libxml2/libxml2-python3-unicode-errors.patch

---
 python/libxml.c |   11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

Index: libxml2-2.12.0/python/libxml.c
===================================================================
--- libxml2-2.12.0.orig/python/libxml.c
+++ libxml2-2.12.0/python/libxml.c
@@ -1505,6 +1505,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU
     PyObject *message;
     PyObject *result;
     char str[1000];
+    unsigned char *ptr = (unsigned char *)str;
 
     if (libxml_xmlPythonErrorFuncHandler == NULL) {
         va_start(ap, msg);
@@ -1516,12 +1517,20 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU
 	    str[999] = 0;
         va_end(ap);
 
+#if PY_MAJOR_VERSION >= 3
+        /* Ensure the error string doesn't start at UTF8 continuation. */
+        while (*ptr && (*ptr & 0xc0) == 0x80)
+            ptr++;
+#endif
+
         list = PyTuple_New(2);
         PyTuple_SetItem(list, 0, libxml_xmlPythonErrorFuncCtxt);
         Py_XINCREF(libxml_xmlPythonErrorFuncCtxt);
-        message = libxml_charPtrConstWrap(str);
+        message = libxml_charPtrConstWrap(ptr);
         PyTuple_SetItem(list, 1, message);
         result = PyObject_CallObject(libxml_xmlPythonErrorFuncHandler, list);
+        /* Forget any errors caused in the error handler. */
+        PyErr_Clear();
         Py_XDECREF(list);
         Py_XDECREF(result);
     }
Accepting request 927304 from home:mcepl:branches:devel:libraries:c_c++ - Rewrite package to the single-spec %python_subpackage_only style and eliminate unnecessary multibuild. OBS-URL: https://build.opensuse.org/request/show/927304 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=167 2021-10-25 13:06:46 +00:00			`---`
			`python/libxml.c \| 11 ++++++++++-`
			`1 file changed, 10 insertions(+), 1 deletion(-)`

checkin OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=227 2024-11-13 09:48:33 +00:00			`Index: libxml2-2.12.0/python/libxml.c`
Accepting request 1084343 from home:david.anes:branches:devel:libraries:c_c++ - Rebased patches: * libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch - Update to 2.11.1: * Fixes build and ABI issues. - cmake: Fix va_copy detection (Luca Niccoli) - libxml.m4: Fix quoting - Link with --undefined-version - libxml2.syms: Revert removal of version information - Update to 2.11.0: * Major changes - Protection against entity expansion attacks, also known as "billion laughs" has been greatly improved. Malicious files should be detected reliably now and false positives should be reduced. It is possible though that large documents which make heavy use of entities are rejected now. - This release finally fixes symbol visibility on UNIX systems. Internal symbols will now be hidden. While these symbols were never declared in public headers, it was still possible to declare them manually. Now this won't work. - All symbol information has been removed from the ELF version script to fix link errors with --no-undefined-version. The version nodes are kept so it should still be possible to run binaries linked against older versions. - About 90 memory errors in code paths handling malloc failures have been fixed. While these issues shouldn't impact security, this improves robustness under memory pressure. - The XInclude engine has been reworked to properly support nested includes. - Several cases of quadratic behavior in the XML push parser have been fixed. OBS-URL: https://build.opensuse.org/request/show/1084343 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=194 2023-05-03 16:01:24 +00:00			`===================================================================`
checkin OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=227 2024-11-13 09:48:33 +00:00			`--- libxml2-2.12.0.orig/python/libxml.c`
			`+++ libxml2-2.12.0/python/libxml.c`
			`@@ -1505,6 +1505,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU`
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=1 2009-06-18 18:16:21 +00:00			`PyObject *message;`
			`PyObject *result;`
			`char str[1000];`
			`+ unsigned char ptr = (unsigned char )str;`

Accepting request 1126893 from home:david.anes:branches:devel:libraries:c_c++ - Removed patches (already in upstream): * libxml2-CVE-2023-39615.patch * libxml2-CVE-2023-45322.patch * libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch * python312.patch - Update to 2.12.0: * Major changes: - Most of the known issues leading to quadratic behavior in the XML parser were fixed. Internal hash tables were rewritten to reduce memory consumption. - Starting with this release, it should be enough to add the --with-legacy configuration option to provide maximum ABI compatibility. - libxml2 will now store global variables in thread-local storage if supported by the compiler. This avoids allocating the data lazily which can result in a fatal error condition. - A new API function xmlCheckThreadLocalStorage was added so the allocation can be checked earlier if compiler TLS is not supported. - To prepare for future improvements, some API functions now expect or return a const xmlError struct. - Several cyclic dependencies in public header files were fixed. - Refactoring of the encoding code has been mostly completed. Calling xmlSwitchEncoding from client code is now fully supported, for example to override the encoding for the push parser. - When parsing data from memory, libxml2 will now stream data chunk by chunk instead of copying the whole buffer (possibly twice with encodings), reducing peak memory consumption considerably. OBS-URL: https://build.opensuse.org/request/show/1126893 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=206 2023-11-16 15:42:22 +00:00			`if (libxml_xmlPythonErrorFuncHandler == NULL) {`
			`va_start(ap, msg);`
checkin OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=227 2024-11-13 09:48:33 +00:00			`@@ -1516,12 +1517,20 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU`
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=1 2009-06-18 18:16:21 +00:00			`str[999] = 0;`
			`va_end(ap);`

			`+#if PY_MAJOR_VERSION >= 3`
			`+ /* Ensure the error string doesn't start at UTF8 continuation. */`
			`+ while (ptr && (ptr & 0xc0) == 0x80)`
			`+ ptr++;`
			`+#endif`
			`+`
			`list = PyTuple_New(2);`
			`PyTuple_SetItem(list, 0, libxml_xmlPythonErrorFuncCtxt);`
			`Py_XINCREF(libxml_xmlPythonErrorFuncCtxt);`
			`- message = libxml_charPtrConstWrap(str);`
			`+ message = libxml_charPtrConstWrap(ptr);`
			`PyTuple_SetItem(list, 1, message);`
Accepting request 1084343 from home:david.anes:branches:devel:libraries:c_c++ - Rebased patches: * libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch - Update to 2.11.1: * Fixes build and ABI issues. - cmake: Fix va_copy detection (Luca Niccoli) - libxml.m4: Fix quoting - Link with --undefined-version - libxml2.syms: Revert removal of version information - Update to 2.11.0: * Major changes - Protection against entity expansion attacks, also known as "billion laughs" has been greatly improved. Malicious files should be detected reliably now and false positives should be reduced. It is possible though that large documents which make heavy use of entities are rejected now. - This release finally fixes symbol visibility on UNIX systems. Internal symbols will now be hidden. While these symbols were never declared in public headers, it was still possible to declare them manually. Now this won't work. - All symbol information has been removed from the ELF version script to fix link errors with --no-undefined-version. The version nodes are kept so it should still be possible to run binaries linked against older versions. - About 90 memory errors in code paths handling malloc failures have been fixed. While these issues shouldn't impact security, this improves robustness under memory pressure. - The XInclude engine has been reworked to properly support nested includes. - Several cases of quadratic behavior in the XML push parser have been fixed. OBS-URL: https://build.opensuse.org/request/show/1084343 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=194 2023-05-03 16:01:24 +00:00			`result = PyObject_CallObject(libxml_xmlPythonErrorFuncHandler, list);`
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=1 2009-06-18 18:16:21 +00:00			`+ /* Forget any errors caused in the error handler. */`
			`+ PyErr_Clear();`
			`Py_XDECREF(list);`
			`Py_XDECREF(result);`
			`}`