diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-12-17 04:11:34 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-01-09 02:21:44 +0300 |
commit | 1a4b7ee28bf7413af6513fb45ad0d0736048f866 (patch) | |
tree | 79f6d8ea698cab8f2eaf4f54b793d2ca7a1451ce /poky/meta/recipes-core/libxml | |
parent | 5b9ede0403237c7dace972affa65cf64a1aadd0e (diff) | |
download | openbmc-1a4b7ee28bf7413af6513fb45ad0d0736048f866.tar.xz |
reset upstream subtrees to yocto 2.6
Reset the following subtrees on thud HEAD:
poky: 87e3a9739d
meta-openembedded: 6094ae18c8
meta-security: 31dc4e7532
meta-raspberrypi: a48743dc36
meta-xilinx: c42016e2e6
Also re-apply backports that didn't make it into thud:
poky:
17726d0 systemd-systemctl-native: handle Install wildcards
meta-openembedded:
4321a5d libtinyxml2: update to 7.0.1
042f0a3 libcereal: Add native and nativesdk classes
e23284f libcereal: Allow empty package
030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG
179a1b9 gtest: update to 1.8.1
Squashed OpenBMC subtree compatibility updates:
meta-aspeed:
Brad Bishop (1):
aspeed: add yocto 2.6 compatibility
meta-ibm:
Brad Bishop (1):
ibm: prepare for yocto 2.6
meta-ingrasys:
Brad Bishop (1):
ingrasys: set layer compatibility to yocto 2.6
meta-openpower:
Brad Bishop (1):
openpower: set layer compatibility to yocto 2.6
meta-phosphor:
Brad Bishop (3):
phosphor: set layer compatibility to thud
phosphor: libgpg-error: drop patches
phosphor: react to fitimage artifact rename
Ed Tanous (4):
Dropbear: upgrade options for latest upgrade
yocto2.6: update openssl options
busybox: remove upstream watchdog patch
systemd: Rebase CONFIG_CGROUP_BPF patch
Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-core/libxml')
-rw-r--r-- | poky/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch | 55 | ||||
-rw-r--r-- | poky/meta/recipes-core/libxml/libxml2/ansidecl.patch | 25 | ||||
-rw-r--r-- | poky/meta/recipes-core/libxml/libxml2/fix-CVE-2017-8872.patch | 65 | ||||
-rw-r--r-- | poky/meta/recipes-core/libxml/libxml2/fix-CVE-2018-14404.patch (renamed from poky/meta/recipes-core/libxml/libxml2/CVE-2018-14404.patch) | 45 | ||||
-rw-r--r-- | poky/meta/recipes-core/libxml/libxml2/runtest.patch | 151 | ||||
-rw-r--r-- | poky/meta/recipes-core/libxml/libxml2_2.9.8.bb (renamed from poky/meta/recipes-core/libxml/libxml2_2.9.7.bb) | 22 |
6 files changed, 224 insertions, 139 deletions
diff --git a/poky/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch b/poky/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch new file mode 100644 index 0000000000..16c229574c --- /dev/null +++ b/poky/meta/recipes-core/libxml/libxml2/0001-Fix-infinite-loop-in-LZMA-decompression.patch @@ -0,0 +1,55 @@ +From 28a9dc642ffd759df1e48be247a114f440a6c16e Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Mon, 30 Jul 2018 13:14:11 +0200 +Subject: [PATCH] Fix infinite loop in LZMA decompression +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Check the liblzma error code more thoroughly to avoid infinite loops. + +Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13 +Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914 + +This is CVE-2018-9251 and CVE-2018-14567. + +Thanks to Dongliang Mu and Simon Wörner for the reports. + +CVE: CVE-2018-9251 +CVE: CVE-2018-14567 +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74] +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + xzlib.