[xml/sgml-pkgs] Bug#498768: ubuntu patch matching upstream

Mike Hommey mh at glandium.org
Sat Sep 20 07:06:21 UTC 2008 

On Fri, Sep 19, 2008 at 07:10:14PM -0700, Kees Cook wrote:
> Hi,
> 
> On Fri, Sep 19, 2008 at 09:24:30PM +0200, Mike Hommey wrote:
> > On Mon, Sep 15, 2008 at 08:55:10AM -0700, Kees Cook wrote:
> > > As far as I know, this patch matches the upstream changes for the
> > > problem.  Please see:
> > > 
> > > https://bugzilla.redhat.com/show_bug.cgi?id=460396
> > 
> > Actually there are differences between upstream and ubuntu changes:
> > (a is ubuntu, b is upstream)
> > 
> > diff -u a/parser.c b/parser.c
> > --- a/parser.c
> > +++ b/parser.c
> > @@ -2390,7 +2390,6 @@
> >   */
> >  #define growBuffer(buffer) {						\
> >      xmlChar *tmp;							\
> > -    buffer##_size += XML_PARSER_BUFFER_SIZE ;				\
> >      buffer##_size *= 2;							\
> >      tmp = (xmlChar *)							\
> >  		xmlRealloc(buffer, buffer##_size * sizeof(xmlChar));	\
> > @@ -3451,7 +3450,7 @@
> >  		     * Just output the reference
> >  		     */
> >  		    buf[len++] = '&';
> > -		    while (len > buf_size - i - 10) {
> > +		    if (len > buf_size - i - 10) {
> >  			growBuffer(buf);
> >  		    }
> >  		    for (;i > 0;i--)
> 
> The above changes are for CVE-2008-3529.

Certainly not. It's not in upstream patch.

> BTW, would it be possible to
> add a patch system to libxml2?  It's much easier to split up the patches
> over time, and is nice for anyone doing post-release updates. :)

There is a (D)VCS.

> > @@ -6476,8 +6475,6 @@
> >  		    } else if (list != NULL) {
> >  			xmlFreeNodeList(list);
> >  			list = NULL;
> > -		    } else if (ent->owner != 1) {
> > -			ctxt->nbentities += ent->owner;
> >  		    }
> >  		}
> >  		ent->checked = 1;
> > @@ -6668,6 +6665,8 @@
> >  		    ctxt->nodelen = 0;
> >  		    return;
> >  		}
> > +	    } else if (ent->owner != 1) {
> > +		ctxt->nbentities += ent->owner;
> >  	    }
> >  	} else {
> >  	    val = ent->content;
> 
> Was this just interdiff output?  There were some changes to this area of
> code that needed some by-hand backporting, so the versions used to
> compare might not end up looking clean.  Or, I could have messed up the
> backport, but I put them through a bunch of xml regression tests and
> things seemed to be behaving.

There was only 1 conflict when applying upstream patch for RHEL5, and
only because of tabulations/spaces, on my end...

Mike

More information about the debian-xml-sgml-pkgs mailing list