pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/textproc/libxml2 Update libxml2 to 2.9.4.
details: https://anonhg.NetBSD.org/pkgsrc/rev/24085b55ed17
branches: trunk
changeset: 347550:24085b55ed17
user: he <he%pkgsrc.org@localhost>
date: Tue May 24 12:00:08 2016 +0000
description:
Update libxml2 to 2.9.4.
Pkgsrc changes:
* Add some casts to match types and format strings, plus
fix value range of toupper() operation.
* Merge patch-ag into the new patch-encoding.c.
* Add comments to existing patches which lacked comments.
Upstream changes to libxml2-2.9.4: May 23 2016
Security:
CVE-2016-3627 Avoid building recursive entities
CVE-2016-1833 Heap-based buffer overread in htmlCurrentChar
CVE-2016-1835 Heap use-after-free in xmlSAX2AttributeNs
CVE-2016-1837 Heap use-after-free in htmlParsePubidLiteral
and htmlParseSystemiteral
CVE-2016-1836 Bug 759398: Heap use-after-free in xmlDictComputeFastKey
CVE-2016-1839 Bug 758605: Heap-based buffer overread in xmlDictAddString
CVE-2016-1838 Bug 758588: Heap-based buffer overread in
xmlParserPrintFileContextInternal
CVE-2016-1840 Bug 757711: heap-buffer-overflow in xmlFAParsePosCharGroup
CVE-2016-4483 Avoid an out of bound access when serializing
malformed strings
CVE-2016-1834 Bug 763071: heap-buffer-overflow in xmlStrncat
CVE-2016-3705 Add missing increments of recursion depth counter to
XML parser.
CVE-2016-1762 Heap-based buffer overread in xmlNextChar
More format string warnings with possible format string vulnerability
Heap-based buffer-underreads due to xmlParseName
Fix some format string warnings with possible format string vulnerability
Unsigned addition may overflow in xmlMallocAtomicLoc()
Other bugfixes:
Detect change of encoding when parsing HTML names
Fix inappropriate fetch of entities content
Correct the usage of LDFLAGS
Revert the use of SAVE_LDFLAGS in configure.ac
libxml2 hardcodes -L/lib in zlib/lzma tests which breaks cross-compiles
Add more debugging info to runtest
Implement "runtest -u" mode
Integer signed/unsigned type mismatch in xmlParserInputGrow()
Integer overflow parsing port number in URI
Fix apibuild for a recently added constructv2.9.4-rc2
Use pkg-config to locate zlib when possible
Use pkg-config to locate ICU when possible
Fix an error with regexp on nullable counted char transition
Fix memory leak with XPath namespace nodes
Fix namespace axis traversal
Add a make rule to rebuild for ASAN
Fix null pointer deref in docs with no root element
Portability to non C99 compliant compilers
dict.h: Move xmlDictPtr definition before includes to allow direct
inclusion.
Fix XSD validation of URIs with ampersands
xmlschemastypes.c: accept endOfDayFrag Times set to "24:00:00" mean
"end of day" and should not cause an error. v2.9.4-rc1
os400: tell about xmllint and xmlcatalog in README400.
os400: properly process SGML add in XMLCATALOG command.
os400: implement CL command XMLCATALOG.
os400: compile and install program xmlcatalog (qshell-only).
xmlcatalog: flush stdout before interactive shell input.
os400: expand tabs in sources, strip trailing blanks.
os400: implement CL command XMLLINT.
os400: compile and install program xmllint (qshell-only).
os400: initscript make_module(): Use options instead of
positional parameters.
xmllint: flush stdout before interactive shell input.
os400: c14n.rpgle: allow *omit for nullable reference parameters.
os400: use like() for double type.
os400: use like() for int type.
os400: use like() for unsigned int type.
os400: use like() for enum types.
