1 |
commit: c9f16c34d6906021849b9488b718b4922e6c726b |
2 |
Author: Michael Mair-Keimberger <m.mairkeimberger <AT> gmail <DOT> com> |
3 |
AuthorDate: Fri Feb 2 15:42:14 2018 +0000 |
4 |
Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Feb 11 13:30:55 2018 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c9f16c34 |
7 |
|
8 |
dev-libs/libxml2: remove unused patches |
9 |
|
10 |
Closes: https://github.com/gentoo/gentoo/pull/7025 |
11 |
|
12 |
.../files/libxml2-2.9.4-CVE-2016-9318.patch | 202 ------------- |
13 |
.../files/libxml2-2.9.4-CVE-2017-0663.patch | 43 --- |
14 |
.../files/libxml2-2.9.4-CVE-2017-5969.patch | 63 ---- |
15 |
.../files/libxml2-2.9.4-CVE-2017-7375.patch | 35 --- |
16 |
.../files/libxml2-2.9.4-CVE-2017-7376.patch | 31 -- |
17 |
.../files/libxml2-2.9.4-CVE-2017-9047-9048.patch | 116 -------- |
18 |
.../files/libxml2-2.9.4-CVE-2017-9049-9050.patch | 316 --------------------- |
19 |
.../files/libxml2-2.9.4-fix-root-node-cmp.patch | 34 --- |
20 |
.../files/libxml2-2.9.4-heap-buffer-overflow.patch | 32 --- |
21 |
.../files/libxml2-2.9.4-osd-validation.patch | 66 ----- |
22 |
10 files changed, 938 deletions(-) |
23 |
|
24 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch |
25 |
deleted file mode 100644 |
26 |
index 5d1adb014a0..00000000000 |
27 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2016-9318.patch |
28 |
+++ /dev/null |
29 |
@@ -1,202 +0,0 @@ |
30 |
-From 292be65a52ab9e0eb3a53b4e0be5a57bc6de59d3 Mon Sep 17 00:00:00 2001 |
31 |
-From: Doran Moppert <dmoppert@××××××.com> |
32 |
-Date: Fri, 7 Apr 2017 16:45:56 +0200 |
33 |
-Subject: [PATCH 6/7] Add an XML_PARSE_NOXXE flag to block all entities loading |
34 |
- even local |
35 |
- |
36 |
-For https://bugzilla.gnome.org/show_bug.cgi?id=772726 |
37 |
- |
38 |
-* include/libxml/parser.h: Add a new parser flag XML_PARSE_NOXXE |
39 |
-* elfgcchack.h, xmlIO.h, xmlIO.c: associated loading routine |
40 |
-* include/libxml/xmlerror.h: new error raised |
41 |
-* xmllint.c: adds --noxxe flag to activate the option |
42 |
---- |
43 |
- elfgcchack.h | 10 ++++++++++ |
44 |
- include/libxml/parser.h | 3 ++- |
45 |
- include/libxml/xmlIO.h | 8 ++++++++ |
46 |
- include/libxml/xmlerror.h | 1 + |
47 |
- parser.c | 4 ++++ |
48 |
- xmlIO.c | 40 +++++++++++++++++++++++++++++++++++----- |
49 |
- xmllint.c | 5 +++++ |
50 |
- 7 files changed, 65 insertions(+), 6 deletions(-) |
51 |
- |
52 |
-diff --git a/elfgcchack.h b/elfgcchack.h |
53 |
-index 8c52884a..1b81dcde 100644 |
54 |
---- a/elfgcchack.h |
55 |
-+++ b/elfgcchack.h |
56 |
-@@ -6547,6 +6547,16 @@ extern __typeof (xmlNoNetExternalEntityLoader) xmlNoNetExternalEntityLoader__int |
57 |
- #endif |
58 |
- #endif |
59 |
- |
60 |
-+#ifdef bottom_xmlIO |
61 |
-+#undef xmlNoXxeExternalEntityLoader |
62 |
-+extern __typeof (xmlNoXxeExternalEntityLoader) xmlNoXxeExternalEntityLoader __attribute((alias("xmlNoXxeExternalEntityLoader__internal_alias"))); |
63 |
-+#else |
64 |
-+#ifndef xmlNoXxeExternalEntityLoader |
65 |
-+extern __typeof (xmlNoXxeExternalEntityLoader) xmlNoXxeExternalEntityLoader__internal_alias __attribute((visibility("hidden"))); |
66 |
-+#define xmlNoXxeExternalEntityLoader xmlNoXxeExternalEntityLoader__internal_alias |
67 |
-+#endif |
68 |
-+#endif |
69 |
-+ |
70 |
- #ifdef bottom_tree |
71 |
- #undef xmlNodeAddContent |
72 |
- extern __typeof (xmlNodeAddContent) xmlNodeAddContent __attribute((alias("xmlNodeAddContent__internal_alias"))); |
73 |
-diff --git a/include/libxml/parser.h b/include/libxml/parser.h |
74 |
-index 47fbec03..63ca1b97 100644 |
75 |
---- a/include/libxml/parser.h |
76 |
-+++ b/include/libxml/parser.h |
77 |
-@@ -1111,7 +1111,8 @@ typedef enum { |
78 |
- XML_PARSE_HUGE = 1<<19,/* relax any hardcoded limit from the parser */ |
79 |
- XML_PARSE_OLDSAX = 1<<20,/* parse using SAX2 interface before 2.7.0 */ |
80 |
- XML_PARSE_IGNORE_ENC= 1<<21,/* ignore internal document encoding hint */ |
81 |
-- XML_PARSE_BIG_LINES = 1<<22 /* Store big lines numbers in text PSVI field */ |
82 |
-+ XML_PARSE_BIG_LINES = 1<<22,/* Store big lines numbers in text PSVI field */ |
83 |
-+ XML_PARSE_NOXXE = 1<<23 /* Forbid any external entity loading */ |
84 |
- } xmlParserOption; |
85 |
- |
86 |
- XMLPUBFUN void XMLCALL |
87 |
-diff --git a/include/libxml/xmlIO.h b/include/libxml/xmlIO.h |
88 |
-index 3e41744d..8d3fdef5 100644 |
89 |
---- a/include/libxml/xmlIO.h |
90 |
-+++ b/include/libxml/xmlIO.h |
91 |
-@@ -299,6 +299,14 @@ XMLPUBFUN xmlParserInputPtr XMLCALL |
92 |
- const char *ID, |
93 |
- xmlParserCtxtPtr ctxt); |
94 |
- |
95 |
-+/* |
96 |
-+ * A predefined entity loader external entity expansion |
97 |
-+ */ |
98 |
-+XMLPUBFUN xmlParserInputPtr XMLCALL |
99 |
-+ xmlNoXxeExternalEntityLoader (const char *URL, |
100 |
-+ const char *ID, |
101 |
-+ xmlParserCtxtPtr ctxt); |
102 |
-+ |
103 |
- /* |
104 |
- * xmlNormalizeWindowsPath is obsolete, don't use it. |
105 |
- * Check xmlCanonicPath in uri.h for a better alternative. |
106 |
-diff --git a/include/libxml/xmlerror.h b/include/libxml/xmlerror.h |
107 |
-index 037c16d5..3036062d 100644 |
108 |
---- a/include/libxml/xmlerror.h |
109 |
-+++ b/include/libxml/xmlerror.h |
110 |
-@@ -470,6 +470,7 @@ typedef enum { |
111 |
- XML_IO_EADDRINUSE, /* 1554 */ |
112 |
- XML_IO_EALREADY, /* 1555 */ |
113 |
- XML_IO_EAFNOSUPPORT, /* 1556 */ |
114 |
-+ XML_IO_ILLEGAL_XXE, /* 1557 */ |
115 |
- XML_XINCLUDE_RECURSION=1600, |
116 |
- XML_XINCLUDE_PARSE_VALUE, /* 1601 */ |
117 |
- XML_XINCLUDE_ENTITY_DEF_MISMATCH, /* 1602 */ |
118 |
-diff --git a/parser.c b/parser.c |
119 |
-index b832406a..8e11c127 100644 |
120 |
---- a/parser.c |
121 |
-+++ b/parser.c |
122 |
-@@ -15352,6 +15352,10 @@ xmlCtxtUseOptionsInternal(xmlParserCtxtPtr ctxt, int options, const char *encodi |
123 |
- ctxt->options |= XML_PARSE_NONET; |
124 |
- options -= XML_PARSE_NONET; |
125 |
- } |
126 |
-+ if (options & XML_PARSE_NOXXE) { |
127 |
-+ ctxt->options |= XML_PARSE_NOXXE; |
128 |
-+ options -= XML_PARSE_NOXXE; |
129 |
-+ } |
130 |
- if (options & XML_PARSE_COMPACT) { |
131 |
- ctxt->options |= XML_PARSE_COMPACT; |
132 |
- options -= XML_PARSE_COMPACT; |
133 |
-diff --git a/xmlIO.c b/xmlIO.c |
134 |
-index 6e61f45a..34881461 100644 |
135 |
---- a/xmlIO.c |
136 |
-+++ b/xmlIO.c |
137 |
-@@ -212,6 +212,7 @@ static const char *IOerr[] = { |
138 |
- "adddress in use", /* EADDRINUSE */ |
139 |
- "already in use", /* EALREADY */ |
140 |
- "unknown address familly", /* EAFNOSUPPORT */ |
141 |
-+ "Attempt to load external entity %s", /* XML_IO_ILLEGAL_XXE */ |
142 |
- }; |
143 |
- |
144 |
- #if defined(_WIN32) || defined (__DJGPP__) && !defined (__CYGWIN__) |
145 |
-@@ -4057,13 +4058,22 @@ xmlDefaultExternalEntityLoader(const char *URL, const char *ID, |
146 |
- xmlGenericError(xmlGenericErrorContext, |
147 |
- "xmlDefaultExternalEntityLoader(%s, xxx)\n", URL); |
148 |
- #endif |
149 |
-- if ((ctxt != NULL) && (ctxt->options & XML_PARSE_NONET)) { |
150 |
-+ if (ctxt != NULL) { |
151 |
- int options = ctxt->options; |
152 |
- |
153 |
-- ctxt->options -= XML_PARSE_NONET; |
154 |
-- ret = xmlNoNetExternalEntityLoader(URL, ID, ctxt); |
155 |
-- ctxt->options = options; |
156 |
-- return(ret); |
157 |
-+ if (options & XML_PARSE_NOXXE) { |
158 |
-+ ctxt->options -= XML_PARSE_NOXXE; |
159 |
-+ ret = xmlNoXxeExternalEntityLoader(URL, ID, ctxt); |
160 |
-+ ctxt->options = options; |
161 |
-+ return(ret); |
162 |
-+ } |
163 |
-+ |
164 |
-+ if (options & XML_PARSE_NONET) { |
165 |
-+ ctxt->options -= XML_PARSE_NONET; |
166 |
-+ ret = xmlNoNetExternalEntityLoader(URL, ID, ctxt); |
167 |
-+ ctxt->options = options; |
168 |
-+ return(ret); |
169 |
-+ } |
170 |
- } |
171 |
- #ifdef LIBXML_CATALOG_ENABLED |
172 |
- resource = xmlResolveResourceFromCatalog(URL, ID, ctxt); |
173 |
-@@ -4164,6 +4174,13 @@ xmlNoNetExternalEntityLoader(const char *URL, const char *ID, |
174 |
- xmlParserInputPtr input = NULL; |
175 |
- xmlChar *resource = NULL; |
176 |
- |
177 |
-+ if (ctxt == NULL) { |
178 |
-+ return(NULL); |
179 |
-+ } |
180 |
-+ if (ctxt->input_id == 1) { |
181 |
-+ return xmlDefaultExternalEntityLoader((const char *) URL, ID, ctxt); |
182 |
-+ } |
183 |
-+ |
184 |
- #ifdef LIBXML_CATALOG_ENABLED |
185 |
- resource = xmlResolveResourceFromCatalog(URL, ID, ctxt); |
186 |
- #endif |
187 |
-@@ -4186,5 +4203,18 @@ xmlNoNetExternalEntityLoader(const char *URL, const char *ID, |
188 |
- return(input); |
189 |
- } |
190 |
- |
191 |
-+xmlParserInputPtr |
192 |
-+xmlNoXxeExternalEntityLoader(const char *URL, const char *ID, |
193 |
-+ xmlParserCtxtPtr ctxt) { |
194 |
-+ if (ctxt == NULL) { |
195 |
-+ return(NULL); |
196 |
-+ } |
197 |
-+ if (ctxt->input_id == 1) { |
198 |
-+ return xmlDefaultExternalEntityLoader((const char *) URL, ID, ctxt); |
199 |
-+ } |
200 |
-+ xmlIOErr(XML_IO_ILLEGAL_XXE, (const char *) URL); |
201 |
-+ return(NULL); |
202 |
-+} |
203 |
-+ |
204 |
- #define bottom_xmlIO |
205 |
- #include "elfgcchack.h" |
206 |
-diff --git a/xmllint.c b/xmllint.c |
207 |
-index f8eb7ec4..8f304cda 100644 |
208 |
---- a/xmllint.c |
209 |
-+++ b/xmllint.c |
210 |
-@@ -3019,6 +3019,7 @@ static void usage(const char *name) { |
211 |
- printf("\t--path 'paths': provide a set of paths for resources\n"); |
212 |
- printf("\t--load-trace : print trace of all external entities loaded\n"); |
213 |
- printf("\t--nonet : refuse to fetch DTDs or entities over network\n"); |
214 |
-+ printf("\t--noxxe : forbid any external entity loading\n"); |
215 |
- printf("\t--nocompact : do not generate compact text nodes\n"); |
216 |
- printf("\t--htmlout : output results as HTML\n"); |
217 |
- printf("\t--nowrap : do not put HTML doc wrapper\n"); |
218 |
-@@ -3461,6 +3462,10 @@ main(int argc, char **argv) { |
219 |
- (!strcmp(argv[i], "--nonet"))) { |
220 |
- options |= XML_PARSE_NONET; |
221 |
- xmlSetExternalEntityLoader(xmlNoNetExternalEntityLoader); |
222 |
-+ } else if ((!strcmp(argv[i], "-noxxe")) || |
223 |
-+ (!strcmp(argv[i], "--noxxe"))) { |
224 |
-+ options |= XML_PARSE_NOXXE; |
225 |
-+ xmlSetExternalEntityLoader(xmlNoXxeExternalEntityLoader); |
226 |
- } else if ((!strcmp(argv[i], "-nocompact")) || |
227 |
- (!strcmp(argv[i], "--nocompact"))) { |
228 |
- options &= ~XML_PARSE_COMPACT; |
229 |
--- |
230 |
-2.14.1 |
231 |
- |
232 |
|
233 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch |
234 |
deleted file mode 100644 |
235 |
index 517e178a533..00000000000 |
236 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-0663.patch |
237 |
+++ /dev/null |
238 |
@@ -1,43 +0,0 @@ |
239 |
-From d815758b6a8c9dee8155268e49b5ef3b80135a14 Mon Sep 17 00:00:00 2001 |
240 |
-From: Nick Wellnhofer <wellnhofer@×××××.de> |
241 |
-Date: Tue, 6 Jun 2017 12:56:28 +0200 |
242 |
-Subject: [PATCH 1/3] Fix type confusion in xmlValidateOneNamespace |
243 |
- |
244 |
-Comment out code that casts xmlNsPtr to xmlAttrPtr. ID types on |
245 |
-namespace declarations make no practical sense anyway. |
246 |
- |
247 |
-Fixes bug 780228. |
248 |
- |
249 |
-Found with libFuzzer and ASan. |
250 |
---- |
251 |
- valid.c | 7 +++++++ |
252 |
- 1 file changed, 7 insertions(+) |
253 |
- |
254 |
-diff --git a/valid.c b/valid.c |
255 |
-index 8075d3a0..c51ea290 100644 |
256 |
---- a/valid.c |
257 |
-+++ b/valid.c |
258 |
-@@ -4627,6 +4627,12 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) { |
259 |
- } |
260 |
- } |
261 |
- |
262 |
-+ /* |
263 |
-+ * Casting ns to xmlAttrPtr is wrong. We'd need separate functions |
264 |
-+ * xmlAddID and xmlAddRef for namespace declarations, but it makes |
265 |
-+ * no practical sense to use ID types anyway. |
266 |
-+ */ |
267 |
-+#if 0 |
268 |
- /* Validity Constraint: ID uniqueness */ |
269 |
- if (attrDecl->atype == XML_ATTRIBUTE_ID) { |
270 |
- if (xmlAddID(ctxt, doc, value, (xmlAttrPtr) ns) == NULL) |
271 |
-@@ -4638,6 +4644,7 @@ xmlNodePtr elem, const xmlChar *prefix, xmlNsPtr ns, const xmlChar *value) { |
272 |
- if (xmlAddRef(ctxt, doc, value, (xmlAttrPtr) ns) == NULL) |
273 |
- ret = 0; |
274 |
- } |
275 |
-+#endif |
276 |
- |
277 |
- /* Validity Constraint: Notation Attributes */ |
278 |
- if (attrDecl->atype == XML_ATTRIBUTE_NOTATION) { |
279 |
--- |
280 |
-2.14.1 |
281 |
- |
282 |
|
283 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch |
284 |
deleted file mode 100644 |
285 |
index 4d1362f2f93..00000000000 |
286 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-5969.patch |
287 |
+++ /dev/null |
288 |
@@ -1,63 +0,0 @@ |
289 |
-From 8952ce48a5fa1d3de1f087f10e8b6e47bb59f4e3 Mon Sep 17 00:00:00 2001 |
290 |
-From: Daniel Veillard <veillard@××××××.com> |
291 |
-Date: Wed, 7 Jun 2017 16:47:36 +0200 |
292 |
-Subject: [PATCH 1/7] Fix NULL pointer deref in xmlDumpElementContent |
293 |
- |
294 |
-Can only be triggered in recovery mode. |
295 |
- |
296 |
-Fixes bug 758422 (CVE-2017-5969). |
297 |
---- |
298 |
- valid.c | 24 ++++++++++++++---------- |
299 |
- 1 file changed, 14 insertions(+), 10 deletions(-) |
300 |
- |
301 |
-diff --git a/valid.c b/valid.c |
302 |
-index 19f84b82..0a8e58ab 100644 |
303 |
---- a/valid.c |
304 |
-+++ b/valid.c |
305 |
-@@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf, xmlElementContentPtr content, int glob) |
306 |
- xmlBufferWriteCHAR(buf, content->name); |
307 |
- break; |
308 |
- case XML_ELEMENT_CONTENT_SEQ: |
309 |
-- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || |
310 |
-- (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) |
311 |
-+ if ((content->c1 != NULL) && |
312 |
-+ ((content->c1->type == XML_ELEMENT_CONTENT_OR) || |
313 |
-+ (content->c1->type == XML_ELEMENT_CONTENT_SEQ))) |
314 |
- xmlDumpElementContent(buf, content->c1, 1); |
315 |
- else |
316 |
- xmlDumpElementContent(buf, content->c1, 0); |
317 |
- xmlBufferWriteChar(buf, " , "); |
318 |
-- if ((content->c2->type == XML_ELEMENT_CONTENT_OR) || |
319 |
-- ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) && |
320 |
-- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))) |
321 |
-+ if ((content->c2 != NULL) && |
322 |
-+ ((content->c2->type == XML_ELEMENT_CONTENT_OR) || |
323 |
-+ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) && |
324 |
-+ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))) |
325 |
- xmlDumpElementContent(buf, content->c2, 1); |
326 |
- else |
327 |
- xmlDumpElementContent(buf, content->c2, 0); |
328 |
- break; |
329 |
- case XML_ELEMENT_CONTENT_OR: |
330 |
-- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || |
331 |
-- (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) |
332 |
-+ if ((content->c1 != NULL) && |
333 |
-+ ((content->c1->type == XML_ELEMENT_CONTENT_OR) || |
334 |
-+ (content->c1->type == XML_ELEMENT_CONTENT_SEQ))) |
335 |
- xmlDumpElementContent(buf, content->c1, 1); |
336 |
- else |
337 |
- xmlDumpElementContent(buf, content->c1, 0); |
338 |
- xmlBufferWriteChar(buf, " | "); |
339 |
-- if ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) || |
340 |
-- ((content->c2->type == XML_ELEMENT_CONTENT_OR) && |
341 |
-- (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))) |
342 |
-+ if ((content->c2 != NULL) && |
343 |
-+ ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) || |
344 |
-+ ((content->c2->type == XML_ELEMENT_CONTENT_OR) && |
345 |
-+ (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))) |
346 |
- xmlDumpElementContent(buf, content->c2, 1); |
347 |
- else |
348 |
- xmlDumpElementContent(buf, content->c2, 0); |
349 |
--- |
350 |
-2.14.1 |
351 |
- |
352 |
|
353 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch |
354 |
deleted file mode 100644 |
355 |
index db9d597ad73..00000000000 |
356 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7375.patch |
357 |
+++ /dev/null |
358 |
@@ -1,35 +0,0 @@ |
359 |
-From 9ea49a06b9421b6a3a9c243fb1ec23b19bd6b049 Mon Sep 17 00:00:00 2001 |
360 |
-From: Neel Mehta <nmehta@××××××.com> |
361 |
-Date: Fri, 7 Apr 2017 17:43:02 +0200 |
362 |
-Subject: [PATCH 7/7] Prevent unwanted external entity reference |
363 |
- |
364 |
-For https://bugzilla.gnome.org/show_bug.cgi?id=780691 |
365 |
- |
366 |
-* parser.c: add a specific check to avoid PE reference |
367 |
---- |
368 |
- parser.c | 9 +++++++++ |
369 |
- 1 file changed, 9 insertions(+) |
370 |
- |
371 |
-diff --git a/parser.c b/parser.c |
372 |
-index 8e11c127..e8e962bb 100644 |
373 |
---- a/parser.c |
374 |
-+++ b/parser.c |
375 |
-@@ -8125,6 +8125,15 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt) |
376 |
- if (xmlPushInput(ctxt, input) < 0) |
377 |
- return; |
378 |
- } else { |
379 |
-+ if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && |
380 |
-+ ((ctxt->options & XML_PARSE_NOENT) == 0) && |
381 |
-+ ((ctxt->options & XML_PARSE_DTDVALID) == 0) && |
382 |
-+ ((ctxt->options & XML_PARSE_DTDLOAD) == 0) && |
383 |
-+ ((ctxt->options & XML_PARSE_DTDATTR) == 0) && |
384 |
-+ (ctxt->replaceEntities == 0) && |
385 |
-+ (ctxt->validate == 0)) |
386 |
-+ return; |
387 |
-+ |
388 |
- /* |
389 |
- * TODO !!! |
390 |
- * handle the extra spaces added before and after |
391 |
--- |
392 |
-2.14.1 |
393 |
- |
394 |
|
395 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch |
396 |
deleted file mode 100644 |
397 |
index 14ec773608b..00000000000 |
398 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-7376.patch |
399 |
+++ /dev/null |
400 |
@@ -1,31 +0,0 @@ |
401 |
-From 43cd3b6222bda2332e963eb1c9ead78f29912b0a Mon Sep 17 00:00:00 2001 |
402 |
-From: Daniel Veillard <veillard@××××××.com> |
403 |
-Date: Fri, 7 Apr 2017 17:13:28 +0200 |
404 |
-Subject: [PATCH 2/3] Increase buffer space for port in HTTP redirect support |
405 |
- |
406 |
-For https://bugzilla.gnome.org/show_bug.cgi?id=780690 |
407 |
- |
408 |
-nanohttp.c: the code wrongly assumed a short int port value. |
409 |
---- |
410 |
- nanohttp.c | 4 ++-- |
411 |
- 1 file changed, 2 insertions(+), 2 deletions(-) |
412 |
- |
413 |
-diff --git a/nanohttp.c b/nanohttp.c |
414 |
-index 26e4290e..9c17530e 100644 |
415 |
---- a/nanohttp.c |
416 |
-+++ b/nanohttp.c |
417 |
-@@ -1423,9 +1423,9 @@ retry: |
418 |
- if (ctxt->port != 80) { |
419 |
- /* reserve space for ':xxxxx', incl. potential proxy */ |
420 |
- if (proxy) |
421 |
-- blen += 12; |
422 |
-+ blen += 17; |
423 |
- else |
424 |
-- blen += 6; |
425 |
-+ blen += 11; |
426 |
- } |
427 |
- bp = (char*)xmlMallocAtomic(blen); |
428 |
- if ( bp == NULL ) { |
429 |
--- |
430 |
-2.14.1 |
431 |
- |
432 |
|
433 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch |
434 |
deleted file mode 100644 |
435 |
index f7c48cd877d..00000000000 |
436 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9047-9048.patch |
437 |
+++ /dev/null |
438 |
@@ -1,116 +0,0 @@ |
439 |
-From 839b89e678b5265a0e6b0477410e64fac669d578 Mon Sep 17 00:00:00 2001 |
440 |
-From: Nick Wellnhofer <wellnhofer@×××××.de> |
441 |
-Date: Sat, 3 Jun 2017 02:01:29 +0200 |
442 |
-Subject: [PATCH 4/7] Fix buffer size checks in xmlSnprintfElementContent |
443 |
-MIME-Version: 1.0 |
444 |
-Content-Type: text/plain; charset=UTF-8 |
445 |
-Content-Transfer-Encoding: 8bit |
446 |
- |
447 |
-xmlSnprintfElementContent failed to correctly check the available |
448 |
-buffer space in two locations. |
449 |
- |
450 |
-Fixes bug 781333 (CVE-2017-9047) and bug 781701 (CVE-2017-9048). |
451 |
- |
452 |
-Thanks to Marcel Böhme and Thuan Pham for the report. |
453 |
---- |
454 |
- result/valid/781333.xml | 5 +++++ |
455 |
- result/valid/781333.xml.err | 3 +++ |
456 |
- result/valid/781333.xml.err.rdr | 6 ++++++ |
457 |
- test/valid/781333.xml | 4 ++++ |
458 |
- valid.c | 20 +++++++++++--------- |
459 |
- 5 files changed, 29 insertions(+), 9 deletions(-) |
460 |
- create mode 100644 result/valid/781333.xml |
461 |
- create mode 100644 result/valid/781333.xml.err |
462 |
- create mode 100644 result/valid/781333.xml.err.rdr |
463 |
- create mode 100644 test/valid/781333.xml |
464 |
- |
465 |
-diff --git a/result/valid/781333.xml b/result/valid/781333.xml |
466 |
-new file mode 100644 |
467 |
-index 00000000..45dc451d |
468 |
---- /dev/null |
469 |
-+++ b/result/valid/781333.xml |
470 |
-@@ -0,0 +1,5 @@ |
471 |
-+<?xml version="1.0"?> |
472 |
-+<!DOCTYPE a [ |
473 |
-+<!ELEMENT a (ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
474 |
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
475 |
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
476 |
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
477 |
pppppppppppppppppppppppppp:llllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll |
478 |
lllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll |
479 |
lllllllllllllllllllllllllllllllll)> |
480 |
-+]> |
481 |
-+<a/> |
482 |
-diff --git a/result/valid/781333.xml.err b/result/valid/781333.xml.err |
483 |
-new file mode 100644 |
484 |
-index 00000000..b401b49a |
485 |
---- /dev/null |
486 |
-+++ b/result/valid/781333.xml.err |
487 |
-@@ -0,0 +1,3 @@ |
488 |
-+./test/valid/781333.xml:4: element a: validity error : Element a content does not follow the DTD, expecting ( ..., got |
489 |
-+<a/> |
490 |
-+ ^ |
491 |
-diff --git a/result/valid/781333.xml.err.rdr b/result/valid/781333.xml.err.rdr |
492 |
-new file mode 100644 |
493 |
-index 00000000..5ff56992 |
494 |
---- /dev/null |
495 |
-+++ b/result/valid/781333.xml.err.rdr |
496 |
-@@ -0,0 +1,6 @@ |
497 |
-+./test/valid/781333.xml:4: element a: validity error : Element a content does not follow the DTD, expecting ( ..., got |
498 |
-+<a/> |
499 |
-+ ^ |
500 |
-+./test/valid/781333.xml:5: element a: validity error : Element a content does not follow the DTD, Expecting more child |
501 |
-+ |
502 |
-+^ |
503 |
-diff --git a/test/valid/781333.xml b/test/valid/781333.xml |
504 |
-new file mode 100644 |
505 |
-index 00000000..b29e5a68 |
506 |
---- /dev/null |
507 |
-+++ b/test/valid/781333.xml |
508 |
-@@ -0,0 +1,4 @@ |
509 |
-+<!DOCTYPE a [ |
