WHIRLPOOL 31fec33870b640ab06e9c8556c3fed405f29c3a6907319e18665a9f7ac751fdc4c980f23192a86da602bba39ac9a83a696e500fd36d301c712c0d49fa02d4018 +MISC metadata.xml 298 SHA256 b6300ca6cc8447e5cc36d14b457505aa72b00814fb6bd91160260681617f2a04 SHA512 0efce4d93b77269e6a45a0add3cac689a1b5e35b81627c1ace0e4559a497644e15e7416ad58d337fcf6b6329c40c32ad9fe2ec30a33f0ca527fd9a2204b1e1d0 WHIRLPOOL cd8ed71233d8e9a4720b9ec81e388c1a7bd9a9ec461443ea15137c74832e4ab5ebadcf69387b1e15854d005499a393bb502f27a20da16fb1a08831557b32cc7d diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r2.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r2.ebuild deleted file mode 100644 index d78890b843..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r2.ebuild +++ /dev/null @@ -1,92 +0,0 @@ -# Copyright 1999-2013 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/expat-2.1.0-r2.ebuild,v 1.8 2013/03/09 12:33:55 ssuominen Exp $ - -EAPI=4 -inherit eutils libtool multilib toolchain-funcs - -DESCRIPTION="XML parsing libraries" -HOMEPAGE="http://expat.sourceforge.net/" -SRC_URI="mirror://sourceforge/expat/${P}.tar.gz" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="elibc_FreeBSD examples static-libs unicode" - -src_prepare() { - elibtoolize - - mkdir "${S}"-build{,u,w} || die -} - -src_configure() { - local myconf="$(use_enable static-libs static)" - - pushd "${S}"-build >/dev/null - ECONF_SOURCE="${S}" econf ${myconf} - popd >/dev/null - - if use unicode; then - pushd "${S}"-buildu >/dev/null - CPPFLAGS="${CPPFLAGS} -DXML_UNICODE" ECONF_SOURCE="${S}" econf ${myconf} - popd >/dev/null - - pushd "${S}"-buildw >/dev/null - CPPFLAGS="${CPPFLAGS} -DXML_UNICODE_WCHAR_T" ECONF_SOURCE="${S}" econf ${myconf} - popd >/dev/null - fi -} - -src_compile() { - pushd "${S}"-build >/dev/null - emake - popd >/dev/null - - if use unicode; then - pushd "${S}"-buildu >/dev/null - emake buildlib LIBRARY=libexpatu.la - popd >/dev/null - - pushd "${S}"-buildw >/dev/null - emake buildlib LIBRARY=libexpatw.la - popd >/dev/null - fi -} - -src_install() { - dodoc Changes README - dohtml doc/* - - if use examples; then - insinto /usr/share/doc/${PF}/examples - doins examples/*.c - fi - - pushd "${S}"-build >/dev/null - emake install DESTDIR="${D}" - popd >/dev/null - - if use unicode; then - pushd "${S}"-buildu >/dev/null - emake installlib DESTDIR="${D}" LIBRARY=libexpatu.la - popd >/dev/null - - pushd "${S}"-buildw >/dev/null - emake installlib DESTDIR="${D}" LIBRARY=libexpatw.la - popd >/dev/null - - pushd "${ED}"/usr/$(get_libdir)/pkgconfig >/dev/null - cp expat.pc expatu.pc - sed -i -e '/^Libs/s:-lexpat:&u:' expatu.pc || die - cp expat.pc expatw.pc - sed -i -e '/^Libs/s:-lexpat:&w:' expatw.pc || die - popd >/dev/null - fi - - rm -f "${ED}"usr/lib*/libexpat{,u,w}.la - - # libgeom in /lib and ifconfig in /sbin require libexpat on FreeBSD since - # we stripped the libbsdxml copy starting from freebsd-lib-8.2-r1 - use elibc_FreeBSD && gen_usr_ldscript -a expat -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r4.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r4.ebuild deleted file mode 100644 index ba39404236..0000000000 --- a/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r4.ebuild +++ /dev/null @@ -1,93 +0,0 @@ -# Copyright 1999-2014 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/expat-2.1.0-r4.ebuild,v 1.2 2014/04/28 17:27:28 mgorny Exp $ - -EAPI=5 -inherit eutils libtool multilib toolchain-funcs multilib-minimal - -DESCRIPTION="XML parsing libraries" -HOMEPAGE="http://expat.sourceforge.net/" -SRC_URI="mirror://sourceforge/expat/${P}.tar.gz" - -LICENSE="MIT" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux" -IUSE="elibc_FreeBSD examples static-libs unicode" -RDEPEND="abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6 - !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )" - -src_prepare() { - epatch "${FILESDIR}"/${P}-xmlwfargs.patch - elibtoolize -} - -multilib_src_configure() { - local myconf="$(use_enable static-libs static)" - - mkdir -p "${BUILD_DIR}"{u,w} || die - - ECONF_SOURCE="${S}" econf ${myconf} - - if use unicode; then - pushd "${BUILD_DIR}"u >/dev/null - CPPFLAGS="${CPPFLAGS} -DXML_UNICODE" ECONF_SOURCE="${S}" econf ${myconf} - popd >/dev/null - - pushd "${BUILD_DIR}"w >/dev/null - CPPFLAGS="${CPPFLAGS} -DXML_UNICODE_WCHAR_T" ECONF_SOURCE="${S}" econf ${myconf} - popd >/dev/null - fi -} - -multilib_src_compile() { - emake - - if use unicode; then - pushd "${BUILD_DIR}"u >/dev/null - emake buildlib LIBRARY=libexpatu.la - popd >/dev/null - - pushd "${BUILD_DIR}"w >/dev/null - emake buildlib LIBRARY=libexpatw.la - popd >/dev/null - fi -} - -multilib_src_install() { - emake install DESTDIR="${D}" - - if use unicode; then - pushd "${BUILD_DIR}"u >/dev/null - emake installlib DESTDIR="${D}" LIBRARY=libexpatu.la - popd >/dev/null - - pushd "${BUILD_DIR}"w >/dev/null - emake installlib DESTDIR="${D}" LIBRARY=libexpatw.la - popd >/dev/null - - pushd "${ED}"/usr/$(get_libdir)/pkgconfig >/dev/null - cp expat.pc expatu.pc - sed -i -e '/^Libs/s:-lexpat:&u:' expatu.pc || die - cp expat.pc expatw.pc - sed -i -e '/^Libs/s:-lexpat:&w:' expatw.pc || die - popd >/dev/null - fi - - if multilib_is_native_abi ; then - # libgeom in /lib and ifconfig in /sbin require libexpat on FreeBSD since - # we stripped the libbsdxml copy starting from freebsd-lib-8.2-r1 - use elibc_FreeBSD && gen_usr_ldscript -a expat - fi -} - -multilib_src_install_all() { - dodoc Changes README - dohtml doc/* - - if use examples; then - insinto /usr/share/doc/${PF}/examples - doins examples/*.c - fi - - prune_libtool_files -} diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r3.ebuild b/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r5.ebuild similarity index 91% rename from sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r3.ebuild rename to sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r5.ebuild index 961cb5da35..c0aca1652f 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r3.ebuild +++ b/sdk_container/src/third_party/portage-stable/dev-libs/expat/expat-2.1.0-r5.ebuild @@ -1,11 +1,11 @@ -# Copyright 1999-2014 Gentoo Foundation +# Copyright 1999-2015 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/expat/expat-2.1.0-r3.ebuild,v 1.15 2014/04/28 17:27:28 mgorny Exp $ +# $Id$ EAPI=5 inherit eutils libtool multilib toolchain-funcs multilib-minimal -DESCRIPTION="XML parsing libraries" +DESCRIPTION="Stream-oriented XML parser library" HOMEPAGE="http://expat.sourceforge.net/" SRC_URI="mirror://sourceforge/expat/${P}.tar.gz" @@ -17,6 +17,8 @@ RDEPEND="abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )" src_prepare() { + epatch "${FILESDIR}"/${P}-xmlwfargs.patch + epatch "${FILESDIR}"/${P}-mozilla-sanity-check-size.patch #555642 elibtoolize } diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/files/expat-2.1.0-mozilla-sanity-check-size.patch b/sdk_container/src/third_party/portage-stable/dev-libs/expat/files/expat-2.1.0-mozilla-sanity-check-size.patch new file mode 100644 index 0000000000..366bd4f32b --- /dev/null +++ b/sdk_container/src/third_party/portage-stable/dev-libs/expat/files/expat-2.1.0-mozilla-sanity-check-size.patch @@ -0,0 +1,81 @@ + +# HG changeset patch +# User Eric Rahm +# Date 1428706223 25200 +# Node ID 438d9e2a991ab82381a1a1442a470b2565c80c13 +# Parent 1c0861d7a6457f461cccccb2e0895a9f9d34c8d4 +Bug 1140537 - Sanity check size calculations. r=peterv + +diff --git a/parser/expat/lib/xmlparse.c b/parser/expat/lib/xmlparse.c +--- a/parser/expat/lib/xmlparse.c ++++ b/parser/expat/lib/xmlparse.c +@@ -1648,29 +1648,40 @@ XML_ParseBuffer(XML_Parser parser, int l + XmlUpdatePosition(encoding, positionPtr, bufferPtr, &position); + positionPtr = bufferPtr; + return result; + } + + void * XMLCALL + XML_GetBuffer(XML_Parser parser, int len) + { ++/* BEGIN MOZILLA CHANGE (sanity check len) */ ++ if (len < 0) { ++ errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } ++/* END MOZILLA CHANGE */ + switch (ps_parsing) { + case XML_SUSPENDED: + errorCode = XML_ERROR_SUSPENDED; + return NULL; + case XML_FINISHED: + errorCode = XML_ERROR_FINISHED; + return NULL; + default: ; + } + + if (len > bufferLim - bufferEnd) { +- /* FIXME avoid integer overflow */ + int neededSize = len + (int)(bufferEnd - bufferPtr); ++/* BEGIN MOZILLA CHANGE (sanity check neededSize) */ ++ if (neededSize < 0) { ++ errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } ++/* END MOZILLA CHANGE */ + #ifdef XML_CONTEXT_BYTES + int keep = (int)(bufferPtr - buffer); + + if (keep > XML_CONTEXT_BYTES) + keep = XML_CONTEXT_BYTES; + neededSize += keep; + #endif /* defined XML_CONTEXT_BYTES */ + if (neededSize <= bufferLim - buffer) { +@@ -1689,17 +1700,25 @@ XML_GetBuffer(XML_Parser parser, int len + } + else { + char *newBuf; + int bufferSize = (int)(bufferLim - bufferPtr); + if (bufferSize == 0) + bufferSize = INIT_BUFFER_SIZE; + do { + bufferSize *= 2; +- } while (bufferSize < neededSize); ++/* BEGIN MOZILLA CHANGE (prevent infinite loop on overflow) */ ++ } while (bufferSize < neededSize && bufferSize > 0); ++/* END MOZILLA CHANGE */ ++/* BEGIN MOZILLA CHANGE (sanity check bufferSize) */ ++ if (bufferSize <= 0) { ++ errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } ++/* END MOZILLA CHANGE */ + newBuf = (char *)MALLOC(bufferSize); + if (newBuf == 0) { + errorCode = XML_ERROR_NO_MEMORY; + return NULL; + } + bufferLim = newBuf + bufferSize; + #ifdef XML_CONTEXT_BYTES + if (bufferPtr) { + diff --git a/sdk_container/src/third_party/portage-stable/dev-libs/expat/metadata.xml b/sdk_container/src/third_party/portage-stable/dev-libs/expat/metadata.xml index cc621ddc28..38f9001688 100644 --- a/sdk_container/src/third_party/portage-stable/dev-libs/expat/metadata.xml +++ b/sdk_container/src/third_party/portage-stable/dev-libs/expat/metadata.xml @@ -1,8 +1,9 @@ - freedesktop - - cpe:/a:libexpat:expat - + freedesktop + + cpe:/a:libexpat:expat + expat + diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r2 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r2 deleted file mode 100644 index 58d1a0d495..0000000000 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r2 +++ /dev/null @@ -1,11 +0,0 @@ -DEFINED_PHASES=compile configure install prepare -DESCRIPTION=XML parsing libraries -EAPI=4 -HOMEPAGE=http://expat.sourceforge.net/ -IUSE=elibc_FreeBSD examples static-libs unicode -KEYWORDS=alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux -LICENSE=MIT -SLOT=0 -SRC_URI=mirror://sourceforge/expat/expat-2.1.0.tar.gz -_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de libtool 52d0e17251d04645ffaa61bfdd858944 multilib 62927b3db3a589b0806255f3a002d5d3 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=f5a0ccbbf58c441ad2dc6e587864601e diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r4 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r4 deleted file mode 100644 index 88cda4aabf..0000000000 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r4 +++ /dev/null @@ -1,12 +0,0 @@ -DEFINED_PHASES=compile configure install prepare test -DESCRIPTION=XML parsing libraries -EAPI=5 -HOMEPAGE=http://expat.sourceforge.net/ -IUSE=elibc_FreeBSD examples static-libs unicode abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 -KEYWORDS=~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux -LICENSE=MIT -RDEPEND=abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6 !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] ) -SLOT=0 -SRC_URI=mirror://sourceforge/expat/expat-2.1.0.tar.gz -_eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de libtool 52d0e17251d04645ffaa61bfdd858944 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=b6add3ab95d0c07175a2bc19a9d39298 diff --git a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r3 b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r5 similarity index 91% rename from sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r3 rename to sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r5 index d21bd431c6..2ec2e6f622 100644 --- a/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r3 +++ b/sdk_container/src/third_party/portage-stable/metadata/md5-cache/dev-libs/expat-2.1.0-r5 @@ -1,5 +1,5 @@ DEFINED_PHASES=compile configure install prepare test -DESCRIPTION=XML parsing libraries +DESCRIPTION=Stream-oriented XML parser library EAPI=5 HOMEPAGE=http://expat.sourceforge.net/ IUSE=elibc_FreeBSD examples static-libs unicode abi_x86_32 abi_x86_64 abi_x86_x32 abi_mips_n32 abi_mips_n64 abi_mips_o32 abi_ppc_32 abi_ppc_64 abi_s390_32 abi_s390_64 @@ -9,4 +9,4 @@ RDEPEND=abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6 !app- SLOT=0 SRC_URI=mirror://sourceforge/expat/expat-2.1.0.tar.gz _eclasses_=eutils 9fb270e417e0e83d64ca52586c4a79de libtool 52d0e17251d04645ffaa61bfdd858944 multibuild 6d4858dc00f8bc51caf3f957f8430eb0 multilib 62927b3db3a589b0806255f3a002d5d3 multilib-build 0983c7893df461213a05f791cc7dea6d multilib-minimal 13dd976916c35a1e2c8d170e840c7018 toolchain-funcs 42408102d713fbad60ca21349865edb4 -_md5_=584fa29f1f92f59594f1466248f8d398 +_md5_=4bff5046a2be743e498901c402a6468a