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/xzlib.c b/xzlib.c +index a839169..0ba88cf 100644 +--- a/xzlib.c ++++ b/xzlib.c +@@ -562,6 +562,10 @@ xz_decomp(xz_statep state) + "internal error: inflate stream corrupt"); + return -1; + } ++ /* ++ * FIXME: Remapping a couple of error codes and falling through ++ * to the LZMA error handling looks fragile. ++ */ + if (ret == Z_MEM_ERROR) + ret = LZMA_MEM_ERROR; + if (ret == Z_DATA_ERROR) +@@ -587,6 +591,11 @@ xz_decomp(xz_statep state) + xz_error(state, LZMA_PROG_ERROR, "compression error"); + return -1; + } ++ if ((state->how != GZIP) && ++ (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) { ++ xz_error(state, ret, "lzma error"); ++ return -1; ++ } + } while (strm->avail_out && ret != LZMA_STREAM_END); + + /* update available output and crc check value */ +-- +2.7.4 + diff --git a/poky/meta/recipes-core/libxml/libxml2/ansidecl.patch b/poky/meta/recipes-core/libxml/libxml2/ansidecl.patch deleted file mode 100644 index 1085c680b6..0000000000 --- a/poky/meta/recipes-core/libxml/libxml2/ansidecl.patch +++ /dev/null @@ -1,25 +0,0 @@ -Sadly cmake is broken. If it sees this reference and ansidecl is present, it will add a -dependency upon it, even if HAVE_ANSIDEC_H is never set. - -The easiest solution is to remove these lines, otherwise recipes like libzypp can have a -dependency on the ansidecl.h header via cmake. This can lead to odd results if the -header is removed (clean binutils) and then the code is recompiled. - -RP 2012/7/10 - -Upstream-Status: Inappropriate [its really a cmake bug] - -diff --git a/configure.ac b/configure.ac -index 0260281..fdb58e9 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -484 +483,0 @@ AC_CHECK_HEADERS([time.h]) --AC_CHECK_HEADERS([ansidecl.h]) -diff --git a/include/libxml/xmlversion.h.in b/include/libxml/xmlversion.h.in -index b173be9..d10f975 100644 ---- a/include/libxml/xmlversion.h.in -+++ b/include/libxml/xmlversion.h.in -@@ -413,3 +412,0 @@ XMLPUBFUN void XMLCALL xmlCheckVersion(int version); --#ifdef HAVE_ANSIDECL_H --#include <ansidecl.h> --#endif diff --git a/poky/meta/recipes-core/libxml/libxml2/fix-CVE-2017-8872.patch b/poky/meta/recipes-core/libxml/libxml2/fix-CVE-2017-8872.patch new file mode 100644 index 0000000000..42a4b0ed60 --- /dev/null +++ b/poky/meta/recipes-core/libxml/libxml2/fix-CVE-2017-8872.patch @@ -0,0 +1,65 @@ +Upstream-Status: Backport +CVE: CVE-2017-8872 +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 123234f2cfcd9e9b9f83047eee1dc17b4c3f4407 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Tue, 11 Sep 2018 14:52:07 +0200 +Subject: [PATCH] Free input buffer in xmlHaltParser + +This avoids miscalculation of available bytes. + +Thanks to Yunho Kim for the report. + +Closes: #26 +--- + parser.c | 5 +++++ + result/errors/759573.xml.err | 17 +++++++---------- + 2 files changed, 12 insertions(+), 10 deletions(-) + +diff --git a/parser.c b/parser.c +index ca9fde2c..5813a664 100644 +--- a/parser.c ++++ b/parser.c +@@ -12462,7 +12462,12 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) { + ctxt->input->free((xmlChar *) ctxt->input->base); + ctxt->input->free = NULL; + } ++ if (ctxt->input->buf != NULL) { ++ xmlFreeParserInputBuffer(ctxt->input->buf); ++ ctxt->input->buf = NULL; ++ } + ctxt->input->cur = BAD_CAST""; ++ ctxt->input->length = 0; + ctxt->input->base = ctxt->input->cur; + ctxt->input->end = ctxt->input->cur; + } +diff --git a/result/errors/759573.xml.err b/result/errors/759573.xml.err +index 554039f6..38ef5c40 100644 +--- a/result/errors/759573.xml.err ++++ b/result/errors/759573.xml.err +@@ -21,14 +21,11 @@ Entity: line 1: + ^ + ./test/errors/759573.xml:1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration + +-<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '%<![INCLUDE[000%ஸ00 +- ^ ++ ++^ + ./test/errors/759573.xml:1: parser error : DOCTYPE improperly terminated +-<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '%<![INCLUDE[000%ஸ00 +- ^ +-./test/errors/759573.xml:1: parser error : StartTag: invalid element name +-<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '%<![INCLUDE[000%ஸ00 +- ^ +-./test/errors/759573.xml:1: parser error : Extra content at the end of the document +-<?h?><!DOCTYPEt[<!ELEMENT t (A)><!ENTITY % xx '%<![INCLUDE[000%ஸ00 +- ^ ++ ++^ ++./test/errors/759573.xml:1: parser error : Start tag expected, '<' not found ++ ++^ +-- +2.11.0 + diff --git a/poky/meta/recipes-core/libxml/libxml2/CVE-2018-14404.patch b/poky/meta/recipes-core/libxml/libxml2/fix-CVE-2018-14404.patch index af3e7b2af9..21668e25ad 100644 --- a/poky/meta/recipes-core/libxml/libxml2/CVE-2018-14404.patch +++ b/poky/meta/recipes-core/libxml/libxml2/fix-CVE-2018-14404.patch @@ -1,58 +1,45 @@ -From 29115868c92c81a4119b05ea95b3c91608a0b6e8 Mon Sep 17 00:00:00 2001 -From: Nick Wellnhofer <wellnhofer@aevum.de> -Date: Mon, 30 Jul 2018 12:54:38 +0200 -Subject: [PATCH] Fix nullptr deref with XPath logic ops +libxml2-2.9.8: Fix CVE-2018-14404 + +[No upstream tracking] -- https://gitlab.gnome.org/GNOME/libxml2/issues/5 + -- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 + -- https://bugzilla.redhat.com/show_bug.cgi?id=1595985 + +xpath: Fix nullptr deref with XPath logic ops If the XPath stack is corrupted, for example by a misbehaving extension function, the "and" and "or" XPath operators could dereference NULL pointers. Check that the XPath stack isn't empty and optimize the logic operators slightly. -Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5 - -Also see -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 -https://bugzilla.redhat.com/show_bug.cgi?id=1595985 - -This is CVE-2018-14404. - -Thanks to Guy Inbar for the report. - -CVE: CVE-2018-14404 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/a436374994c47b12d5de1b8b1d191a098fa23594] -Signed-off-by: Sinan Kaya <okaya@kernel.org> ---- - xpath.c | 10 ++++------ - 1 file changed, 4 insertions(+), 6 deletions(-) +CVE: CVE-2018-14404 +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> diff --git a/xpath.c b/xpath.c -index 35274731..3fcdc9e1 100644 +index f440696..75cac5c 100644 --- a/xpath.c +++ b/xpath.c -@@ -13337,9 +13337,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) +@@ -13297,9 +13297,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) return(0); } xmlXPathBooleanFunction(ctxt, 1); - arg1 = valuePop(ctxt); - arg1->boolval &= arg2->boolval; - valuePush(ctxt, arg1); -+ if (ctxt->value != NULL) -+ ctxt->value->boolval &= arg2->boolval; ++ if (ctxt->value != NULL) ++ ctxt->value->boolval &= arg2->boolval; xmlXPathReleaseObject(ctxt->context, arg2); return (total); case XPATH_OP_OR: -@@ -13363,9 +13362,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) +@@ -13323,9 +13322,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) return(0); } xmlXPathBooleanFunction(ctxt, 1); - arg1 = valuePop(ctxt); - arg1->boolval |= arg2->boolval; - valuePush(ctxt, arg1); -+ if (ctxt->value != NULL) -+ ctxt->value->boolval |= arg2->boolval; ++ if (ctxt->value != NULL) ++ ctxt->value->boolval |= arg2->boolval; xmlXPathReleaseObject(ctxt->context, arg2); return (total); case XPATH_OP_EQUAL: --- -2.19.0 - diff --git a/poky/meta/recipes-core/libxml/libxml2/runtest.patch b/poky/meta/recipes-core/libxml/libxml2/runtest.patch index cb171d5b36..544dc05834 100644 --- a/poky/meta/recipes-core/libxml/libxml2/runtest.patch +++ b/poky/meta/recipes-core/libxml/libxml2/runtest.patch @@ -6,8 +6,8 @@ Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Upstream-Status: Backport diff -uNr a/Makefile.am b/Makefile.am ---- a/Makefile.am 2017-08-28 15:01:14.000000000 +0200 -+++ b/Makefile.am 2017-09-05 08:06:05.752287323 +0200 +--- a/Makefile.am 2017-12-02 09:58:10.000000000 +0100 ++++ b/Makefile.am 2018-03-20 08:27:34.360505864 +0100 @@ -202,6 +202,15 @@ #testOOM_DEPENDENCIES = $(DEPS) #testOOM_LDADD= $(LDADDS) @@ -24,10 +24,9 @@ diff -uNr a/Makefile.am b/Makefile.am runtests: runtest$(EXEEXT) testrecurse$(EXEEXT) testapi$(EXEEXT) \ testchar$(EXEEXT) testdict$(EXEEXT) runxmlconf$(EXEEXT) [ -d test ] || $(LN_S) $(srcdir)/test . - diff -uNr a/runsuite.c b/runsuite.c ---- a/runsuite.c 2013-04-12 16:17:11.462823238 +0200 -+++ b/runsuite.c 2013-04-17 14:07:24.352693211 +0200 +--- a/runsuite.c 2016-06-07 12:04:14.000000000 +0200 ++++ b/runsuite.c 2018-03-20 08:27:57.478817247 +0100 @@ -1162,6 +1162,7 @@ if (logfile != NULL) @@ -37,17 +36,19 @@ diff -uNr a/runsuite.c b/runsuite.c } #else /* !SCHEMAS */ diff -uNr a/runtest.c b/runtest.c ---- a/runtest.c 2013-04-16 13:19:15.087997290 +0200 -+++ b/runtest.c 2013-04-17 14:08:29.529949655 +0200 -@@ -4386,6 +4386,7 @@ - err++; - } +--- a/runtest.c 2017-11-13 22:00:17.000000000 +0100 ++++ b/runtest.c 2018-03-20 08:28:50.859047551 +0100 +@@ -4496,7 +4496,8 @@ } + + xmlCharEncCloseFunc(ebcdicHandler); +- ++ + printf("%s: %s\n", (err == 0) ? "PASS" : "FAIL", tst->desc); return(err); } -@@ -4455,6 +4456,7 @@ +@@ -4573,6 +4574,7 @@ xmlCleanupParser(); xmlMemoryDump(); @@ -56,8 +57,8 @@ diff -uNr a/runtest.c b/runtest.c } diff -uNr a/runxmlconf.c b/runxmlconf.c ---- a/runxmlconf.c 2013-04-16 12:53:49.900982990 +0200 -+++ b/runxmlconf.c 2013-04-17 14:09:21.111778104 +0200 +--- a/runxmlconf.c 2016-06-07 12:04:14.000000000 +0200 ++++ b/runxmlconf.c 2018-03-20 08:29:17.944862893 +0100 @@ -595,6 +595,7 @@ if (logfile != NULL) @@ -67,9 +68,9 @@ diff -uNr a/runxmlconf.c b/runxmlconf.c } diff -uNr a/testapi.c b/testapi.c ---- a/testapi.c 2013-04-12 16:16:57.763417659 +0200 -+++ b/testapi.c 2013-04-17 14:10:28.876924881 +0200 -@@ -1245,49 +1245,91 @@ +--- a/testapi.c 2018-01-25 07:39:15.000000000 +0100 ++++ b/testapi.c 2018-03-20 09:08:35.323980145 +0100 +@@ -1246,49 +1246,91 @@ testlibxml2(void) { int test_ret = 0; @@ -200,9 +201,19 @@ diff -uNr a/testapi.c b/testapi.c return(test_ret); } +diff -uNr a/testdict.c b/testdict.c +--- a/testdict.c 2016-06-07 12:04:14.000000000 +0200 ++++ b/testdict.c 2018-03-20 08:59:16.864275812 +0100 +@@ -440,5 +440,6 @@ + clean_strings(); + xmlCleanupParser(); + xmlMemoryDump(); ++ printf("%s: testdict\n\n", (ret == 0) ? "PASS" : "FAIL"); + return(ret); + } diff -uNr a/testchar.c b/testchar.c ---- a/testchar.c 2013-04-17 10:50:30.250147418 +0200 -+++ b/testchar.c 2013-04-18 16:11:28.455733800 +0200 +--- a/testchar.c 2016-06-07 12:04:14.000000000 +0200 ++++ b/testchar.c 2018-03-20 09:11:20.383573912 +0100 @@ -23,7 +23,7 @@ char document1[100] = "<doc>XXXX</doc>"; char document2[100] = "<doc foo='XXXX'/>"; @@ -222,7 +233,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Byte 0x%02X: %c\n", i, i); + return(1); -+ } ++ } } else if ((i == '<') || (i == '&')) { @@ -230,8 +241,8 @@ diff -uNr a/testchar.c b/testchar.c + if ((lastError == 0) || (res != NULL)) { fprintf(stderr, "Failed to detect illegal char %c for Byte 0x%02X\n", i, i); -+ return(1); -+ } ++ return(1); ++ } } else if (((i < 0x20) || (i >= 0x80)) && (i != 0x9) && (i != 0xA) && (i != 0xD)) { @@ -239,8 +250,8 @@ diff -uNr a/testchar.c b/testchar.c + if ((lastError != XML_ERR_INVALID_CHAR) && (res != NULL)) { fprintf(stderr, "Failed to detect invalid char for Byte 0x%02X\n", i); -+ return(1); -+ } ++ return(1); ++ } } else if (res == NULL) { fprintf(stderr, @@ -250,7 +261,7 @@ diff -uNr a/testchar.c b/testchar.c if (res != NULL) xmlFreeDoc(res); } -+ return(0); ++ return(0); } -static void testDocumentRangeByte2(xmlParserCtxtPtr ctxt, char *document, @@ -268,7 +279,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X\n", i, j); + return(1); -+ } ++ } } /* @@ -282,7 +293,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X\n", i, j); + return(1); -+ } ++ } } /* @@ -296,7 +307,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X\n", i, j); + return(1); -+ } ++ } } /* @@ -310,7 +321,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x00\n", i, j); + return(1); -+ } ++ } } /* @@ -318,13 +329,13 @@ diff -uNr a/testchar.c b/testchar.c else if ((lastError != 0) || (res == NULL)) { fprintf(stderr, "Failed to parse document for Bytes 0x%02X 0x%02X\n", i, j); -+ return(1); ++ return(1); } if (res != NULL) xmlFreeDoc(res); } } -+ return(0); ++ return(0); } /** @@ -438,20 +449,20 @@ diff -uNr a/testchar.c b/testchar.c + if (lastError != XML_ERR_INVALID_CHAR) { fprintf(stderr, "Failed to detect invalid char for Byte 0x%02X\n", i); -+ return(1); -+ } ++ return(1); ++ } } else if (i == 0xD) { - if ((c != 0xA) || (len != 1)) + if ((c != 0xA) || (len != 1)) { fprintf(stderr, "Failed to convert char for Byte 0x%02X\n", i); + return(1); -+ } ++ } } else if ((c != i) || (len != 1)) { fprintf(stderr, "Failed to parse char for Byte 0x%02X\n", i); -+ return(1); ++ return(1); } } -+ return(0); ++ return(0); } -static void testCharRangeByte2(xmlParserCtxtPtr ctxt, char *data) { @@ -468,8 +479,8 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to detect invalid char for Bytes 0x%02X 0x%02X\n", i, j); -+ return(1); -+ } ++ return(1); ++ } } /* @@ -482,8 +493,8 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to detect invalid char for Bytes 0x%02X 