Commit b602b765 authored by Mònica Ramírez Arceda's avatar Mònica Ramírez Arceda Committed by Mattia Rizzolo

Import Debian changes 2.9.4+dfsg1-2.2

libxml2 (2.9.4+dfsg1-2.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix attribute decoding during XML schema validation 
    (Closes: #832602, #832864)
parent 8bd43baf
libxml2 (2.9.4+dfsg1-2.2) unstable; urgency=medium
* Non-maintainer upload.
* Fix attribute decoding during XML schema validation
(Closes: #832602, #832864)
-- Mònica Ramírez Arceda <monica@debian.org> Sat, 14 Jan 2017 15:31:49 +0100
libxml2 (2.9.4+dfsg1-2.1) unstable; urgency=medium
* Non-maintainer upload.
......
From 256366ed60f8795279b25f7b7b55e8089b4c6ff4 Mon Sep 17 00:00:00 2001
From: Alex Henrie <alexhenrie24@gmail.com>
Date: Thu, 26 May 2016 17:38:35 -0600
Subject: [PATCH] Fix attribute decoding during XML schema validation
For https://bugzilla.gnome.org/show_bug.cgi?id=766834
vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs,
so this function can't call xmlStringLenDecodeEntities to decode the
entities.
---
xmlschemas.c | 30 +++++++++++++++++++++++++-----
1 file changed, 25 insertions(+), 5 deletions(-)
diff --git a/xmlschemas.c b/xmlschemas.c
index e1b3a4f..59535e5 100644
--- a/xmlschemas.c
+++ b/xmlschemas.c
@@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
* attributes yet.
*/
if (nb_attributes != 0) {
+ int valueLen, k, l;
xmlChar *value;
for (j = 0, i = 0; i < nb_attributes; i++, j += 5) {
@@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
* libxml2 differs from normal SAX here in that it escapes all ampersands
* as &#38; instead of delivering the raw converted string. Changing the
* behavior at this point would break applications that use this API, so
- * we are forced to work around it. There is no danger of accidentally
- * decoding some entity other than &#38; in this step because without
- * unescaped ampersands there can be no other entities in the string.
+ * we are forced to work around it.
*/
- value = xmlStringLenDecodeEntities(vctxt->parserCtxt, attributes[j+3],
- attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0, 0);
+ valueLen = attributes[j+4] - attributes[j+3];
+ value = xmlMallocAtomic(valueLen + 1);
+ if (value == NULL) {
+ xmlSchemaVErrMemory(vctxt,
+ "allocating string for decoded attribute",
+ NULL);
+ goto internal_error;
+ }
+ for (k = 0, l = 0; k < valueLen; l++) {
+ if (k < valueLen - 4 &&
+ attributes[j+3][k+0] == '&' &&
+ attributes[j+3][k+1] == '#' &&
+ attributes[j+3][k+2] == '3' &&
+ attributes[j+3][k+3] == '8' &&
+ attributes[j+3][k+4] == ';') {
+ value[l] = '&';
+ k += 5;
+ } else {
+ value[l] = attributes[j+3][k];
+ k++;
+ }
+ }
+ value[l] = '\0';
/*
* TODO: Set the node line.
*/
--
2.8.3
......@@ -5,3 +5,4 @@
0005-Fix-XPointer-paths-beginning-with-range-to.patch
0006-Disallow-namespace-nodes-in-XPointer-ranges.patch
0007-Fix-more-NULL-pointer-derefs-in-xpointer.c.patch
0008-Fix-attribute-decoding-during-XML-schema-validation.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment