commit 20ccc8455866790ed52ba918a1fa4586266c32bb Author: Tim Biermann <tbier@posteo.de> Date: Sat Jan 28 15:18:48 2023 +0100 raptor: pulled patches from libreoffice diff --git a/raptor/.footprint b/raptor/.footprint index b488d7e35..8a0ac5385 100644 --- a/raptor/.footprint +++ b/raptor/.footprint @@ -6,11 +6,11 @@ drwxr-xr-x root/root usr/include/raptor2/ -rw-r--r-- root/root usr/include/raptor2/raptor.h -rw-r--r-- root/root usr/include/raptor2/raptor2.h drwxr-xr-x root/root usr/lib/ +lrwxrwxrwx root/root usr/lib/libraptor2-lo.so.0 -> libraptor2-lo.so.0.0.0 +-rwxr-xr-x root/root usr/lib/libraptor2-lo.so.0.0.0 -rw-r--r-- root/root usr/lib/libraptor2.a -rwxr-xr-x root/root usr/lib/libraptor2.la -lrwxrwxrwx root/root usr/lib/libraptor2.so -> libraptor2.so.0.0.0 -lrwxrwxrwx root/root usr/lib/libraptor2.so.0 -> libraptor2.so.0.0.0 --rwxr-xr-x root/root usr/lib/libraptor2.so.0.0.0 +lrwxrwxrwx root/root usr/lib/libraptor2.so -> libraptor2-lo.so.0.0.0 drwxr-xr-x root/root usr/lib/pkgconfig/ -rw-r--r-- root/root usr/lib/pkgconfig/raptor2.pc drwxr-xr-x root/root usr/share/ diff --git a/raptor/.signature b/raptor/.signature index 0a9868b62..4f4f5fff3 100644 --- a/raptor/.signature +++ b/raptor/.signature @@ -1,5 +1,14 @@ untrusted comment: verify with /etc/ports/contrib.pub -RWSagIOpLGJF3++adVXk8IVDGZCW/5nslJ7XkMlseswB2AvzG6nHS8hiXE+3OkkSqGBLie2OR/e1RIC+EjkszD+MNbXkoNqxMQA= -SHA256 (Pkgfile) = 166cd355163491ed7c0e0599336158b763c75b0044c81828ec6529b2e8ba07bc -SHA256 (.footprint) = d17fbcd4efd58f95fa79560a96ec64dbbe01e47357edea3749b83357ad0d5c34 +RWSagIOpLGJF3/gBDtymhWE2UhGKfbMUphBMo0enOMwdGqMyS8MmV67+Tgm6YZBrfvK/9HDFjyXSAs9iWOrsBrlMeNu3UqX43Qg= +SHA256 (Pkgfile) = d26de493e5cf26475fd0112a66dd2a591fd2fa5955d52e8728f122cab82845f9 +SHA256 (.footprint) = b57eb80a13e1c67b1d19c498a2cc3f34ecd87e8e582ccb8ed31990bda098ad99 SHA256 (raptor2-2.0.15.tar.gz) = ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed +SHA256 (0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1) = 043ac881307a39f5cd9b338dadeb46251f77b209f8745bee4c5a5cd23f27e5be +SHA256 (0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1) = b5be11eb023aa8499b12d9a18bc5c96aab21dadf2e50dc4be5850ea21d4e1d5f +SHA256 (Wint-conversion.patch) = 6813a4ee6e2b0723c7a90601ffa07fa5a6f2f92bd01e9b42adfbb3930602382a +SHA256 (libtool.patch) = 6234df68001f6b8df208f1c8604a5521515396dfc9da6a554e8bfacf8b4b002b +SHA256 (raptor-bundled-soname.patch.1) = d8fc57db15dde1abcca157cf8cf90a4296c3627b115d84a3d6f39fcb6e9b363e +SHA256 (raptor-emscripten.patch.1) = f338f7eb5ef5d8146a5ffc6fd25227f5cee0999b9086c13f205aa015ceb12308 +SHA256 (rpath.patch) = ec14f0dea02f29f36e77e7da5d3eb780466bece2f2937cef82713e011758eb53 +SHA256 (ubsan.patch) = 4e56d1ba2c6c942ebfbb962f53666b0dc3253eccfa5cf9a4b2411f1acfa3998b +SHA256 (xml2-config.patch) = 7a9384a15a837f6b839cbb8a8e5054db2ef61b76adcdcbc521b6b651d6aa4cfb diff --git a/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1 b/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1 new file mode 100644 index 000000000..1fb279df3 --- /dev/null +++ b/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1 @@ -0,0 +1,33 @@ +From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com> +Date: Tue, 24 Nov 2020 10:30:20 +0000 +Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a + segfault + +due to an out of bounds array access in +raptor_xml_writer_start_element_common + +See: +https://bugs.mageia.org/show_bug.cgi?id=27605 +https://www.openwall.com/lists/oss-security/2020/11/13/1 +https://gerrit.libreoffice.org/c/core/+/106249 +--- + src/raptor_xml_writer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c +index 56993dc3..4426d38c 100644 +--- a/src/raptor_xml_writer.c ++++ b/src/raptor_xml_writer.c +@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer, + + /* check it wasn't an earlier declaration too */ + for(j = 0; j < nspace_declarations_count; j++) +- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) { ++ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) { + declare_me = 0; + break; + } +-- +2.28.0 + diff --git a/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1 b/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1 new file mode 100644 index 000000000..6fa726cae --- /dev/null +++ b/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1 @@ -0,0 +1,43 @@ +From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001 +From: Dave Beckett <dave@dajobe.org> +Date: Sun, 16 Apr 2017 23:15:12 +0100 +Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer + +(raptor_xml_writer_start_element_common): Calculate max including for +each attribute a potential name and value. + +Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617 +and #0000618 http://bugs.librdf.org/mantis/view.php?id=618 +--- + src/raptor_xml_writer.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c +index 693b946..0d3a36a 100644 +--- a/src/raptor_xml_writer.c ++++ b/src/raptor_xml_writer.c +@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer, + size_t nspace_declarations_count = 0; + unsigned int i; + +- /* max is 1 per element and 1 for each attribute + size of declared */ + if(nstack) { +- int nspace_max_count = element->attribute_count+1; ++ int nspace_max_count = element->attribute_count * 2; /* attr and value */ ++ if(element->name->nspace) ++ nspace_max_count++; + if(element->declared_nspaces) + nspace_max_count += raptor_sequence_size(element->declared_nspaces); + if(element->xml_language) +@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer, + } + } + +- /* Add the attribute + value */ ++ /* Add the attribute's value */ + nspace_declarations[nspace_declarations_count].declaration= + raptor_qname_format_as_xml(element->attributes[i], + &nspace_declarations[nspace_declarations_count].length); +-- +2.9.3 + diff --git a/raptor/Pkgfile b/raptor/Pkgfile index 287ae1ba3..721a3ce75 100644 --- a/raptor/Pkgfile +++ b/raptor/Pkgfile @@ -5,15 +5,36 @@ name=raptor version=2.0.15 -release=2 -source=(http://librdf.org/dist/source/raptor2-$version.tar.gz) +release=3 +source=(http://librdf.org/dist/source/raptor2-$version.tar.gz + 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1 + 0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1 + Wint-conversion.patch + libtool.patch + raptor-bundled-soname.patch.1 + raptor-emscripten.patch.1 + rpath.patch + ubsan.patch + xml2-config.patch) build() { cd "$name"2-$version + + patch -Np1 -i $SRC/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1 + patch -Np1 -i $SRC/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1 + patch -Np0 -i $SRC/Wint-conversion.patch + patch -Np0 -i $SRC/libtool.patch + patch -Np1 -i $SRC/raptor-bundled-soname.patch.1 + patch -Np1 -i $SRC/raptor-emscripten.patch.1 + patch -Np0 -i $SRC/rpath.patch + patch -Np0 -i $SRC/ubsan.patch + patch -Np0 -i $SRC/xml2-config.patch + ./configure --prefix=/usr \ --with-yajl=no \ --with-icu-config=/usr/bin/icu-config make make prefix="$PKG"/usr install + rm -r $PKG/usr/share/gtk-doc } diff --git a/raptor/Wint-conversion.patch b/raptor/Wint-conversion.patch new file mode 100644 index 000000000..fb85f4f13 --- /dev/null +++ b/raptor/Wint-conversion.patch @@ -0,0 +1,22 @@ +--- src/raptor_parse.c ++++ src/raptor_parse.c +@@ -257,7 +257,7 @@ + int + raptor_world_get_parsers_count(raptor_world* world) + { +- RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, NULL); ++ RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, 0); + + raptor_world_open(world); + +--- src/raptor_serialize.c ++++ src/raptor_serialize.c +@@ -240,7 +240,7 @@ + int + raptor_world_get_serializers_count(raptor_world* world) + { +- RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, NULL); ++ RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, 0); + + raptor_world_open(world); + diff --git a/raptor/libtool.patch b/raptor/libtool.patch new file mode 100644 index 000000000..b0baae661 --- /dev/null +++ b/raptor/libtool.patch @@ -0,0 +1,27 @@ +--- build/ltmain.sh ++++ build/ltmain.sh +@@ -5301,6 +5301,12 @@ + prev= + continue + ;; ++ mllvm) ++ # Clang does not use LLVM to link, so we can simply discard any ++ # '-mllvm $arg' options when doing the link step. ++ prev= ++ continue ++ ;; + objectlist) + if test -f "$arg"; then + save_arg=$arg +@@ -5639,6 +5645,11 @@ + continue + ;; + ++ -mllvm) ++ prev=mllvm ++ continue ++ ;; ++ + -module) + module=yes + continue diff --git a/raptor/raptor-bundled-soname.patch.1 b/raptor/raptor-bundled-soname.patch.1 new file mode 100644 index 000000000..cce2482d1 --- /dev/null +++ b/raptor/raptor-bundled-soname.patch.1 @@ -0,0 +1,13 @@ +rhbz#809466 change soname of bundled redland libs + +--- a/src/Makefile.in 2013-03-29 19:11:27.944919859 +0100 ++++ b/src/Makefile.in 2013-03-29 19:17:42.173916644 +0100 +@@ -507,7 +507,7 @@ + $(am__append_21) $(am__append_22) $(am__append_23) \ + $(am__append_24) $(am__append_25) $(am__append_26) + libraptor2_la_LIBADD = $(am__append_29) @LTLIBOBJS@ +-libraptor2_la_LDFLAGS = -version-info @RAPTOR_LIBTOOL_VERSION@ \ ++libraptor2_la_LDFLAGS = -version-info @RAPTOR_LIBTOOL_VERSION@ -release lo \ + @RAPTOR_LDFLAGS@ $(MEM_LIBS) + + EXTRA_DIST = \ diff --git a/raptor/raptor-emscripten.patch.1 b/raptor/raptor-emscripten.patch.1 new file mode 100644 index 000000000..e3c53b35b --- /dev/null +++ b/raptor/raptor-emscripten.patch.1 @@ -0,0 +1,12 @@ +-*- Mode: Diff -*- +--- raptor/src/sort_r.h ++++ raptor/src/sort_r.h +@@ -27,7 +27,7 @@ + defined AMIGA) + # define _SORT_R_BSD + #elif (defined _GNU_SOURCE || defined __gnu_hurd__ || defined __GNU__ || \ +- defined __linux__ || defined __MINGW32__ || defined __GLIBC__) ++ defined __linux__ || defined __MINGW32__ || defined __GLIBC__ || defined __EMSCRIPTEN__) + # define _SORT_R_LINUX + #elif (defined _WIN32 || defined _WIN64 || defined __WINDOWS__) + # define _SORT_R_WINDOWS diff --git a/raptor/rpath.patch b/raptor/rpath.patch new file mode 100644 index 000000000..7863f61cd --- /dev/null +++ b/raptor/rpath.patch @@ -0,0 +1,21 @@ +--- configure ++++ configure +@@ -9892,6 +9892,7 @@ + else + ld_shlibs=no + fi ++hardcode_libdir_flag_spec= + ;; + + netbsd* | netbsdelf*-gnu) +--- utils/Makefile.in ++++ utils/Makefile.in +@@ -343,7 +343,7 @@ + rapper_LDADD = $(top_builddir)/src/libraptor2.la + rdfdiff_SOURCES = rdfdiff.c $(am__append_2) + rdfdiff_LDADD = $(top_builddir)/src/libraptor2.la +-all: all-am ++all: + + .SUFFIXES: + .SUFFIXES: .c .lo .o .obj diff --git a/raptor/ubsan.patch b/raptor/ubsan.patch new file mode 100644 index 000000000..641d60bb7 --- /dev/null +++ b/raptor/ubsan.patch @@ -0,0 +1,25 @@ +--- src/raptor_rfc2396.c ++++ src/raptor_rfc2396.c +@@ -386,7 +386,7 @@ + } + + +- if(prev && s == (cur+2) && cur[0] == '.' && cur[1] == '.') { ++ if(prev && cur && s == (cur+2) && cur[0] == '.' && cur[1] == '.') { + /* Remove <component>/.. at the end of the path */ + *prev = '\0'; + path_len -= (s-prev); +--- src/raptor_uri.c ++++ src/raptor_uri.c +@@ -1336,9 +1336,9 @@ + !strncmp((const char*)base_detail->scheme, + (const char*)reference_detail->scheme, + base_detail->scheme_len) && +- !strncmp((const char*)base_detail->authority, ++ (base_detail->authority_len == 0 || !strncmp((const char*)base_detail->authority, + (const char*)reference_detail->authority, +- base_detail->authority_len)) { ++ base_detail->authority_len))) { + + if(!base_detail->path) { + if(reference_detail->path) { diff --git a/raptor/xml2-config.patch b/raptor/xml2-config.patch new file mode 100644 index 000000000..2550acee0 --- /dev/null +++ b/raptor/xml2-config.patch @@ -0,0 +1,22 @@ +--- configure ++++ configure +@@ -14197,6 +14197,11 @@ + test -n "$XML_CONFIG" && break + done + ++ if test -n "$XML_CONFIG"; then ++ if ! "$XML_CONFIG" --version; then ++ XML_CONFIG= ++ fi ++ fi + fi + fi + +@@ -14481,6 +14481,7 @@ + + LIBXML_VERSION=`$PKG_CONFIG libxml-2.0 --modversion` + libxml_source="pkg-config" ++ XML_CONFIG="$PKG_CONFIG libxml-2.0" + + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxml via pkg-config" >&5