Commit 8198466b authored by Bill Blough's avatar Bill Blough

New upstream release (3.1.4)

Removed patches that have been applied upstream
Compile with curl support to allow accessing https urls
Fix fprint type mismatch warnings in tests
parent 23406fb1
xerces-c (3.1.4+debian-1) unstable; urgency=medium
* New upstream release
* Removed patches that are no longer needed (applied upstream)
* Compile with curl support to allow accessing https urls. Closes: #821380
* Added patch to fix some compiler warnings (forwarded upstream)
-- William Blough <devel@blough.us> Mon, 07 Nov 2016 20:38:09 -0500
xerces-c (3.1.3+debian-2.1) unstable; urgency=medium
* Non-maintainer upload.
......
......@@ -3,8 +3,9 @@ Section: libs
Priority: optional
Build-Depends: debhelper (>> 9),
default-jre-headless | default-jre,
libatk-wrapper-java,
dh-autoreconf,
libatk-wrapper-java,
libcurl4-gnutls-dev,
libicu-dev,
libstylebook-java,
libxalan2-java,
......
Description: CVE-2016-4463: Apache Xerces-C XML Parser Crashes on Malformed DTD
Origin: upstream, https://svn.apache.org/r1747619
Bug: https://issues.apache.org/jira/browse/XERCESC-2069
Forwarded: not-needed
Author: Scott Cantor <cantor.2@osu.edu>
Last-Update: 2016-06-28
--- a/src/xercesc/validators/DTD/DTDScanner.cpp
+++ b/src/xercesc/validators/DTD/DTDScanner.cpp
@@ -44,6 +44,8 @@
XERCES_CPP_NAMESPACE_BEGIN
+#define CONTENTSPEC_DEPTH_LIMIT 1000
+
// ---------------------------------------------------------------------------
// Local methods
// ---------------------------------------------------------------------------
@@ -1038,8 +1040,13 @@ bool DTDScanner::scanCharRef(XMLCh& firs
ContentSpecNode*
-DTDScanner::scanChildren(const DTDElementDecl& elemDecl, XMLBuffer& bufToUse)
+DTDScanner::scanChildren(const DTDElementDecl& elemDecl, XMLBuffer& bufToUse, unsigned int& depth)
{
+ if (depth++ > CONTENTSPEC_DEPTH_LIMIT) {
+ fScanner->emitError(XMLErrs::UnterminatedDOCTYPE);
+ return 0;
+ }
+
// Check for a PE ref here, but don't require spaces
checkForPERef(false, true);
@@ -1240,7 +1247,7 @@ DTDScanner::scanChildren(const DTDElemen
// Recurse to handle this new guy
ContentSpecNode* subNode;
try {
- subNode = scanChildren(elemDecl, bufToUse);
+ subNode = scanChildren(elemDecl, bufToUse, depth);
}
catch (const XMLErrs::Codes)
{
@@ -1577,7 +1584,8 @@ bool DTDScanner::scanContentSpec(DTDElem
//
toFill.setModelType(DTDElementDecl::Children);
XMLBufBid bbTmp(fBufMgr);
- ContentSpecNode* resNode = scanChildren(toFill, bbTmp.getBuffer());
+ unsigned int depth = 0;
+ ContentSpecNode* resNode = scanChildren(toFill, bbTmp.getBuffer(), depth);
status = (resNode != 0);
if (status)
toFill.setContentSpec(resNode);
--- a/src/xercesc/validators/DTD/DTDScanner.hpp
+++ b/src/xercesc/validators/DTD/DTDScanner.hpp
@@ -143,6 +143,7 @@ private:
(
const DTDElementDecl& elemDecl
, XMLBuffer& bufToUse
+ , unsigned int& depth
);
bool scanCharRef(XMLCh& toFill, XMLCh& second);
void scanComment();
Description: Fix CVE-2016-2099
Origin: upstream, https://issues.apache.org/jira/browse/XERCESC-2066
Last-Update: 2016-5-10
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/src/xercesc/validators/DTD/DTDScanner.cpp
+++ b/src/xercesc/validators/DTD/DTDScanner.cpp
@@ -2509,7 +2509,15 @@ void DTDScanner::scanExtSubsetDecl(const
{
while (true)
{
- const XMLCh nextCh = fReaderMgr->peekNextChar();
+ XMLCh nextCh;
+
+ try {
+ nextCh = fReaderMgr->peekNextChar();
+ }
+ catch (XMLException& ex) {
+ fScanner->emitError(XMLErrs::XMLException_Fatal, ex.getCode(), ex.getMessage(), NULL, NULL);
+ nextCh = chNull;
+ }
if (!nextCh)
{
Description: Disable DTD processing through the use of an env variable
XERCES_DISABLE_DTD set to "1" will cause the scanner to report a fatal
error if a DTD is seen. Existing applications won't see any change.
Origin: upstream, http://svn.apache.org/r1747620
Bug: https://issues.apache.org/jira/browse/XERCESC-2070
Forwarded: not-needed
Author: Scott Cantor <cantor.2@osu.edu>
Last-Update: 2016-06-28
--- a/src/xercesc/internal/XMLScanner.cpp
+++ b/src/xercesc/internal/XMLScanner.cpp
@@ -1270,8 +1270,15 @@ void XMLScanner::scanProlog()
if (sawDocTypeDecl) {
emitError(XMLErrs::DuplicateDocTypeDecl);
}
- scanDocTypeDecl();
- sawDocTypeDecl = true;
+
+ const char* envvar = getenv("XERCES_DISABLE_DTD");
+ if (envvar && !strcmp(envvar, "1")) {
+ emitError(XMLErrs::InvalidDocumentStructure);
+ }
+ else {
+ scanDocTypeDecl();
+ sawDocTypeDecl = true;
+ }
// if reusing grammar, this has been validated already in first scan
// skip for performance
Description: Fix fprintf type warnings in test programs
Some test programs emit compiler warnings about fprintf format specifiers not
matching the type of the variable being formatted. This patch corrects those
warnings by matching the appropriate specifiers to the types used.
Author: Bill Blough <devel@blough.us>
Forwarded: https://issues.apache.org/jira/browse/XERCESC-2081
Last-Update: 2016-11-07
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/tests/src/DOM/DOMTest/DTest.cpp
+++ b/tests/src/DOM/DOMTest/DTest.cpp
@@ -2241,7 +2241,7 @@ bool DOMTest::testDocument(DOMDocument*
XMLString::transcode(elementNames[i], tempStr, 3999);
if (XMLString::compareString(tempStr, n->getNodeName()))
{
- fprintf(stderr, "Comparison of this document's elements failed at element number %d at line %i \n", i, __LINE__);
+ fprintf(stderr, "Comparison of this document's elements failed at element number %lu at line %i \n", i, __LINE__);
OK = false;
break;
}
@@ -2273,7 +2273,7 @@ bool DOMTest::testDocument(DOMDocument*
XMLString::transcode(newElementNames[i], tempStr, 3999);
if (XMLString::compareString(tempStr, n->getNodeName()))
{
- fprintf(stderr, "Comparison of new document's elements failed at element number %d at line %i \n", i, __LINE__);
+ fprintf(stderr, "Comparison of new document's elements failed at element number %lu at line %i \n", i, __LINE__);
OK = false;
break;
}
@@ -2292,7 +2292,7 @@ bool DOMTest::testDocument(DOMDocument*
XMLString::transcode(elementNames[i], tempStr, 3999);
if (XMLString::compareString(tempStr, n->getNodeName()))
{
- fprintf(stderr, "Comparison of restored document's elements failed at element number %d at line %i \n", i, __LINE__);
+ fprintf(stderr, "Comparison of restored document's elements failed at element number %lu at line %i \n", i, __LINE__);
OK = false;
break;
}
@@ -2714,7 +2714,7 @@ bool DOMTest::testDOMerrors(DOMDocument*
XMLString::transcode(xpath,xpathStr,99); \
DOMXPathResult* result=(DOMXPathResult*)document->evaluate(xpathStr, document->getDocumentElement(), NULL, DOMXPathResult::ORDERED_NODE_SNAPSHOT_TYPE, NULL); \
if(result->getSnapshotLength() != expected) { \
- fprintf(stderr, "DOMDocument::evaluate does not work in line %i (%d nodes instead of %d)\n", line, result->getSnapshotLength(), expected); \
+ fprintf(stderr, "DOMDocument::evaluate does not work in line %i (%lu nodes instead of %d)\n", line, result->getSnapshotLength(), expected); \
OK = false; \
} \
result->release(); \
@@ -2732,7 +2732,7 @@ bool DOMTest::testDOMerrors(DOMDocument*