Add xz to xml2-config --libs output
Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression
Fix namespace::node() XPath expression
Fix OOB write in xmlXPathEmptyNodeSet
Fix parsing of NCNames in XPath
Fix OOB read with invalid UTF-8 in xmlUTF8Strsize
Do normalize string-based datatype value in RelaxNG facet checking
Fix typo: s{ ec -> cr }cipt
Fix typos: dictio{ nn -> n }ar{y,ies}
Fix typos: PATH_{ SEAPARATOR -> SEPARATOR }
Correct a typo.
Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix
for "xmlSaveUri() incorrectly recomposes URIs with rootless paths"
Bug 760861: REGRESSION (bf9c1dad): Missing results for
test/schemas/regexp-char-ref_[01].xsd
error.c: *input->cur == 0 does not mean no error
Add missing RNG test files
Bug 760190: configure.ac should be able to build --with-icu without
icu-config tool
Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus
UTF-8 encoding error when multi-byte character in large CDATA
section is split across buffer
Bug 758572: ASAN crash in make check
Bug 721158: Missing ICU string when doing --version on xmllint
python 3: libxml2.c wrappers create Unicode str already
win32\VC10\config.h and VS 2015
Add autogen.sh to distrib
Add configure maintainer mode
diffstat:
textproc/libxml2/Makefile | 4 +-
textproc/libxml2/distinfo | 26 ++++++----
textproc/libxml2/patches/patch-aa | 4 +-
textproc/libxml2/patches/patch-ab | 8 +++-
textproc/libxml2/patches/patch-ac | 4 +-
textproc/libxml2/patches/patch-ad | 4 +-
textproc/libxml2/patches/patch-ae | 4 +-
textproc/libxml2/patches/patch-ag | 14 ------
textproc/libxml2/patches/patch-encoding.c | 64 +++++++++++++++++++++++++++++
textproc/libxml2/patches/patch-runtest.c | 16 +++++++
textproc/libxml2/patches/patch-testlimits.c | 42 +++++++++++++++++++
textproc/libxml2/patches/patch-timsort.h | 15 ++++++
textproc/libxml2/patches/patch-xmlIO.c | 16 +++++++
13 files changed, 189 insertions(+), 32 deletions(-)
diffs (293 lines):
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/Makefile
--- a/textproc/libxml2/Makefile Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/Makefile Tue May 24 12:00:08 2016 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.140 2016/02/26 10:32:47 jperkin Exp $
+# $NetBSD: Makefile,v 1.141 2016/05/24 12:00:08 he Exp $
-DISTNAME= libxml2-2.9.3
+DISTNAME= libxml2-2.9.4
CATEGORIES= textproc
MASTER_SITES= ftp://xmlsoft.org/libxml2/ \
http://xmlsoft.org/sources/
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/distinfo
--- a/textproc/libxml2/distinfo Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/distinfo Tue May 24 12:00:08 2016 +0000
@@ -1,12 +1,16 @@
-$NetBSD: distinfo,v 1.109 2015/11/22 23:49:03 wiz Exp $
+$NetBSD: distinfo,v 1.110 2016/05/24 12:00:08 he Exp $
-SHA1 (libxml2-2.9.3.tar.gz) = 0301ce933637e0ceda049047dbefd18714f59b6e
-RMD160 (libxml2-2.9.3.tar.gz) = 8ffed136daaf3595c306b76c5600ce67b5984e61
-SHA512 (libxml2-2.9.3.tar.gz) = 078afa65229de4f23e6538767253fb4f9f61d96cb72e445179c71d536b224d54922f22972a2b71434796f83f8c99f6a46c3b8813cb4582ad9fca696d141e0abb
-Size (libxml2-2.9.3.tar.gz) = 5477112 bytes
-SHA1 (patch-aa) = 7d1213079cc78c9a28476c49f1283ab1c6af3b34
-SHA1 (patch-ab) = bf8983fcde35edf0e450209bf07f0fa628f7bd9e
-SHA1 (patch-ac) = 015a5903a86793bd770f16f251b94e5b2562b3f7
-SHA1 (patch-ad) = fe255e93f9aefd5403d646cd45d9fbdcbd100bd6
-SHA1 (patch-ae) = d479d5a0c8b906de3cbe1c30b100c6f8b1bb9c43