510 |
-+ <!ELEMENT a (ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
511 |
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
512 |
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
513 |
ppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp |
514 |
pppppppppppppppppppppppppppppp:llllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll |
515 |
lllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllllll |
516 |
lllllllllllllllllllllllllllllllllllll)> |
517 |
-+]> |
518 |
-+<a/> |
519 |
-diff --git a/valid.c b/valid.c |
520 |
-index 0a8e58ab..8075d3a0 100644 |
521 |
---- a/valid.c |
522 |
-+++ b/valid.c |
523 |
-@@ -1266,22 +1266,23 @@ xmlSnprintfElementContent(char *buf, int size, xmlElementContentPtr content, int |
524 |
- case XML_ELEMENT_CONTENT_PCDATA: |
525 |
- strcat(buf, "#PCDATA"); |
526 |
- break; |
527 |
-- case XML_ELEMENT_CONTENT_ELEMENT: |
528 |
-+ case XML_ELEMENT_CONTENT_ELEMENT: { |
529 |
-+ int qnameLen = xmlStrlen(content->name); |
530 |
-+ |
531 |
-+ if (content->prefix != NULL) |
532 |
-+ qnameLen += xmlStrlen(content->prefix) + 1; |
533 |
-+ if (size - len < qnameLen + 10) { |
534 |
-+ strcat(buf, " ..."); |
535 |
-+ return; |
536 |
-+ } |
537 |
- if (content->prefix != NULL) { |
538 |
-- if (size - len < xmlStrlen(content->prefix) + 10) { |
539 |
-- strcat(buf, " ..."); |
540 |
-- return; |
541 |
-- } |
542 |
- strcat(buf, (char *) content->prefix); |
543 |
- strcat(buf, ":"); |
544 |
- } |
545 |
-- if (size - len < xmlStrlen(content->name) + 10) { |
546 |
-- strcat(buf, " ..."); |
547 |
-- return; |
548 |
-- } |
549 |
- if (content->name != NULL) |
550 |
- strcat(buf, (char *) content->name); |
551 |
- break; |
552 |
-+ } |
553 |
- case XML_ELEMENT_CONTENT_SEQ: |
554 |
- if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || |
555 |
- (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) |
556 |
-@@ -1323,6 +1324,7 @@ xmlSnprintfElementContent(char *buf, int size, xmlElementContentPtr content, int |
557 |
- xmlSnprintfElementContent(buf, size, content->c2, 0); |
558 |
- break; |
559 |
- } |
560 |
-+ if (size - strlen(buf) <= 2) return; |
561 |
- if (englob) |
562 |
- strcat(buf, ")"); |
563 |
- switch (content->ocur) { |
564 |
--- |
565 |
-2.14.1 |
566 |
- |
567 |
|
568 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch b/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch |
569 |
deleted file mode 100644 |
570 |
index abf43ef9815..00000000000 |
571 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-CVE-2017-9049-9050.patch |
572 |
+++ /dev/null |
573 |
@@ -1,316 +0,0 @@ |
574 |
-From 9c95d1b7f3951efe09df66ec41d7b19d6283084d Mon Sep 17 00:00:00 2001 |
575 |
-From: Nick Wellnhofer <wellnhofer@×××××.de> |
576 |
-Date: Mon, 5 Jun 2017 15:37:17 +0200 |
577 |
-Subject: [PATCH 3/7] Fix handling of parameter-entity references |
578 |
-MIME-Version: 1.0 |
579 |
-Content-Type: text/plain; charset=UTF-8 |
580 |
-Content-Transfer-Encoding: 8bit |
581 |
- |
582 |
-There were two bugs where parameter-entity references could lead to an |
583 |
-unexpected change of the input buffer in xmlParseNameComplex and |
584 |
-xmlDictLookup being called with an invalid pointer. |
585 |
- |
586 |
-Percent sign in DTD Names |
587 |
-========================= |
588 |
- |
589 |
-The NEXTL macro used to call xmlParserHandlePEReference. When parsing |
590 |
-"complex" names inside the DTD, this could result in entity expansion |
591 |
-which created a new input buffer. The fix is to simply remove the call |
592 |
-to xmlParserHandlePEReference from the NEXTL macro. This is safe because |
593 |
-no users of the macro require expansion of parameter entities. |
594 |
- |
595 |
-- xmlParseNameComplex |
596 |
-- xmlParseNCNameComplex |
597 |
-- xmlParseNmtoken |
598 |
- |
599 |
-The percent sign is not allowed in names, which are grammatical tokens. |
600 |
- |
601 |
-- xmlParseEntityValue |
602 |
- |
603 |
-Parameter-entity references in entity values are expanded but this |
604 |
-happens in a separate step in this function. |
605 |
- |
606 |
-- xmlParseSystemLiteral |
607 |
- |
608 |
-Parameter-entity references are ignored in the system literal. |
609 |
- |
610 |
-- xmlParseAttValueComplex |
611 |
-- xmlParseCharDataComplex |
612 |
-- xmlParseCommentComplex |
613 |
-- xmlParsePI |
614 |
-- xmlParseCDSect |
615 |
- |
616 |
-Parameter-entity references are ignored outside the DTD. |
617 |
- |
618 |
-- xmlLoadEntityContent |
619 |
- |
620 |
-This function is only called from xmlStringLenDecodeEntities and |
621 |
-entities are replaced in a separate step immediately after the function |
622 |
-call. |
623 |
- |
624 |
-This bug could also be triggered with an internal subset and double |
625 |
-entity expansion. |
626 |
- |
627 |
-This fixes bug 766956 initially reported by Wei Lei and independently by |
628 |
-Chromium's ClusterFuzz, Hanno Böck, and Marco Grassi. Thanks to everyone |
629 |
-involved. |
630 |
- |
631 |
-xmlParseNameComplex with XML_PARSE_OLD10 |
632 |
-======================================== |
633 |
- |
634 |
-When parsing Names inside an expanded parameter entity with the |
635 |
-XML_PARSE_OLD10 option, xmlParseNameComplex would call xmlGROW via the |
636 |
-GROW macro if the input buffer was exhausted. At the end of the |
637 |
-parameter entity's replacement text, this function would then call |
638 |
-xmlPopInput which invalidated the input buffer. |
639 |
- |
640 |
-There should be no need to invoke GROW in this situation because the |
641 |
-buffer is grown periodically every XML_PARSER_CHUNK_SIZE characters and, |
642 |
-at least for UTF-8, in xmlCurrentChar. This also matches the code path |
643 |
-executed when XML_PARSE_OLD10 is not set. |
644 |
- |
645 |
-This fixes bugs 781205 (CVE-2017-9049) and 781361 (CVE-2017-9050). |
646 |
-Thanks to Marcel Böhme and Thuan Pham for the report. |
647 |
- |
648 |
-Additional hardening |
649 |
-==================== |
650 |
- |
651 |
-A separate check was added in xmlParseNameComplex to validate the |
652 |
-buffer size. |
653 |
---- |
654 |
- Makefile.am | 18 ++++++++++++++++++ |
655 |
- parser.c | 18 ++++++++++-------- |
656 |
- result/errors10/781205.xml | 0 |
657 |
- result/errors10/781205.xml.err | 21 +++++++++++++++++++++ |
658 |
- result/errors10/781361.xml | 0 |
659 |
- result/errors10/781361.xml.err | 13 +++++++++++++ |
660 |
- result/valid/766956.xml | 0 |
661 |
- result/valid/766956.xml.err | 9 +++++++++ |
662 |
- result/valid/766956.xml.err.rdr | 10 ++++++++++ |
663 |
- runtest.c | 3 +++ |
664 |
- test/errors10/781205.xml | 3 +++ |
665 |
- test/errors10/781361.xml | 3 +++ |
666 |
- test/valid/766956.xml | 2 ++ |
667 |
- test/valid/dtds/766956.dtd | 2 ++ |
668 |
- 14 files changed, 94 insertions(+), 8 deletions(-) |
669 |
- create mode 100644 result/errors10/781205.xml |
670 |
- create mode 100644 result/errors10/781205.xml.err |
671 |
- create mode 100644 result/errors10/781361.xml |
672 |
- create mode 100644 result/errors10/781361.xml.err |
673 |
- create mode 100644 result/valid/766956.xml |
674 |
- create mode 100644 result/valid/766956.xml.err |
675 |
- create mode 100644 result/valid/766956.xml.err.rdr |
676 |
- create mode 100644 test/errors10/781205.xml |
677 |
- create mode 100644 test/errors10/781361.xml |
678 |
- create mode 100644 test/valid/766956.xml |
679 |
- create mode 100644 test/valid/dtds/766956.dtd |
680 |
- |
681 |
-diff --git a/Makefile.am b/Makefile.am |
682 |
-index 3b52bae7..bf20124e 100644 |
683 |
---- a/Makefile.am |
684 |
-+++ b/Makefile.am |
685 |
-@@ -422,6 +422,24 @@ Errtests : xmllint$(EXEEXT) |
686 |
- if [ -n "$$log" ] ; then echo $$name result ; echo $$log ; fi ; \ |
687 |
- rm result.$$name error.$$name ; \ |
688 |
- fi ; fi ; done) |
689 |
-+ @echo "## Error cases regression tests (old 1.0)" |
690 |
-+ -@(for i in $(srcdir)/test/errors10/*.xml ; do \ |
691 |
-+ name=`basename $$i`; \ |
692 |
-+ if [ ! -d $$i ] ; then \ |
693 |
-+ if [ ! -f $(srcdir)/result/errors10/$$name ] ; then \ |
694 |
-+ echo New test file $$name ; \ |
695 |
-+ $(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i \ |
696 |
-+ 2> $(srcdir)/result/errors10/$$name.err \ |
697 |
-+ > $(srcdir)/result/errors10/$$name ; \ |
698 |
-+ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \ |
699 |
-+ else \ |
700 |
-+ log=`$(CHECKER) $(top_builddir)/xmllint --oldxml10 $$i 2> error.$$name > result.$$name ; \ |
701 |
-+ grep "MORY ALLO" .memdump | grep -v "MEMORY ALLOCATED : 0"; \ |
702 |
-+ diff $(srcdir)/result/errors10/$$name result.$$name ; \ |
703 |
-+ diff $(srcdir)/result/errors10/$$name.err error.$$name` ; \ |
704 |
-+ if [ -n "$$log" ] ; then echo $$name result ; echo "$$log" ; fi ; \ |
705 |
-+ rm result.$$name error.$$name ; \ |
706 |
-+ fi ; fi ; done) |
707 |
- @echo "## Error cases stream regression tests" |
708 |
- -@(for i in $(srcdir)/test/errors/*.xml ; do \ |
709 |
- name=`basename $$i`; \ |
710 |
-diff --git a/parser.c b/parser.c |
711 |
-index 53a6b7f0..b832406a 100644 |
712 |
---- a/parser.c |
713 |
-+++ b/parser.c |
714 |
-@@ -2115,7 +2115,6 @@ static void xmlGROW (xmlParserCtxtPtr ctxt) { |
715 |
- ctxt->input->line++; ctxt->input->col = 1; \ |
716 |
- } else ctxt->input->col++; \ |
717 |
- ctxt->input->cur += l; \ |
718 |
-- if (*ctxt->input->cur == '%') xmlParserHandlePEReference(ctxt); \ |
719 |
- } while (0) |
720 |
- |
721 |
- #define CUR_CHAR(l) xmlCurrentChar(ctxt, &l) |
722 |
-@@ -3406,13 +3405,6 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) { |
723 |
- len += l; |
724 |
- NEXTL(l); |
725 |
- c = CUR_CHAR(l); |
726 |
-- if (c == 0) { |
727 |
-- count = 0; |
728 |
-- GROW; |
729 |
-- if (ctxt->instate == XML_PARSER_EOF) |
730 |
-- return(NULL); |
731 |
-- c = CUR_CHAR(l); |
732 |
-- } |
733 |
- } |
734 |
- } |
735 |
- if ((len > XML_MAX_NAME_LENGTH) && |
736 |
-@@ -3420,6 +3412,16 @@ xmlParseNameComplex(xmlParserCtxtPtr ctxt) { |
737 |
- xmlFatalErr(ctxt, XML_ERR_NAME_TOO_LONG, "Name"); |
738 |
- return(NULL); |
739 |
- } |
740 |
-+ if (ctxt->input->cur - ctxt->input->base < len) { |
741 |
-+ /* |
742 |
-+ * There were a couple of bugs where PERefs lead to to a change |
743 |
-+ * of the buffer. Check the buffer size to avoid passing an invalid |
744 |
-+ * pointer to xmlDictLookup. |
745 |
-+ */ |
746 |
-+ xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR, |
747 |
-+ "unexpected change of input buffer"); |
748 |
-+ return (NULL); |
749 |
-+ } |
750 |
- if ((*ctxt->input->cur == '\n') && (ctxt->input->cur[-1] == '\r')) |
751 |
- return(xmlDictLookup(ctxt->dict, ctxt->input->cur - (len + 1), len)); |
752 |
- return(xmlDictLookup(ctxt->dict, ctxt->input->cur - len, len)); |
753 |
-diff --git a/result/errors10/781205.xml b/result/errors10/781205.xml |
754 |
-new file mode 100644 |
755 |
-index 00000000..e69de29b |
756 |
-diff --git a/result/errors10/781205.xml.err b/result/errors10/781205.xml.err |
757 |
-new file mode 100644 |
758 |
-index 00000000..da15c3f7 |
759 |
---- /dev/null |
760 |
-+++ b/result/errors10/781205.xml.err |
761 |
-@@ -0,0 +1,21 @@ |
762 |
-+Entity: line 1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration |
763 |
-+ |
764 |
-+ %a; |
765 |
-+ ^ |
766 |
-+Entity: line 1: |
767 |
-+<:0000 |
768 |
-+^ |
769 |
-+Entity: line 1: parser error : DOCTYPE improperly terminated |
770 |
-+ %a; |
771 |
-+ ^ |
772 |
-+Entity: line 1: |
773 |
-+<:0000 |
774 |
-+^ |
775 |
-+namespace error : Failed to parse QName ':0000' |
776 |
-+ %a; |
777 |
-+ ^ |
778 |
-+<:0000 |
779 |
-+ ^ |
780 |
-+./test/errors10/781205.xml:4: parser error : Couldn't find end of Start Tag :0000 line 1 |
781 |
-+ |
782 |
-+^ |
783 |
-diff --git a/result/errors10/781361.xml b/result/errors10/781361.xml |
784 |
-new file mode 100644 |
785 |
-index 00000000..e69de29b |
786 |
-diff --git a/result/errors10/781361.xml.err b/result/errors10/781361.xml.err |
787 |
-new file mode 100644 |
788 |
-index 00000000..655f41a2 |
789 |
---- /dev/null |
790 |
-+++ b/result/errors10/781361.xml.err |
791 |
-@@ -0,0 +1,13 @@ |
792 |
-+./test/errors10/781361.xml:4: parser error : xmlParseElementDecl: 'EMPTY', 'ANY' or '(' expected |
793 |
-+ |
794 |
-+^ |
795 |
-+./test/errors10/781361.xml:4: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration |
796 |
-+ |
797 |
-+ |
798 |
-+^ |
799 |
-+./test/errors10/781361.xml:4: parser error : DOCTYPE improperly terminated |
800 |
-+ |
801 |
-+^ |
802 |
-+./test/errors10/781361.xml:4: parser error : Start tag expected, '<' not found |
803 |
-+ |
804 |
-+^ |
805 |
-diff --git a/result/valid/766956.xml b/result/valid/766956.xml |
806 |
-new file mode 100644 |
807 |
-index 00000000..e69de29b |
808 |
-diff --git a/result/valid/766956.xml.err b/result/valid/766956.xml.err |
809 |
-new file mode 100644 |
810 |
-index 00000000..34b1dae6 |
811 |
---- /dev/null |
812 |
-+++ b/result/valid/766956.xml.err |
813 |
-@@ -0,0 +1,9 @@ |
814 |
-+test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';' |
815 |
-+%ä%ent; |
816 |
-+ ^ |
817 |
-+Entity: line 1: parser error : Content error in the external subset |
818 |
-+ %ent; |
819 |
-+ ^ |
820 |
-+Entity: line 1: |
821 |
-+value |
822 |
-+^ |
823 |
-diff --git a/result/valid/766956.xml.err.rdr b/result/valid/766956.xml.err.rdr |
824 |
-new file mode 100644 |
825 |
-index 00000000..77603462 |
826 |
---- /dev/null |
827 |
-+++ b/result/valid/766956.xml.err.rdr |
828 |
-@@ -0,0 +1,10 @@ |
829 |
-+test/valid/dtds/766956.dtd:2: parser error : PEReference: expecting ';' |
830 |
-+%ä%ent; |
831 |
-+ ^ |
832 |
-+Entity: line 1: parser error : Content error in the external subset |
833 |
-+ %ent; |
834 |
-+ ^ |
835 |
-+Entity: line 1: |
836 |
-+value |
837 |
-+^ |
838 |
-+./test/valid/766956.xml : failed to parse |
839 |
-diff --git a/runtest.c b/runtest.c |
840 |
-index 7d030bdc..cd233da9 100644 |
841 |
---- a/runtest.c |
842 |
-+++ b/runtest.c |
843 |
-@@ -4202,6 +4202,9 @@ testDesc testDescriptions[] = { |
844 |
- { "Error cases regression tests", |
845 |
- errParseTest, "./test/errors/*.xml", "result/errors/", "", ".err", |
846 |
- 0 }, |
847 |
-+ { "Error cases regression tests (old 1.0)", |
848 |
-+ errParseTest, "./test/errors10/*.xml", "result/errors10/", "", ".err", |
849 |
-+ XML_PARSE_OLD10 }, |
850 |
- #ifdef LIBXML_READER_ENABLED |
851 |
- { "Error cases stream regression tests", |
852 |
- streamParseTest, "./test/errors/*.xml", "result/errors/", NULL, ".str", |
853 |
-diff --git a/test/errors10/781205.xml b/test/errors10/781205.xml |
854 |
-new file mode 100644 |
855 |
-index 00000000..d9e9e839 |
856 |
---- /dev/null |
857 |
-+++ b/test/errors10/781205.xml |
858 |
-@@ -0,0 +1,3 @@ |
859 |
-+<!DOCTYPE D [ |
860 |
-+ <!ENTITY % a "<:0000"> |
861 |
-+ %a; |
862 |
-diff --git a/test/errors10/781361.xml b/test/errors10/781361.xml |
863 |
-new file mode 100644 |
864 |
-index 00000000..67476bcb |
865 |
---- /dev/null |
866 |
-+++ b/test/errors10/781361.xml |
867 |
-@@ -0,0 +1,3 @@ |
868 |
-+<!DOCTYPE doc [ |
869 |
-+ <!ENTITY % elem "<!ELEMENT e0000000000"> |
870 |
-+ %elem; |
871 |
-diff --git a/test/valid/766956.xml b/test/valid/766956.xml |
872 |
-new file mode 100644 |
873 |
-index 00000000..19a95a0e |
874 |
---- /dev/null |
875 |
-+++ b/test/valid/766956.xml |
876 |
-@@ -0,0 +1,2 @@ |
877 |
-+<!DOCTYPE test SYSTEM "dtds/766956.dtd"> |
878 |
-+<test/> |
879 |
-diff --git a/test/valid/dtds/766956.dtd b/test/valid/dtds/766956.dtd |
880 |
-new file mode 100644 |
881 |
-index 00000000..dddde68b |
882 |
---- /dev/null |
883 |
-+++ b/test/valid/dtds/766956.dtd |
884 |
-@@ -0,0 +1,2 @@ |
885 |
-+<!ENTITY % ent "value"> |
886 |
-+%ä%ent; |
887 |
--- |
888 |
-2.14.1 |
889 |
- |
890 |
|
891 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch b/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch |
892 |
deleted file mode 100644 |
893 |
index 224d60ff052..00000000000 |
894 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-fix-root-node-cmp.patch |
895 |
+++ /dev/null |
896 |
@@ -1,34 +0,0 @@ |
897 |
-From a1fb9a4f511d89f0738b62cabd6d92bfd9eb94a9 Mon Sep 17 00:00:00 2001 |
898 |
-From: Nick Wellnhofer <wellnhofer@×××××.de> |
899 |
-Date: Tue, 28 Jun 2016 14:19:58 +0200 |
900 |
-Subject: [PATCH 3/3] Fix comparison with root node in xmlXPathCmpNodes |
901 |
- |
902 |
-This change has already been made in xmlXPathCmpNodesExt but not in |
903 |
-xmlXPathCmpNodes. |
904 |
---- |
905 |
- xpath.c | 4 ++-- |
906 |
- 1 file changed, 2 insertions(+), 2 deletions(-) |
907 |
- |
908 |
-diff --git a/xpath.c b/xpath.c |
909 |
-index 67afbca5..5a01b1b3 100644 |
910 |
---- a/xpath.c |
911 |
-+++ b/xpath.c |
912 |
-@@ -3342,13 +3342,13 @@ xmlXPathCmpNodes(xmlNodePtr node1, xmlNodePtr node2) { |
913 |
- * compute depth to root |
914 |
- */ |
915 |
- for (depth2 = 0, cur = node2;cur->parent != NULL;cur = cur->parent) { |
916 |
-- if (cur == node1) |
917 |
-+ if (cur->parent == node1) |
918 |
- return(1); |
919 |
- depth2++; |
920 |
- } |
921 |
- root = cur; |
922 |
- for (depth1 = 0, cur = node1;cur->parent != NULL;cur = cur->parent) { |
923 |
-- if (cur == node2) |
924 |
-+ if (cur->parent == node2) |
925 |
- return(-1); |
926 |
- depth1++; |
927 |
- } |
928 |
--- |
929 |
-2.14.1 |
930 |
- |
931 |
|
932 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch b/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch |
933 |
deleted file mode 100644 |
934 |
index 770a1832b19..00000000000 |
935 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-heap-buffer-overflow.patch |
936 |
+++ /dev/null |
937 |
@@ -1,32 +0,0 @@ |
938 |
-From df4f9bdc7a37908ded8bd1fec4f75509eaa156de Mon Sep 17 00:00:00 2001 |
939 |
-From: David Kilzer <ddkilzer@×××××.com> |
940 |
-Date: Tue, 4 Jul 2017 18:38:03 +0200 |
941 |
-Subject: [PATCH 5/7] Heap-buffer-overflow read of size 1 in |
942 |
- xmlFAParsePosCharGroup |
943 |
- |
944 |
-Credit to OSS-Fuzz. |
945 |
- |
946 |
-Add a check to xmlFAParseCharRange() for the end of the buffer |
947 |
-to prevent reading past the end of it. |
948 |
- |
949 |
-This fixes Bug 784017. |
950 |
---- |
951 |
- xmlregexp.c | 2 +- |
952 |
- 1 file changed, 1 insertion(+), 1 deletion(-) |
953 |
- |
954 |
-diff --git a/xmlregexp.c b/xmlregexp.c |
955 |
-index ca3b4f46..6676c2a8 100644 |
956 |
---- a/xmlregexp.c |
957 |
-+++ b/xmlregexp.c |
958 |
-@@ -5051,7 +5051,7 @@ xmlFAParseCharRange(xmlRegParserCtxtPtr ctxt) { |
959 |
- return; |
960 |
- } |
961 |
- len = 1; |
962 |
-- } else if ((cur != 0x5B) && (cur != 0x5D)) { |
963 |
-+ } else if ((cur != '\0') && (cur != 0x5B) && (cur != 0x5D)) { |
964 |
- end = CUR_SCHAR(ctxt->cur, len); |
965 |
- } else { |
966 |
- ERROR("Expecting the end of a char range"); |
967 |
--- |
968 |
-2.14.1 |
969 |
- |
970 |
|
971 |
diff --git a/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch b/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch |
972 |
deleted file mode 100644 |
973 |
index 9d1a03346f6..00000000000 |
974 |
--- a/dev-libs/libxml2/files/libxml2-2.9.4-osd-validation.patch |
975 |
+++ /dev/null |
976 |
@@ -1,66 +0,0 @@ |
977 |
-From 8bc6baccc7da291c2338b8d95953ea487b0b3ca1 Mon Sep 17 00:00:00 2001 |
978 |
-From: Alex Henrie <alexhenrie24@×××××.com> |
979 |
-Date: Thu, 26 May 2016 17:38:35 -0600 |
980 |
-Subject: [PATCH 2/7] Fix attribute decoding during XML schema validation |
981 |
- |
982 |
-For https://bugzilla.gnome.org/show_bug.cgi?id=766834 |
983 |
- |
984 |
-vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs, |
985 |
-so this function can't call xmlStringLenDecodeEntities to decode the |
986 |
-entities. |
987 |
---- |
988 |
- xmlschemas.c | 30 +++++++++++++++++++++++++----- |
989 |
- 1 file changed, 25 insertions(+), 5 deletions(-) |
990 |
- |
991 |
-diff --git a/xmlschemas.c b/xmlschemas.c |
992 |
-index e1b3a4f0..59535e5c 100644 |
993 |
---- a/xmlschemas.c |
994 |
-+++ b/xmlschemas.c |
995 |
-@@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx, |
996 |
- * attributes yet. |
997 |
- */ |
998 |
- if (nb_attributes != 0) { |
999 |
-+ int valueLen, k, l; |
1000 |
- xmlChar *value; |
1001 |
- |
1002 |
- for (j = 0, i = 0; i < nb_attributes; i++, j += 5) { |
1003 |
-@@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx, |
1004 |
- * libxml2 differs from normal SAX here in that it escapes all ampersands |
1005 |
- * as & instead of delivering the raw converted string. Changing the |
1006 |
- * behavior at this point would break applications that use this API, so |
1007 |
-- * we are forced to work around it. There is no danger of accidentally |
1008 |
-- * decoding some entity other than & in this step because without |
1009 |
-- * unescaped ampersands there can be no other entities in the string. |
1010 |
-+ * we are forced to work around it. |
1011 |
- */ |
1012 |
-- value = xmlStringLenDecodeEntities(vctxt->parserCtxt, attributes[j+3], |
1013 |
-- attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0, 0); |
1014 |
-+ valueLen = attributes[j+4] - attributes[j+3]; |
1015 |
-+ value = xmlMallocAtomic(valueLen + 1); |
1016 |
-+ if (value == NULL) { |
1017 |
-+ xmlSchemaVErrMemory(vctxt, |
1018 |
-+ "allocating string for decoded attribute", |
1019 |
-+ NULL); |
1020 |
-+ goto internal_error; |
1021 |
-+ } |
1022 |
-+ for (k = 0, l = 0; k < valueLen; l++) { |
1023 |
-+ if (k < valueLen - 4 && |
1024 |
-+ attributes[j+3][k+0] == '&' && |
1025 |
-+ attributes[j+3][k+1] == '#' && |
1026 |
-+ attributes[j+3][k+2] == '3' && |
1027 |
-+ attributes[j+3][k+3] == '8' && |
1028 |
-+ attributes[j+3][k+4] == ';') { |
1029 |
-+ value[l] = '&'; |
1030 |
-+ k += 5; |
1031 |
-+ } else { |
1032 |
-+ value[l] = attributes[j+3][k]; |
1033 |
-+ k++; |
1034 |
-+ } |
1035 |
-+ } |
1036 |
-+ value[l] = '\0'; |
1037 |
- /* |
1038 |
- * TODO: Set the node line. |
1039 |
- */ |
1040 |
--- |
1041 |
-2.14.1 |
1042 |
- |