[pkgsrc/trunk]: pkgsrc/textproc/expat fix SA36425: possible DoS due to an err...

[drochner <drochner%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/bcb8982669c2
branches:  trunk
changeset: 398879:bcb8982669c2
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Thu Sep 10 09:59:20 2009 +0000

description:
fix SA36425: possible DoS due to an error when parsing certain
UTF-8 sequences
(patch from Python CVS)
bump PKGREVISION

diffstat:

 textproc/expat/Makefile         |   3 ++-
 textproc/expat/distinfo         |   3 ++-
 textproc/expat/patches/patch-aa |  13 +++++++++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

diffs (41 lines):

diff -r 9acaa573a726 -r bcb8982669c2 textproc/expat/Makefile
--- a/textproc/expat/Makefile   Thu Sep 10 07:53:45 2009 +0000
+++ b/textproc/expat/Makefile   Thu Sep 10 09:59:20 2009 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2007/06/08 13:14:04 wiz Exp $
+# $NetBSD: Makefile,v 1.24 2009/09/10 09:59:20 drochner Exp $
 #
 
 DISTNAME=      expat-2.0.1
+PKGREVISION=   1
 CATEGORIES=    textproc
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=expat/}
 
diff -r 9acaa573a726 -r bcb8982669c2 textproc/expat/distinfo
--- a/textproc/expat/distinfo   Thu Sep 10 07:53:45 2009 +0000
+++ b/textproc/expat/distinfo   Thu Sep 10 09:59:20 2009 +0000
@@ -1,5 +1,6 @@
-$NetBSD: distinfo,v 1.16 2007/06/08 13:14:04 wiz Exp $
+$NetBSD: distinfo,v 1.17 2009/09/10 09:59:21 drochner Exp $
 
 SHA1 (expat-2.0.1.tar.gz) = 663548c37b996082db1f2f2c32af060d7aa15c2d
 RMD160 (expat-2.0.1.tar.gz) = d31bcb152adaff9e358968be1ea901e1b4ed3b2f
 Size (expat-2.0.1.tar.gz) = 446456 bytes
+SHA1 (patch-aa) = 55cb997bf87e982f1d7008af63a1b40962d09c74
diff -r 9acaa573a726 -r bcb8982669c2 textproc/expat/patches/patch-aa
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/expat/patches/patch-aa   Thu Sep 10 09:59:20 2009 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-aa,v 1.7 2009/09/10 09:59:21 drochner Exp $
+
+--- lib/xmltok_impl.c.orig     2009-09-10 11:37:45.000000000 +0200
++++ lib/xmltok_impl.c
+@@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *e
+                        const char *end,
+                        POSITION *pos)
+ {
+-  while (ptr != end) {
++  while (ptr < end) {
+     switch (BYTE_TYPE(enc, ptr)) {
+ #define LEAD_CASE(n) \
+     case BT_LEAD ## n: \