-SHA1 (patch-ag) = f037f13ccc4047d4bf824a2091e60ac89b172558
+SHA1 (libxml2-2.9.4.tar.gz) = 958ae70baf186263a4bd801a81dd5d682aedd1db
+RMD160 (libxml2-2.9.4.tar.gz) = bb59656e0683d64a38a2f1a45ca9d918837e1e56
+SHA512 (libxml2-2.9.4.tar.gz) = f5174ab1a3a0ec0037a47f47aa47def36674e02bfb42b57f609563f84c6247c585dbbb133c056953a5adb968d328f18cbc102eb0d00d48eb7c95478389e5daf9
+Size (libxml2-2.9.4.tar.gz) = 5374830 bytes
+SHA1 (patch-aa) = e687eaa9805b855b0c8a944ec5c597bd34954472
+SHA1 (patch-ab) = 5bb6b5002518538ef8daf42b5220072958efa6a8
+SHA1 (patch-ac) = 34afe787f6012b460a85be993048e133907a1621
+SHA1 (patch-ad) = d65b7e3be9694147e96ce4bb70a1739e2279ba81
+SHA1 (patch-ae) = 4eede9719724f94402e850ee6d6043a74aaf62b2
+SHA1 (patch-encoding.c) = 518515e5cf2b3c3d32ee3377abd78fba8abf998b
+SHA1 (patch-runtest.c) = ec0dc7605ba82ea0da9c4a5c4c9f5d237efd6a66
+SHA1 (patch-testlimits.c) = 951e395dde957df7b1b012146ccb46e3e1f6b485
+SHA1 (patch-timsort.h) = 10bf93d92457bd74fd0004400ee47381e96706d8
+SHA1 (patch-xmlIO.c) = b8bd8baa8ddbccf321c16ec548e9a9f3e44a83d5
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-aa
--- a/textproc/libxml2/patches/patch-aa Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/patches/patch-aa Tue May 24 12:00:08 2016 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-aa,v 1.28 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-aa,v 1.29 2016/05/24 12:00:08 he Exp $
+
+Move EXAMPLES_DIR to fit pkgsrc.
--- Makefile.in.orig 2014-10-16 07:35:13.000000000 +0000
+++ Makefile.in
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-ab
--- a/textproc/libxml2/patches/patch-ab Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/patches/patch-ab Tue May 24 12:00:08 2016 +0000
@@ -1,4 +1,10 @@
-$NetBSD: patch-ab,v 1.28 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ab,v 1.29 2016/05/24 12:00:08 he Exp $
+
+Various configure fixes:
+ * Add run-path to XML_LIBDIR
+ * Fix handling of pthreads
+ * Add portability to OpenBSD, MirBSD, FreeBSD, NetBSD and DragonFly
+ * Fix test for SAX
--- configure.orig 2014-10-16 07:35:12.000000000 +0000
+++ configure
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-ac
--- a/textproc/libxml2/patches/patch-ac Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/patches/patch-ac Tue May 24 12:00:08 2016 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-ac,v 1.8 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ac,v 1.9 2016/05/24 12:00:08 he Exp $
+
+Parametrize XML and SGML catalog directories.
--- catalog.c.orig 2014-10-03 11:28:05.000000000 +0000
+++ catalog.c
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-ad
--- a/textproc/libxml2/patches/patch-ad Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/patches/patch-ad Tue May 24 12:00:08 2016 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-ad,v 1.18 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ad,v 1.19 2016/05/24 12:00:08 he Exp $
+
+Parametrize SGML catalog directory.
--- xmlcatalog.c.orig 2014-10-03 11:28:06.000000000 +0000
+++ xmlcatalog.c
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-ae
--- a/textproc/libxml2/patches/patch-ae Tue May 24 11:30:30 2016 +0000
+++ b/textproc/libxml2/patches/patch-ae Tue May 24 12:00:08 2016 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-ae,v 1.14 2015/04/24 11:32:29 spz Exp $
+$NetBSD: patch-ae,v 1.15 2016/05/24 12:00:08 he Exp $
+
+Don't install html files.
--- doc/examples/Makefile.in.orig 2014-10-16 07:35:13.000000000 +0000
+++ doc/examples/Makefile.in
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-ag
--- a/textproc/libxml2/patches/patch-ag Tue May 24 11:30:30 2016 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-$NetBSD: patch-ag,v 1.12 2015/04/24 11:32:29 spz Exp $
-
---- encoding.c.orig 2014-10-03 11:53:06.000000000 +0000
-+++ encoding.c
-@@ -1433,6 +1433,9 @@ xmlInitCharEncodingHandlers(void) {
- xmlRegisterCharEncodingHandlersISO8859x ();
- #endif
- #endif
-+#ifdef __NetBSD__ /* XXX needed by selftest */
-+ xmlAddEncodingAlias("CP1141", "IBM-1141");
-+#endif
-
- }
-
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-encoding.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml2/patches/patch-encoding.c Tue May 24 12:00:08 2016 +0000
@@ -0,0 +1,64 @@
+$NetBSD: patch-encoding.c,v 1.1 2016/05/24 12:00:08 he Exp $
+
+Avoid potential undefined behaviour by casting arg to toupper()
+to an appropriate value range.
+
+Also, on NetBSD, add CP1141 encoding alias.
+
+--- encoding.c.orig 2016-05-23 07:25:25.000000000 +0000
++++ encoding.c
+@@ -1018,7 +1018,7 @@ xmlGetEncodingAlias(const char *alias) {
+ return(NULL);
+
+ for (i = 0;i < 99;i++) {
+- upper[i] = toupper(alias[i]);
++ upper[i] = toupper((unsigned char)alias[i]);
+ if (upper[i] == 0) break;
+ }
+ upper[i] = 0;
+@@ -1053,7 +1053,7 @@ xmlAddEncodingAlias(const char *name, co
+ return(-1);
+
+ for (i = 0;i < 99;i++) {
+- upper[i] = toupper(alias[i]);
++ upper[i] = toupper((unsigned char)alias[i]);
+ if (upper[i] == 0) break;
+ }
+ upper[i] = 0;
+@@ -1155,7 +1155,7 @@ xmlParseCharEncoding(const char* name)
+ name = alias;
+
+ for (i = 0;i < 499;i++) {
+- upper[i] = toupper(name[i]);
++ upper[i] = toupper((unsigned char)name[i]);
+ if (upper[i] == 0) break;
+ }
+ upper[i] = 0;
+@@ -1331,7 +1331,7 @@ xmlNewCharEncodingHandler(const char *na
+ return(NULL);
+ }
+ for (i = 0;i < 499;i++) {
+- upper[i] = toupper(name[i]);
++ upper[i] = toupper((unsigned char)name[i]);
+ if (upper[i] == 0) break;
+ }
+ upper[i] = 0;
+@@ -1433,6 +1433,9 @@ xmlInitCharEncodingHandlers(void) {
+ xmlRegisterCharEncodingHandlersISO8859x ();
+ #endif
+ #endif
++#ifdef __NetBSD__ /* XXX needed by selftest */
++ xmlAddEncodingAlias("CP1141", "IBM-1141");
++#endif
+
+ }
+
+@@ -1660,7 +1663,7 @@ xmlFindCharEncodingHandler(const char *n
+ * Check first for directly registered encoding names
+ */
+ for (i = 0;i < 99;i++) {
+- upper[i] = toupper(name[i]);
++ upper[i] = toupper((unsigned char)name[i]);
+ if (upper[i] == 0) break;
+ }
+ upper[i] = 0;
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-runtest.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml2/patches/patch-runtest.c Tue May 24 12:00:08 2016 +0000
@@ -0,0 +1,16 @@
+$NetBSD$
+
+Since this is built with C90, and %zu isn't supported then, cast
+the size_t argument to long to match the format.