0x%02X: %d\n", i, j, c); -+ return(1); -+ } ++ return(1); ++ } } /* @@ -496,8 +507,8 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to detect invalid char for Bytes 0x%02X 0x%02X: %d\n", i, j, c); -+ return(1); -+ } ++ return(1); ++ } } /* @@ -510,8 +521,8 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x00\n", i, j); -+ return(1); -+ } ++ return(1); ++ } } /* @@ -531,7 +542,7 @@ diff -uNr a/testchar.c b/testchar.c } } } -+ return(0); ++ return(0); } -static void testCharRangeByte3(xmlParserCtxtPtr ctxt, char *data) { @@ -549,7 +560,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x%02X 0x%02X\n", i, j, K, data[3]); + return(1); -+ } ++ } } /* @@ -562,7 +573,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x%02X\n", i, j, K); + return(1); -+ } ++ } } /* @@ -576,7 +587,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x%02X\n", i, j, K); + return(1); -+ } ++ } } /* @@ -590,7 +601,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char 0x%04X for Bytes 0x%02X 0x%02X 0x%02X\n", value, i, j, K); + return(1); -+ } ++ } } /* @@ -598,7 +609,7 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to parse char for Bytes 0x%02X 0x%02X 0x%02X\n", i, j, K); -+ return(1); ++ return(1); } /* @@ -606,12 +617,12 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to parse char for Bytes 0x%02X 0x%02X 0x%02X: expect %d got %d\n", i, j, data[2], value, c); -+ return(1); ++ return(1); } } } } -+ return(0); ++ return(0); } -static void testCharRangeByte4(xmlParserCtxtPtr ctxt, char *data) { @@ -629,7 +640,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x%02X 0x%02X\n", i, j, K, data[3]); + return(1); -+ } ++ } } /* @@ -643,7 +654,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x%02X 0x%02X\n", i, j, K, L); + return(1); -+ } ++ } } /* @@ -657,7 +668,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char for Bytes 0x%02X 0x%02X 0x%02X 0x%02X\n", i, j, K, L); + return(1); -+ } ++ } } /* @@ -671,7 +682,7 @@ diff -uNr a/testchar.c b/testchar.c "Failed to detect invalid char 0x%04X for Bytes 0x%02X 0x%02X 0x%02X 0x%02X\n", value, i, j, K, L); + return(1); -+ } ++ } } /* @@ -679,7 +690,7 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to parse char for Bytes 0x%02X 0x%02X 0x%02X\n", i, j, K); -+ return(1); ++ return(1); } /* @@ -687,13 +698,13 @@ diff -uNr a/testchar.c b/testchar.c fprintf(stderr, "Failed to parse char for Bytes 0x%02X 0x%02X 0x%02X: expect %d got %d\n", i, j, data[2], value, c); -+ return(1); ++ return(1); } } } } } -+ return(0); ++ return(0); } /** @@ -722,13 +733,13 @@ diff -uNr a/testchar.c b/testchar.c XML_CHAR_ENCODING_NONE); if (buf == NULL) { fprintf(stderr, "Failed to allocate input buffer\n"); -+ test_ret = 1; ++ test_ret = 1; goto error; } input = xmlNewInputStream(ctxt); if (input == NULL) { xmlFreeParserInputBuffer(buf); -+ test_ret = 1; ++ test_ret = 1; goto error; } input->filename = NULL; @@ -777,20 +788,10 @@ diff -uNr a/testchar.c b/testchar.c /* * Cleanup function for the XML library. -diff -uNr a/testdict.c b/testdict.c ---- a/testdict.c 2013-04-16 15:08:42.971177193 +0200 -+++ b/testdict.c 2013-04-18 15:59:00.699482439 +0200 -@@ -440,5 +440,6 @@ - clean_strings(); - xmlCleanupParser(); - xmlMemoryDump(); -+ printf("%s: testdict\n\n", (ret == 0) ? "PASS" : "FAIL"); - return(ret); - } diff -uNr a/testlimits.c b/testlimits.c ---- a/testlimits.c 2013-04-12 16:16:36.180354177 +0200 -+++ b/testlimits.c 2013-04-17 14:03:17.203092987 +0200 -@@ -1630,5 +1630,6 @@ +--- a/testlimits.c 2016-11-07 09:41:40.000000000 +0100 ++++ b/testlimits.c 2018-03-20 08:59:38.965581280 +0100 +@@ -1634,5 +1634,6 @@ xmlCleanupParser(); xmlMemoryDump(); @@ -798,8 +799,8 @@ diff -uNr a/testlimits.c b/testlimits.c return(ret); } diff -uNr a/testrecurse.c b/testrecurse.c ---- a/testrecurse.c 2013-04-16 13:19:49.366536295 +0200 -+++ b/testrecurse.c 2013-04-17 14:06:27.367091622 +0200 +--- a/testrecurse.c 2017-10-26 09:54:40.000000000 +0200 ++++ b/testrecurse.c 2018-03-20 09:00:46.781628749 +0100 @@ -892,6 +892,7 @@ err++; } diff --git a/poky/meta/recipes-core/libxml/libxml2_2.9.7.bb b/poky/meta/recipes-core/libxml/libxml2_2.9.8.bb index c749a81657..740bf56a5a 100644 --- a/poky/meta/recipes-core/libxml/libxml2_2.9.7.bb +++ b/poky/meta/recipes-core/libxml/libxml2_2.9.8.bb @@ -12,20 +12,21 @@ LIC_FILES_CHKSUM = "file://Copyright;md5=2044417e2e5006b65a8b9067b683fcf1 \ DEPENDS = "zlib virtual/libiconv" SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ - http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \ + http://www.w3.org/XML/Test/xmlts20080827.tar.gz;subdir=${BP};name=testtar \ file://libxml-64bit.patch \ - file://ansidecl.patch \ file://runtest.patch \ file://run-ptest \ file://python-sitepackages-dir.patch \ file://libxml-m4-use-pkgconfig.patch \ file://0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch \ file://fix-execution-of-ptests.patch \ - file://CVE-2018-14404.patch \ + file://fix-CVE-2017-8872.patch \ + file://fix-CVE-2018-14404.patch \ + file://0001-Fix-infinite-loop-in-LZMA-decompression.patch \ " -SRC_URI[libtar.md5sum] = "896608641a08b465098a40ddf51cefba" -SRC_URI[libtar.sha256sum] = "f63c5e7d30362ed28b38bfa1ac6313f9a80230720b7fb6c80575eeab3ff5900c" +SRC_URI[libtar.md5sum] = "b786e353e2aa1b872d70d5d1ca0c740d" +SRC_URI[libtar.sha256sum] = "0b74e51595654f958148759cfef0993114ddccccbb6f31aee018f3558e8e2732" SRC_URI[testtar.md5sum] = "ae3d1ebe000a3972afa104ca7f0e1b4a" SRC_URI[testtar.sha256sum] = "96151685cec997e1f9f3387e3626d61e6284d4d6e66e0e440c209286c03e9cc7" @@ -66,16 +67,17 @@ python populate_packages_prepend () { d.setVar('PKG_libxml2', '${MLPREFIX}libxml2') } -PACKAGES += "${PN}-utils ${PN}-python" +PACKAGE_BEFORE_PN += "${PN}-utils" +PACKAGES += "${PN}-python" FILES_${PN}-staticdev += "${PYTHON_SITEPACKAGES_DIR}/*.a" FILES_${PN}-dev += "${libdir}/xml2Conf.sh ${libdir}/cmake/*" -FILES_${PN}-utils += "${bindir}/*" -FILES_${PN}-python += "${PYTHON_SITEPACKAGES_DIR}" +FILES_${PN}-utils = "${bindir}/*" +FILES_${PN}-python = "${PYTHON_SITEPACKAGES_DIR}" do_configure_prepend () { # executables take longer to package: these should not be executable - find ${WORKDIR}/xmlconf/ -type f -exec chmod -x {} \+ + find ${S}/xmlconf/ -type f -exec chmod -x {} \+ } do_compile_ptest() { @@ -83,7 +85,7 @@ do_compile_ptest() { } do_install_ptest () { - cp -r ${WORKDIR}/xmlconf ${D}${PTEST_PATH} + cp -r ${S}/xmlconf ${D}${PTEST_PATH} if [ "${@bb.utils.filter('PACKAGECONFIG', 'python', d)}" ]; then sed -i -e 's|^\(PYTHON = \).*|\1${USRBINPATH}/${PYTHON_PN}|' \ ${D}${PTEST_PATH}/python/tests/Makefile |