pool/raptor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- add 0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch,

Browse Source 
ubsan.patch (bsc#1178593, CVE-2017-18926)

OBS-URL: https://build.opensuse.org/package/show/X11:common:Factory/raptor?expand=0&rev=42
This commit is contained in:
Dirk Mueller 2020-11-10 11:26:27 +00:00 committed by Git OBS Bridge
parent 2ca944a410
commit af5c4ad299
4 changed files with 87 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1 Normal file
View File

@ -0,0 +1,43 @@
From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001
From: Dave Beckett <dave@dajobe.org>
Date: Sun, 16 Apr 2017 23:15:12 +0100
Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
(raptor_xml_writer_start_element_common): Calculate max including for
each attribute a potential name and value.
Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
---
src/raptor_xml_writer.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
index 693b946..0d3a36a 100644
--- a/src/raptor_xml_writer.c
+++ b/src/raptor_xml_writer.c
@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
size_t nspace_declarations_count = 0;
unsigned int i;
- /* max is 1 per element and 1 for each attribute + size of declared */
if(nstack) {
- int nspace_max_count = element->attribute_count+1;
+ int nspace_max_count = element->attribute_count * 2; /* attr and value */
+ if(element->name->nspace)
+ nspace_max_count++;
if(element->declared_nspaces)
nspace_max_count += raptor_sequence_size(element->declared_nspaces);
if(element->xml_language)
@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
}
}
- /* Add the attribute + value */
+ /* Add the attribute's value */
nspace_declarations[nspace_declarations_count].declaration=
raptor_qname_format_as_xml(element->attributes[i],
&nspace_declarations[nspace_declarations_count].length);
--
2.9.3

6
raptor.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Tue Nov 10 08:59:36 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- add 0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch,
ubsan.patch (bsc#1178593, CVE-2017-18926)
-------------------------------------------------------------------
Sun Apr 26 19:52:44 UTC 2015 - mpluskal@suse.com

26
raptor.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package raptor
#
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@ -20,19 +20,20 @@ Name: raptor
Version: 2.0.15
Release: 0
Summary: RDF Parser Toolkit
License: LGPL-2.1+ or GPL-2.0+ or Apache-2.0
License: LGPL-2.1-or-later OR GPL-2.0-or-later OR Apache-2.0
Group: System/Libraries
Url: http://librdf.org/raptor/
URL: http://librdf.org/raptor/
Source0: http://download.librdf.org/source/%{name}2-%{version}.tar.gz
Source1: http://download.librdf.org/source/raptor2-%{version}.tar.gz.asc
Source2: %{name}.keyring
Source3: baselibs.conf
Patch1: https://raw.githubusercontent.com/LibreOffice/core/master/external/redland/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
Patch2: https://raw.githubusercontent.com/LibreOffice/core/master/external/redland/raptor/ubsan.patch
BuildRequires: bison
BuildRequires: curl-devel
BuildRequires: libicu-devel
BuildRequires: libxslt-devel
BuildRequires: pkg-config
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: pkgconfig
%if !0%{?sles_version}
BuildRequires: pkgconfig(libxml-2.0)
%else
@ -66,6 +67,8 @@ raptor library.
%prep
%setup -q -n %{name}2-%{version}
%patch1 -p1
%patch2
%build
%configure \
@ -74,10 +77,10 @@ raptor library.
--with-pic \
--with-icu-config=%{_bindir}/icu-config \
--with-html-dir=%{_docdir}
make %{?_smp_mflags}
%make_build
%install
make DESTDIR=%{buildroot} install %{?_smp_mflags}
%make_install
mv %{buildroot}%{_docdir}/raptor2 %{buildroot}%{_docdir}/raptor-devel
#causes some ugly dependency bloat..
rm -f %{buildroot}%{_libdir}/libraptor2.la
@ -88,24 +91,21 @@ make check
unset MALLOC_CHECK_
%post -n libraptor2-0 -p /sbin/ldconfig
%postun -n libraptor2-0 -p /sbin/ldconfig
%files
%defattr(-,root,root)
%doc AUTHORS COPYING COPYING.LIB ChangeLog LICENSE.txt NEWS README
%license COPYING COPYING.LIB LICENSE.txt
%doc AUTHORS ChangeLog NEWS README
%{_bindir}/rapper
%{_mandir}/man?/*
%files -n libraptor-devel
%defattr(-,root,root)
%doc %{_docdir}/raptor-devel
%{_libdir}/lib*.so
%{_includedir}/*
%{_libdir}/pkgconfig/*.pc
%files -n libraptor2-0
%defattr(-,root,root)
%{_libdir}/libraptor2.so.0*
%changelog

25
ubsan.patch Normal file
View File

@ -0,0 +1,25 @@
--- src/raptor_rfc2396.c
+++ src/raptor_rfc2396.c
@@ -386,7 +386,7 @@
}
- if(prev && s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
+ if(prev && cur && s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
/* Remove <component>/.. at the end of the path */
*prev = '\0';
path_len -= (s-prev);
--- src/raptor_uri.c
+++ src/raptor_uri.c
@@ -1336,9 +1336,9 @@
!strncmp((const char*)base_detail->scheme,
(const char*)reference_detail->scheme,
base_detail->scheme_len) &&
- !strncmp((const char*)base_detail->authority,
+ (base_detail->authority_len == 0 || !strncmp((const char*)base_detail->authority,
(const char*)reference_detail->authority,
- base_detail->authority_len)) {
+ base_detail->authority_len))) {
if(!base_detail->path) {
if(reference_detail->path) {