+
+--- runtest.c.orig 2016-05-23 07:25:25.000000000 +0000
++++ runtest.c
+@@ -688,7 +688,7 @@ static int compareFileMem(const char *fi
+ }
+ if (info.st_size != size) {
+ fprintf(stderr, "file %s is %ld bytes, result is %d bytes\n",
+- filename, info.st_size, size);
++ filename, (long)info.st_size, size);
+ return(-1);
+ }
+ fd = open(filename, RD_FLAGS);
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-testlimits.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml2/patches/patch-testlimits.c Tue May 24 12:00:08 2016 +0000
@@ -0,0 +1,42 @@
+$NetBSD$
+
+Since this is built with C90, and %zu isn't supported then, cast
+the size_t argument to unsigned long to match the format.
+
+--- testlimits.c.orig 2016-02-09 10:17:34.000000000 +0000
++++ testlimits.c
+@@ -1284,13 +1284,14 @@ saxTest(const char *filename, size_t lim
+ if (fail)
+ res = 0;
+ else {
+- fprintf(stderr, "Failed to parse '%s' %lu\n", filename, limit);
++ fprintf(stderr, "Failed to parse '%s' %lu\n", filename,
++ (unsigned long)limit);
+ res = 1;
+ }
+ } else {
+ if (fail) {
+ fprintf(stderr, "Failed to get failure for '%s' %lu\n",
+- filename, limit);
++ filename, (unsigned long)limit);
+ res = 1;
+ } else
+ res = 0;
+@@ -1339,7 +1340,7 @@ readerTest(const char *filename, size_t
+ filename, crazy_indx);
+ else
+ fprintf(stderr, "Failed to parse '%s' %lu\n",
+- filename, limit);
++ filename, (unsigned long)limit);
+ res = 1;
+ }
+ } else {
+@@ -1349,7 +1350,7 @@ readerTest(const char *filename, size_t
+ filename, crazy_indx);
+ else
+ fprintf(stderr, "Failed to get failure for '%s' %lu\n",
+- filename, limit);
++ filename, (unsigned long)limit);
+ res = 1;
+ } else
+ res = 0;
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-timsort.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml2/patches/patch-timsort.h Tue May 24 12:00:08 2016 +0000
@@ -0,0 +1,15 @@
+$NetBSD$
+
+Cast argument (gcc says "unsigned int") to match %lu format.
+
+--- timsort.h.orig 2016-02-09 10:17:34.000000000 +0000
++++ timsort.h
+@@ -323,7 +323,7 @@ static void TIM_SORT_RESIZE(TEMP_STORAGE
+ SORT_TYPE *tempstore = (SORT_TYPE *)realloc(store->storage, new_size * sizeof(SORT_TYPE));
+ if (tempstore == NULL)
+ {
+- fprintf(stderr, "Error allocating temporary storage for tim sort: need %lu bytes", sizeof(SORT_TYPE) * new_size);
++ fprintf(stderr, "Error allocating temporary storage for tim sort: need %lu bytes", (unsigned long)(sizeof(SORT_TYPE) * new_size));
+ exit(1);
+ }
+ store->storage = tempstore;
diff -r 7b48ce0afba4 -r 24085b55ed17 textproc/libxml2/patches/patch-xmlIO.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/libxml2/patches/patch-xmlIO.c Tue May 24 12:00:08 2016 +0000
@@ -0,0 +1,16 @@
+$NetBSD$
+
+Since this is built with C90, and %zu isn't supported then, cast
+the size_t argument to unsigned long to match the format.
+
+--- xmlIO.c.orig 2016-05-23 07:25:25.000000000 +0000
++++ xmlIO.c
+@@ -1674,7 +1674,7 @@ xmlZMemBuffExtend( xmlZMemBuffPtr buff,
+ xmlStrPrintf(msg, 500,
+ "xmlZMemBuffExtend: %s %lu bytes.\n",
+ "Allocation failure extending output buffer to",
+- new_size );
++ (unsigned long)new_size );
+ xmlIOErr(XML_IO_WRITE, (const char *) msg);
+ }
+
Home |
Main Index |
Thread Index |
Old Index