From b322404024b5d157c6777b5db9afdb3609a2d4b7cbb08d343bd45b3ad1b83123 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Fri, 30 Oct 2009 16:36:06 +0000 Subject: [PATCH] checked in OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-HTML-Parser?expand=0&rev=7 --- perl-HTML-Parser-3.61-entity.diff | 81 ------------------------------- perl-HTML-Parser.changes | 5 -- perl-HTML-Parser.spec | 2 - 3 files changed, 88 deletions(-) delete mode 100644 perl-HTML-Parser-3.61-entity.diff diff --git a/perl-HTML-Parser-3.61-entity.diff b/perl-HTML-Parser-3.61-entity.diff deleted file mode 100644 index ede1f2e..0000000 --- a/perl-HTML-Parser-3.61-entity.diff +++ /dev/null @@ -1,81 +0,0 @@ -commit b9aae1e43eb2c8e989510187cff0ba3e996f9a4c -Author: Gisle Aas -Date: Thu Oct 22 21:45:54 2009 +0200 - - decode_entities confused by trailing incomplete entity - - Mark Martinec reported crashed when running SpamAssassin, given a - particular HTML junk mail to parse. The problem was caused by - HTML::Parsers decode_entities function confusing itself when it - encountered strings with incomplete entities at the end of the string. - -diff --git a/t/entities.t b/t/entities.t -index 7f6a29a..e96501c 100644 ---- a/t/entities.t -+++ b/t/entities.t -@@ -1,6 +1,6 @@ - use HTML::Entities qw(decode_entities encode_entities encode_entities_numeric); - --use Test::More tests => 12; -+use Test::More tests => 13; - - $a = "Våre norske tegn bør æres"; - -@@ -71,6 +71,8 @@ is(decode_entities("abc&def&ghi&abc;&def;"), "abc&def&ghi&abc;&def;"); - is(decode_entities("'"), "'"); - is(encode_entities("'", "'"), "'"); - -+is(decode_entities("Attention Homeοωnөrs...1ѕt Tімe Eνөг"), -+ "Attention Home\x{3BF}\x{3C9}n\x{4E9}rs...1\x{455}t T\x{456}\x{43C}e E\x{3BD}\x{4E9}\x{433}"); - - __END__ - # Quoted from rfc1866.txt -diff --git a/util.c b/util.c -index 28fec78..6f56a2b 100644 ---- a/util.c -+++ b/util.c -@@ -94,14 +94,14 @@ decode_entities(pTHX_ SV* sv, HV* entity2char, bool expand_prefix) - ent_start = s; - repl = 0; - -- if (*s == '#') { -+ if (s < end && *s == '#') { - UV num = 0; - UV prev = 0; - int ok = 0; - s++; -- if (*s == 'x' || *s == 'X') { -+ if (s < end && (*s == 'x' || *s == 'X')) { - s++; -- while (*s) { -+ while (s < end) { - char *tmp = strchr(PL_hexdigit, *s); - if (!tmp) - break; -@@ -117,7 +117,7 @@ decode_entities(pTHX_ SV* sv, HV* entity2char, bool expand_prefix) - } - } - else { -- while (isDIGIT(*s)) { -+ while (s < end && isDIGIT(*s)) { - num = num * 10 + (*s - '0'); - if (prev && num < prev) { - /* overflow */ -@@ -180,7 +180,7 @@ decode_entities(pTHX_ SV* sv, HV* entity2char, bool expand_prefix) - } - else { - char *ent_name = s; -- while (isALNUM(*s)) -+ while (s < end && isALNUM(*s)) - s++; - if (ent_name != s && entity2char) { - SV** svp; -@@ -216,7 +216,7 @@ decode_entities(pTHX_ SV* sv, HV* entity2char, bool expand_prefix) - - if (repl) { - char *repl_allocated = 0; -- if (*s == ';') -+ if (s < end && *s == ';') - s++; - t--; /* '&' already copied, undo it */ - diff --git a/perl-HTML-Parser.changes b/perl-HTML-Parser.changes index 87a8b52..1546f14 100644 --- a/perl-HTML-Parser.changes +++ b/perl-HTML-Parser.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Thu Oct 29 13:48:31 CET 2009 - anicka@suse.cz - -- fixed CVE-2009-3627 (bnc#550076) - ------------------------------------------------------------------- Thu Aug 27 14:39:20 CEST 2009 - coolo@novell.com diff --git a/perl-HTML-Parser.spec b/perl-HTML-Parser.spec index d8f1258..b97ba71 100644 --- a/perl-HTML-Parser.spec +++ b/perl-HTML-Parser.spec @@ -27,7 +27,6 @@ License: Artistic License .. Group: Development/Libraries/Perl Url: http://search.org/dist/HTML-Parser Source: %{cpan_name}-%{version}.tar.bz2 -Patch: %{name}-%{version}-entity.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros @@ -67,7 +66,6 @@ If event driven parsing does not feel right for your application, you might © 1999-2000 Michael A. Chase. All rights reserved. %prep %setup -q -n %{cpan_name}-%{version} -%patch -p1 %build CFLAGS="$RPM_OPT_FLAGS" perl Makefile.PL