basesystem-jjsandbox/ToshikazuOhiwa/master-jj

recipes
author: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> 2020-11-02 11:07:33 +0900
committer: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> 2020-11-02 11:07:33 +0900
commit: 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch)
tree: cd70a267a5ef105ba32f200aa088e281fbd85747 /external/poky/meta/recipes-support/libxslt
parent: 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff)
5 files changed, 13 insertions, 329 deletions
diff --git a/external/poky/meta/recipes-support/libxslt/files/CVE-2019-13117.patch b/external/poky/meta/recipes-support/libxslt/files/CVE-2019-13117.patch
deleted file mode 100644
index ef3f2709..00000000
--- a/external/poky/meta/recipes-support/libxslt/files/CVE-2019-13117.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sat, 27 Apr 2019 11:19:48 +0200
-Subject: [PATCH] Fix uninitialized read of xsl:number token
-
-Found by OSS-Fuzz.
-
-CVE: CVE-2019-13117
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1]
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
----
- libxslt/numbers.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/libxslt/numbers.c b/libxslt/numbers.c
-index 89e1f668..75c31eba 100644
---- a/libxslt/numbers.c
-+++ b/libxslt/numbers.c
-@@ -382,7 +382,10 @@ xsltNumberFormatTokenize(const xmlChar *format,
- 		tokens->tokens[tokens->nTokens].token = val - 1;
- 		ix += len;
- 		val = xmlStringCurrentChar(NULL, format+ix, &len);
--	    }
-+	    } else {
-+                tokens->tokens[tokens->nTokens].token = (xmlChar)'0';
-+                tokens->tokens[tokens->nTokens].width = 1;
-+            }
- 	} else if ( (val == (xmlChar)'A') ||
- 		    (val == (xmlChar)'a') ||
- 		    (val == (xmlChar)'I') ||
--- 
-2.21.0
-
diff --git a/external/poky/meta/recipes-support/libxslt/files/CVE-2019-13118.patch b/external/poky/meta/recipes-support/libxslt/files/CVE-2019-13118.patch
deleted file mode 100644
index 595e6c2f..00000000
--- a/external/poky/meta/recipes-support/libxslt/files/CVE-2019-13118.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 6ce8de69330783977dd14f6569419489875fb71b Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 3 Jun 2019 13:14:45 +0200
-Subject: [PATCH] Fix uninitialized read with UTF-8 grouping chars
-
-The character type in xsltFormatNumberConversion was too narrow and
-an invalid character/length combination could be passed to
-xsltNumberFormatDecimal, resulting in an uninitialized read.
-
-Found by OSS-Fuzz.
-
-CVE: CVE-2019-13118
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b]
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-
----
- libxslt/numbers.c         | 5 +++--
- tests/docs/bug-222.xml    | 1 +
- tests/general/bug-222.out | 2 ++
- tests/general/bug-222.xsl | 6 ++++++
- 4 files changed, 12 insertions(+), 2 deletions(-)
- create mode 100644 tests/docs/bug-222.xml
- create mode 100644 tests/general/bug-222.out
- create mode 100644 tests/general/bug-222.xsl
-
-diff --git a/libxslt/numbers.c b/libxslt/numbers.c
-index f1ed8846..20b99d5a 100644
---- a/libxslt/numbers.c
-+++ b/libxslt/numbers.c
-@@ -1298,13 +1298,14 @@ OUTPUT_NUMBER:
-     number = floor((scale * number + 0.5)) / scale;
-     if ((self->grouping != NULL) &&
-         (self->grouping[0] != 0)) {
-+        int gchar;
- 
- 	len = xmlStrlen(self->grouping);
--	pchar = xsltGetUTF8Char(self->grouping, &len);
-+	gchar = xsltGetUTF8Char(self->grouping, &len);
- 	xsltNumberFormatDecimal(buffer, floor(number), self->zeroDigit[0],
- 				format_info.integer_digits,
- 				format_info.group,
--				pchar, len);
-+				gchar, len);
-     } else
- 	xsltNumberFormatDecimal(buffer, floor(number), self->zeroDigit[0],
- 				format_info.integer_digits,
-diff --git a/tests/docs/bug-222.xml b/tests/docs/bug-222.xml
-new file mode 100644
-index 00000000..69d62f2c
---- /dev/null
-+++ b/tests/docs/bug-222.xml
-@@ -0,0 +1 @@
-+<doc/>
-diff --git a/tests/general/bug-222.out b/tests/general/bug-222.out
-new file mode 100644
-index 00000000..e3139698
---- /dev/null
-+++ b/tests/general/bug-222.out
-@@ -0,0 +1,2 @@
-+<?xml version="1.0"?>
-+1⠢0
-diff --git a/tests/general/bug-222.xsl b/tests/general/bug-222.xsl
-new file mode 100644
-index 00000000..e32dc473
---- /dev/null
-+++ b/tests/general/bug-222.xsl
-@@ -0,0 +1,6 @@
-+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
-+  <xsl:decimal-format name="f" grouping-separator="⠢"/>
-+  <xsl:template match="/">
-+    <xsl:value-of select="format-number(10,'#⠢0','f')"/>
-+  </xsl:template>
-+</xsl:stylesheet>
--- 
-2.21.0
-
diff --git a/external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch b/external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
deleted file mode 100644
index 83ca8a3c..00000000
--- a/external/poky/meta/recipes-support/libxslt/libxslt/CVE-2019-11068.patch
+++ /dev/null
@@ -1,128 +0,0 @@
-From aed812d8dbbb6d1337312652aa72aa7f44d2b07d Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Sun, 24 Mar 2019 09:51:39 +0100
-Subject: [PATCH] Fix security framework bypass
-
-xsltCheckRead and xsltCheckWrite return -1 in case of error but callers
-don't check for this condition and allow access. With a specially
-crafted URL, xsltCheckRead could be tricked into returning an error
-because of a supposedly invalid URL that would still be loaded
-succesfully later on.
-
-Fixes #12.
-
-Thanks to Felix Wilhelm for the report.
-
-Signed-off-by: Muminul Islam <muminul.islam@microsoft.com>
-
-CVE: CVE-2019-11068
-
-Upstream-Status: Backport
-
-https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
----
- libxslt/documents.c | 18 ++++++++++--------
- libxslt/imports.c   |  9 +++++----
- libxslt/transform.c |  9 +++++----
- libxslt/xslt.c      |  9 +++++----
- 4 files changed, 25 insertions(+), 20 deletions(-)
-
-diff --git a/libxslt/documents.c b/libxslt/documents.c
-index 3f3a7312..4aad11bb 100644
---- a/libxslt/documents.c
-+++ b/libxslt/documents.c
-@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const xmlChar *URI) {
- 	int res;
- 
- 	res = xsltCheckRead(ctxt->sec, ctxt, URI);
--	if (res == 0) {
--	    xsltTransformError(ctxt, NULL, NULL,
--		 "xsltLoadDocument: read rights for %s denied\n",
--			     URI);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(ctxt, NULL, NULL,
-+                     "xsltLoadDocument: read rights for %s denied\n",
-+                                 URI);
- 	    return(NULL);
- 	}
-     }
-@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const xmlChar *URI) {
- 	int res;
- 
- 	res = xsltCheckRead(sec, NULL, URI);
--	if (res == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsltLoadStyleDocument: read rights for %s denied\n",
--			     URI);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsltLoadStyleDocument: read rights for %s denied\n",
-+                                 URI);
- 	    return(NULL);
- 	}
-     }
-diff --git a/libxslt/imports.c b/libxslt/imports.c
-index 7262aab9..b62e0877 100644
---- a/libxslt/imports.c
-+++ b/libxslt/imports.c
-@@ -131,10 +131,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xmlNodePtr cur) {
- 	int secres;
- 
- 	secres = xsltCheckRead(sec, NULL, URI);
--	if (secres == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsl:import: read rights for %s denied\n",
--			     URI);
-+	if (secres <= 0) {
-+            if (secres == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsl:import: read rights for %s denied\n",
-+                                 URI);
- 	    goto error;
- 	}
-     }
-diff --git a/libxslt/transform.c b/libxslt/transform.c
-index 560f43ca..46eef553 100644
---- a/libxslt/transform.c
-+++ b/libxslt/transform.c
-@@ -3485,10 +3485,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNodePtr node,
-      */
-     if (ctxt->sec != NULL) {
- 	ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
--	if (ret == 0) {
--	    xsltTransformError(ctxt, NULL, inst,
--		 "xsltDocumentElem: write rights for %s denied\n",
--			     filename);
-+	if (ret <= 0) {
-+            if (ret == 0)
-+                xsltTransformError(ctxt, NULL, inst,
-+                     "xsltDocumentElem: write rights for %s denied\n",
-+                                 filename);
- 	    xmlFree(URL);
- 	    xmlFree(filename);
- 	    return;
-diff --git a/libxslt/xslt.c b/libxslt/xslt.c
-index 54a39de9..359913e4 100644
---- a/libxslt/xslt.c
-+++ b/libxslt/xslt.c
-@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
- 	int res;
- 
- 	res = xsltCheckRead(sec, NULL, filename);
--	if (res == 0) {
--	    xsltTransformError(NULL, NULL, NULL,
--		 "xsltParseStylesheetFile: read rights for %s denied\n",
--			     filename);
-+	if (res <= 0) {
-+            if (res == 0)
-+                xsltTransformError(NULL, NULL, NULL,
-+                     "xsltParseStylesheetFile: read rights for %s denied\n",
-+                                 filename);
- 	    return(NULL);
- 	}
-     }
--- 
-2.23.0
-
diff --git a/external/poky/meta/recipes-support/libxslt/libxslt/fix-rvts-handling.patch b/external/poky/meta/recipes-support/libxslt/libxslt/fix-rvts-handling.patch
deleted file mode 100644
index ea3ae51e..00000000
--- a/external/poky/meta/recipes-support/libxslt/libxslt/fix-rvts-handling.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-libxslt-1.1.32: Fix handling of RVTs returned from nested EXSLT functions
-
-[No upstream tracking] -- https://bugzilla.gnome.org/show_bug.cgi?id=792580
-
-Set the context variable to NULL when evaluating EXSLT functions.
-Fixes potential use-after-free errors or memory leaks.
-
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxslt/commit/8bd32f7753ac253a54279a0b6a88d15a57076bb0]
-bug: 792580
-Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
-
-diff --git a/libexslt/functions.c b/libexslt/functions.c
-index dc794e3..8511cb0 100644
---- a/libexslt/functions.c
-+++ b/libexslt/functions.c
-@@ -280,6 +280,7 @@ exsltFuncFunctionFunction (xmlXPathParserContextPtr ctxt, int nargs) {
-     exsltFuncFunctionData *func;
-     xmlNodePtr paramNode, oldInsert, fake;
-     int oldBase;
-+    void *oldCtxtVar;
-     xsltStackElemPtr params = NULL, param;
-     xsltTransformContextPtr tctxt = xsltXPathGetTransformContext(ctxt);
-     int i, notSet;
-@@ -418,11 +419,14 @@ exsltFuncFunctionFunction (xmlXPathParserContextPtr ctxt, int nargs) {
-     fake = xmlNewDocNode(tctxt->output, NULL,
- 			 (const xmlChar *)"fake", NULL);
-     oldInsert = tctxt->insert;
-+    oldCtxtVar = tctxt->contextVariable;
-     tctxt->insert = fake;
-+    tctxt->contextVariable = NULL;
-     xsltApplyOneTemplate (tctxt, tctxt->node,
- 			  func->content, NULL, NULL);
-     xsltLocalVariablePop(tctxt, tctxt->varsBase, -2);
-     tctxt->insert = oldInsert;
-+    tctxt->contextVariable = oldCtxtVar;
-     tctxt->varsBase = oldBase;	/* restore original scope */
-     if (params != NULL)
- 	xsltFreeStackElemList(params);
-diff --git a/tests/docs/bug-209.xml b/tests/docs/bug-209.xml
-new file mode 100644
-index 0000000..69d62f2
---- /dev/null
-+++ b/tests/docs/bug-209.xml
-@@ -0,0 +1 @@
-+<doc/>
-diff --git a/tests/general/bug-209.out b/tests/general/bug-209.out
-new file mode 100644
-index 0000000..e829790
---- /dev/null
-+++ b/tests/general/bug-209.out
-@@ -0,0 +1,2 @@
-+<?xml version="1.0"?>
-+<result/>
-diff --git a/tests/general/bug-209.xsl b/tests/general/bug-209.xsl
-new file mode 100644
-index 0000000..fe69ac6
---- /dev/null
-+++ b/tests/general/bug-209.xsl
-@@ -0,0 +1,21 @@
-+<xsl:stylesheet
-+    version="1.0"
-+    xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
-+    xmlns:func="http://exslt.org/functions"
-+    extension-element-prefixes="func">
-+
-+    <xsl:template match="/">
-+        <xsl:variable name="v" select="func:a()" />
-+        <xsl:copy-of select="$v"/>
-+    </xsl:template>
-+
-+    <func:function name="func:a">
-+        <func:result select="func:b()" />
-+    </func:function>
-+
-+    <func:function name="func:b">
-+        <func:result>
-+            <result/>
-+        </func:result>
-+    </func:function>
-+</xsl:stylesheet>
diff --git a/external/poky/meta/recipes-support/libxslt/libxslt_1.1.32.bb b/external/poky/meta/recipes-support/libxslt/libxslt_1.1.34.bb
index e2a515f8..1961bb5b 100644
--- a/external/poky/meta/recipes-support/libxslt/libxslt_1.1.32.bb
+++ b/external/poky/meta/recipes-support/libxslt/libxslt_1.1.34.bb
@@ -9,14 +9,10 @@ SECTION = "libs"
 DEPENDS = "libxml2"
 
 SRC_URI = "http://xmlsoft.org/sources/libxslt-${PV}.tar.gz \
-           file://fix-rvts-handling.patch \
-           file://CVE-2019-11068.patch \
-           file://CVE-2019-13117.patch \
-           file://CVE-2019-13118.patch \
-"
+          "
 
-SRC_URI[md5sum] = "1fc72f98e98bf4443f1651165f3aa146"
-SRC_URI[sha256sum] = "526ecd0abaf4a7789041622c3950c0e7f2c4c8835471515fd77eec684a355460"
+SRC_URI[md5sum] = "db8765c8d076f1b6caafd9f2542a304a"
+SRC_URI[sha256sum] = "98b1bd46d6792925ad2dfe9a87452ea2adebf69dcb9919ffd55bf926a7f93f7f"
 
 UPSTREAM_CHECK_REGEX = "libxslt-(?P<pver>\d+(\.\d+)+)\.tar"
 
@@ -24,10 +20,11 @@ S = "${WORKDIR}/libxslt-${PV}"
 
 BINCONFIG = "${bindir}/xslt-config"
 
-inherit autotools pkgconfig binconfig-disabled lib_package
+inherit autotools pkgconfig binconfig-disabled lib_package multilib_header
 
-# We don't DEPEND on binutils for ansidecl.h so ensure we don't use the header
 do_configure_prepend () {
+	# We don't DEPEND on binutils for ansidecl.h so ensure we don't use the header.
+	# This can be removed when upgrading to 1.1.34.
 	sed -i -e 's/ansidecl.h//' ${S}/configure.ac
 
 	# The timestamps in the 1.1.28 tarball are messed up causing this file to
@@ -35,15 +32,19 @@ do_configure_prepend () {
 	touch ${S}/doc/xsltproc.1
 }
 
-EXTRA_OECONF = "--without-python --without-debug --without-mem-debug --without-crypto"
+EXTRA_OECONF = "--without-python --without-debug --without-mem-debug --without-crypto --with-html-subdir=${BPN}"
 # older versions of this recipe had ${PN}-utils
 RPROVIDES_${PN}-bin += "${PN}-utils"
 RCONFLICTS_${PN}-bin += "${PN}-utils"
 RREPLACES_${PN}-bin += "${PN}-utils"
 
-
+# This is only needed until libxml can load the relocated catalog itself
 do_install_append_class-native () {
-    create_wrapper ${D}/${bindir}/xsltproc XML_CATALOG_FILES=${sysconfdir}/xml/catalog.xml
+    create_wrapper ${D}/${bindir}/xsltproc XML_CATALOG_FILES=${sysconfdir}/xml/catalog
+}
+
+do_install_append () {
+   oe_multilib_header libxslt/xsltconfig.h
 }
 
 FILES_${PN} += "${libdir}/libxslt-plugins"
author	takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>	2020-11-02 11:07:33 +0900
committer	takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>	2020-11-02 11:07:33 +0900
commit	1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch)
tree	cd70a267a5ef105ba32f200aa088e281fbd85747 /external/poky/meta/recipes-support/libxslt
parent	4204309872da5cb401cbb2729d9e2d4869a87f42 (diff)