- Add patches to fix

CVS-2009-2414 CVS-2009-2416 CVS-2011-1944 Discussion with:bapt Approved by: secteam (myself) Obtained from: fedora/gentoo Security: http://www.vuxml.org/freebsd/ce4b3af8-0b7c-11e1-846b-00235409fd3e.html http://www.vuxml.org/freebsd/ce4b3af8-0b7c-11e1-846b-00235409fd3e.html http://www.vuxml.org/freebsd/5a7d4110-0b7a-11e1-846b-00235409fd3e.html Feature safe: yes
svn path=/head/; revision=285640
2025-07-18 01:39:16 -04:00 · 2011-11-12 16:05:28 +00:00 · 2011-11-12 16:05:28 +00:00 · 7f68c3aec0 · 2021-03-31 03:12:20 +00:00
commit 7f68c3aec0
parent f118522396
3 changed files with 133 additions and 1 deletions
--- a/textproc/libxml/Makefile
+++ b/textproc/libxml/Makefile
@ -7,7 +7,7 @@

 PORTNAME=	libxml
 PORTVERSION=	1.8.17
-PORTREVISION=	4
+PORTREVISION=	5
 CATEGORIES=	textproc gnome
 MASTER_SITES=	GNOME

--- a/textproc/libxml/files/patch-CVS-2009-2414-2416.patch
+++ b/textproc/libxml/files/patch-CVS-2009-2414-2416.patch
@ -0,0 +1,96 @@
+--- parser.c.orig	2001-09-14 14:09:41.000000000 +0000
+++ parser.c	2011-11-12 23:55:17.740815216 +0000
+@@ -5164,11 +5164,15 @@
+ 		                 "Name expected in NOTATION declaration\n");
+ 	    ctxt->wellFormed = 0;
+ 	    ctxt->disableSAX = 1;
+-	    return(ret);
+            xmlFreeEnumeration(ret);
+	    return(NULL);
+ 	}
+ 	cur = xmlCreateEnumeration(name);
+ 	xmlFree(name);
+-	if (cur == NULL) return(ret);
+	if (cur == NULL) {
+            xmlFreeEnumeration(ret);
+            return(NULL);
+        }
+ 	if (last == NULL) ret = last = cur;
+ 	else {
+ 	    last->next = cur;
+@@ -5183,9 +5187,8 @@
+ 	                     "')' required to finish NOTATION declaration\n");
+ 	ctxt->wellFormed = 0;
+ 	ctxt->disableSAX = 1;
+-	if ((last != NULL) && (last != ret))
+-	    xmlFreeEnumeration(last);
+-	return(ret);
+        xmlFreeEnumeration(ret);
+        return(NULL);
+     }
+     NEXT;
+     return(ret);
+@@ -5232,11 +5235,15 @@
+ 		                 "NmToken expected in ATTLIST enumeration\n");
+ 	    ctxt->wellFormed = 0;
+ 	    ctxt->disableSAX = 1;
+-	    return(ret);
+            xmlFreeEnumeration(ret);
+            return(NULL);
+ 	}
+ 	cur = xmlCreateEnumeration(name);
+ 	xmlFree(name);
+-	if (cur == NULL) return(ret);
+	if (cur == NULL) {
+            xmlFreeEnumeration(ret);
+            return(NULL);
+        }
+ 	if (last == NULL) ret = last = cur;
+ 	else {
+ 	    last->next = cur;
+@@ -5251,7 +5258,8 @@
+ 	                     "')' required to finish ATTLIST enumeration\n");
+ 	ctxt->wellFormed = 0;
+ 	ctxt->disableSAX = 1;
+-	return(ret);
+        xmlFreeEnumeration(ret);
+        return(NULL);
+     }
+     NEXT;
+     return(ret);
+@@ -5715,13 +5723,25 @@
+     xmlChar *elem;
+     xmlChar type = 0;
+ 
+    if (ctxt->depth > 128) {
+        ctxt->errNo = XML_ERR_ELEMCONTENT_NOT_FINISHED;
+        if ((ctxt->sax != NULL) && (ctxt->sax->error != NULL))
+            ctxt->sax->error(ctxt->userData, 
+                "xmlParseElementChildrenContentDecl : depth %d too deep\n",
+                             ctxt->depth);
+        ctxt->wellFormed = 0;
+        ctxt->disableSAX = 1;
+	return(NULL);
+    }
+     SKIP_BLANKS;
+     GROW;
+     if (RAW == '(') {
+         /* Recurse on first child */
+ 	NEXT;
+ 	SKIP_BLANKS;
+        ctxt->depth++;
+         cur = ret = xmlParseElementChildrenContentDecl(ctxt);
+        ctxt->depth--;
+ 	SKIP_BLANKS;
+ 	GROW;
+     } else {
+@@ -5865,7 +5885,9 @@
+ 	    /* Recurse on second child */
+ 	    NEXT;
+ 	    SKIP_BLANKS;
+            ctxt->depth++;
+ 	    last = xmlParseElementChildrenContentDecl(ctxt);
+            ctxt->depth--;
+ 	    SKIP_BLANKS;
+ 	} else {
+ 	    elem = xmlParseNameComplex(ctxt);
--- a/textproc/libxml/files/patch-CVS-2011-1944.patch
+++ b/textproc/libxml/files/patch-CVS-2011-1944.patch
@ -0,0 +1,36 @@
+--- xpath.c.orig	2000-06-28 19:33:51.000000000 +0100
+++ xpath.c	2011-06-02 16:20:16.095097371 +0100
+@@ -179,13 +179,13 @@
+ #define PUSH_AND_POP(type, name)					\
+ extern int name##Push(xmlXPathParserContextPtr ctxt, type value) {	\
+     if (ctxt->name##Nr >= ctxt->name##Max) {				\
+-	ctxt->name##Max *= 2;						\
+         ctxt->name##Tab = (void *) xmlRealloc(ctxt->name##Tab,		\
+-	             ctxt->name##Max * sizeof(ctxt->name##Tab[0]));	\
+	             ctxt->name##Max * 2 * sizeof(ctxt->name##Tab[0]));	\
+         if (ctxt->name##Tab == NULL) {					\
+ 	    fprintf(xmlXPathDebug, "realloc failed !\n");		\
+ 	    return(0);							\
+ 	}								\
+	ctxt->name##Max *= 2;						\
+     }									\
+     ctxt->name##Tab[ctxt->name##Nr] = value;				\
+     ctxt->name = value;							\
+@@ -418,14 +418,14 @@
+     } else if (cur->nodeNr == cur->nodeMax) {
+         xmlNodePtr *temp;
+ 
+-        cur->nodeMax *= 2;
+-	temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax *
+	temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 *
+ 				      sizeof(xmlNodePtr));
+ 	if (temp == NULL) {
+ 	    fprintf(xmlXPathDebug, "xmlXPathNodeSetAdd: out of memory\n");
+ 	    return;
+ 	}
+ 	cur->nodeTab = temp;
+        cur->nodeMax *= 2;
+     }
+     cur->nodeTab[cur->nodeNr++] = val;
+ }
+