XMLString::transcode(xpath,xpathStr,99); \
DOMXPathResult* result=(DOMXPathResult*)document->evaluate(xpathStr, document->getDocumentElement(), resolver, DOMXPathResult::ORDERED_NODE_SNAPSHOT_TYPE, NULL); \
if(result->getSnapshotLength() != expected) { \
- fprintf(stderr, "DOMDocument::evaluate does not work in line %i (%d nodes instead of %d)\n", line, result->getSnapshotLength(), expected); \
+ fprintf(stderr, "DOMDocument::evaluate does not work in line %i (%lu nodes instead of %d)\n", line, result->getSnapshotLength(), expected); \
OK = false; \
} \
result->release(); \
@@ -2990,7 +2990,7 @@ bool DOMTest::testElement(DOMDocument* d
if (XMLString::compareString(tempStr, n->getNodeName()))
{
fprintf(stderr, "Warning!!! Comparison of DOMElement's 'getElementsByTagName' "
- "and/or 'item' failed at element number %d at line %i \n", i, __LINE__ );
+ "and/or 'item' failed at element number %lu at line %i \n", i, __LINE__ );
fprintf(stderr, "\n");
OK = false;
break;
@@ -3019,7 +3019,7 @@ bool DOMTest::testElement(DOMDocument* d
if (XMLString::compareString(tempStr, n->getNodeValue()))
{
fprintf(stderr, "Warning!!! Comparison of original text nodes via DOMNode* 'getChildNodes' & DOMNodeList 'item'\n"
- " failed at text node: #%d at line %i \n ", j, __LINE__ );
+ " failed at text node: #%lu at line %i \n ", j, __LINE__ );
OK = false;
break;
}
--- a/tests/src/EncodingTest/EncodingTest.cpp
+++ b/tests/src/EncodingTest/EncodingTest.cpp
@@ -71,7 +71,7 @@ void ParseErrorHandler::error(const SAXP
char* systemId = XMLString::transcode(e.getSystemId());
char* message = XMLString::transcode(e.getMessage());
- fprintf(stderr, "\nError at file \"%s\", line %d, char %d: %s\n",
+ fprintf(stderr, "\nError at file \"%s\", line %lu, char %lu: %s\n",
systemId, e.getLineNumber(),
e.getColumnNumber(), message);
@@ -86,7 +86,7 @@ void ParseErrorHandler::fatalError(const
char* systemId = XMLString::transcode(e.getSystemId());
char* message = XMLString::transcode(e.getMessage());
- fprintf(stderr, "\nFatal Error at file \"%s\", line %d, char %d: %s\n",
+ fprintf(stderr, "\nFatal Error at file \"%s\", line %lu, char %lu: %s\n",
systemId, e.getLineNumber(),
e.getColumnNumber(), message);
@@ -100,7 +100,7 @@ void ParseErrorHandler::warning(const SA
char* systemId = XMLString::transcode(e.getSystemId());
char* message = XMLString::transcode(e.getMessage());
- fprintf(stderr, "\nWarning at file \"%s\", line %d, char %d: %s\n",
+ fprintf(stderr, "\nWarning at file \"%s\", line %lu, char %lu: %s\n",
systemId, e.getLineNumber(),
e.getColumnNumber(), message);
@@ -337,7 +337,7 @@ static bool processTestFile(const XMLCh
if (rawIndex < rawUData.getLen())
{
fprintf(stderr, "Test file \"%s\": Bad hex number in udata element. "
- "Data character number %d\n", cFileName, uData.getLen());
+ "Data character number %lu\n", cFileName, uData.getLen());
return false;
}
}
cve_2016_2099
CVE-2016-4463.patch
disable-DTD-processing-through-envvariable.patch
fix_fprintf_warnings.diff
......@@ -4,7 +4,7 @@
dh $@ --with autoreconf
override_dh_auto_configure:
dh_auto_configure -- --disable-pretty-make
dh_auto_configure -- --disable-pretty-make --enable-netaccessor-curl
override_dh_compress:
dh_compress -plibxerces-c-dev -Xexamples
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment