basesystem-jjsandbox/ToshikazuOhiwa/master-jj

recipes
author: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> 2020-11-02 11:07:33 +0900
committer: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> 2020-11-02 11:07:33 +0900
commit: 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch)
tree: cd70a267a5ef105ba32f200aa088e281fbd85747 /external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
parent: 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff)
1 files changed, 0 insertions, 128 deletions
diff --git a/external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch b/external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
deleted file mode 100644
index 83ca8a3c..00000000
--- a/external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-From aed812d8dbbb6d1337312652aa72aa7f44d2b07d Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sun, 24 Mar 2019 09:51:39 +0100
-Subject: [PATCH] Fix security framework bypass
-
-xsltCheckRead and xsltCheckWrite return -1 in case of error but callers
-don't check for this condition and allow access. With a specially
-crafted URL, xsltCheckRead could be tricked into returning an error
-because of a supposedly invalid URL that would still be loaded
-succesfully later on.
-
-Fixes #12.
-
-Thanks to Felix Wilhelm for the report.
-
-Signed-off-by: Muminul Islam <muminul.islam@microsoft.com>
-
-CVE: CVE-2019-11068
-
-Upstream-Status: Backport
-
-https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
----
- libxslt/documents.c | 18 ++++++++++--------
- libxslt/imports.c   |  9 +++++----
- libxslt/transform.c |  9 +++++----
- libxslt/xslt.c      |  9 +++++----
- 4 files changed, 25 insertions(+), 20 deletions(-)
-
-diff --git a/libxslt/documents.c b/libxslt/documents.c
-index 3f3a7312..4aad11bb 100644
---- a/libxslt/documents.c
-+++ b/libxslt/documents.c
-@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) {
- 	int res;
- 
- 	res = xsltCheckRead(ctxt->sec, ctxt, URI);
--	if (res == 0) {
--	    xsltTransformError(ctxt, NULL, NULL,
--		 "xsltLoadDocument: read rights for %s denied\n",
--			     URI);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(ctxt, NULL, NULL,
-+                     "xsltLoadDocument: read rights for %s denied\n",
-+                                 URI);
- 	    return(NULL);
- 	}
-     }
-@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) {
- 	int res;
- 
- 	res = xsltCheckRead(sec, NULL, URI);
--	if (res == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsltLoadStyleDocument: read rights for %s denied\n",
--			     URI);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsltLoadStyleDocument: read rights for %s denied\n",
-+                                 URI);
- 	    return(NULL);
- 	}
-     }
-diff --git a/libxslt/imports.c b/libxslt/imports.c
-index 7262aab9..b62e0877 100644
---- a/libxslt/imports.c
-+++ b/libxslt/imports.c
-@@ -131,10 +131,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) {
- 	int secres;
- 
- 	secres = xsltCheckRead(sec, NULL, URI);
--	if (secres == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsl:import: read rights for %s denied\n",
--			     URI);
-+	if (secres <= 0) {
-+            if (secres == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsl:import: read rights for %s denied\n",
-+                                 URI);
- 	    goto error;
- 	}
-     }
-diff --git a/libxslt/transform.c b/libxslt/transform.c
-index 560f43ca..46eef553 100644
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -3485,10 +3485,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node,
-      */
-     if (ctxt->sec != NULL) {
- 	ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
--	if (ret == 0) {
--	    xsltTransformError(ctxt, NULL, inst,
--		 "xsltDocumentElem: write rights for %s denied\n",
--			     filename);
-+	if (ret <= 0) {
-+            if (ret == 0)
-+                xsltTransformError(ctxt, NULL, inst,
-+                     "xsltDocumentElem: write rights for %s denied\n",
-+                                 filename);
- 	    xmlFree(URL);
- 	    xmlFree(filename);
- 	    return;
-diff --git a/libxslt/xslt.c b/libxslt/xslt.c
-index 54a39de9..359913e4 100644
---- a/libxslt/xslt.c
-+++ b/libxslt/xslt.c
-@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
- 	int res;
- 
- 	res = xsltCheckRead(sec, NULL, filename);
--	if (res == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsltParseStylesheetFile: read rights for %s denied\n",
--			     filename);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsltParseStylesheetFile: read rights for %s denied\n",
-+                                 filename);
- 	    return(NULL);
- 	}
-     }
--- 
-2.23.0
-
author	takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>	2020-11-02 11:07:33 +0900
committer	takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>	2020-11-02 11:07:33 +0900
commit	1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch)
tree	cd70a267a5ef105ba32f200aa088e281fbd85747 /external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
parent	4204309872da5cb401cbb2729d9e2d4869a87f42 (diff)