[xmltooling] 02/05: Convert our single patch into a proper patch queue
Ferenc Wágner
wferi at moszumanska.debian.org
Sat Jan 13 00:20:14 UTC 2018
This is an automated email from the git hooks/post-receive script.
wferi pushed a commit to branch debian/jessie
in repository xmltooling.
commit 0ffc3436ceb478b57460ae5d41cbbd500ac22ffe
Author: Ferenc Wágner <wferi at debian.org>
Date: Fri Jan 12 11:29:13 2018 +0100
Convert our single patch into a proper patch queue
---
...0851-crash-on-well-formed-but-invalid-XML.patch | 48 ++++++++++++++++++++++
debian/patches/series | 1 +
debian/source/local-options | 1 -
debian/source/local-patch-header | 11 -----
xmltooling/base.h | 22 +---------
5 files changed, 51 insertions(+), 32 deletions(-)
diff --git a/debian/patches/CVE-2015-0851-crash-on-well-formed-but-invalid-XML.patch b/debian/patches/CVE-2015-0851-crash-on-well-formed-but-invalid-XML.patch
new file mode 100644
index 0000000..f0e2382
--- /dev/null
+++ b/debian/patches/CVE-2015-0851-crash-on-well-formed-but-invalid-XML.patch
@@ -0,0 +1,48 @@
+From: Scott Cantor <cantor.2 at osu.edu>
+Date: Fri, 12 Jan 2018 11:31:17 +0100
+Subject: CVE-2015-0851: crash on well-formed but invalid XML
+
+---
+ xmltooling/base.h | 22 ++++++++++++++++++++--
+ 1 file changed, 20 insertions(+), 2 deletions(-)
+
+diff --git a/xmltooling/base.h b/xmltooling/base.h
+index 0393062..c55b5d1 100644
+--- a/xmltooling/base.h
++++ b/xmltooling/base.h
+@@ -811,7 +811,16 @@
+ XMLCh* m_##proper; \
+ public: \
+ pair<bool,int> get##proper() const { \
+- return make_pair((m_##proper!=nullptr),(m_##proper!=nullptr ? xercesc::XMLString::parseInt(m_##proper): 0)); \
++ if (m_##proper) { \
++ try { \
++ return std::make_pair(true, xercesc::XMLString::parseInt(m_##proper)); \
++ } \
++ catch (...) { \
++ return std::make_pair(true, 0); \
++ } \
++ } else { \
++ return std::make_pair(false, 0); \
++ } \
+ } \
+ void set##proper(const XMLCh* proper) { \
+ m_##proper = prepareForAssignment(m_##proper,proper); \
+@@ -1369,7 +1378,16 @@
+ #define DECL_INTEGER_CONTENT(proper) \
+ XMLTOOLING_DOXYGEN(Returns proper in integer form after a NULL indicator.) \
+ std::pair<bool,int> get##proper() const { \
+- return std::make_pair((getTextContent()!=nullptr), (getTextContent()!=nullptr ? xercesc::XMLString::parseInt(getTextContent()) : 0)); \
++ if (getTextContent()) { \
++ try { \
++ return std::make_pair(true, xercesc::XMLString::parseInt(getTextContent())); \
++ } \
++ catch (...) { \
++ return std::make_pair(true, 0); \
++ } \
++ } else { \
++ return std::make_pair(false, 0); \
++ } \
+ } \
+ XMLTOOLING_DOXYGEN(Sets proper.) \
+ void set##proper(int proper) { \
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..5c4aea5
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+CVE-2015-0851-crash-on-well-formed-but-invalid-XML.patch
diff --git a/debian/source/local-options b/debian/source/local-options
deleted file mode 100644
index 7423a2d..0000000
--- a/debian/source/local-options
+++ /dev/null
@@ -1 +0,0 @@
-single-debian-patch
diff --git a/debian/source/local-patch-header b/debian/source/local-patch-header
deleted file mode 100644
index a1273f6..0000000
--- a/debian/source/local-patch-header
+++ /dev/null
@@ -1,11 +0,0 @@
-Subject: Collected Debian patches for xmltooling
-Author: Russ Allbery <rra at debian.org>
-
-The packaging for xmltooling is maintained in Git using multiple
-branches for fixes, which makes it complex to separate the changes
-into individual patches. They are therefore all included in a single
-Debian patch.
-
-For full commit history and separated commits, see the packaging Git
-repository.
-
diff --git a/xmltooling/base.h b/xmltooling/base.h
index c55b5d1..0393062 100644
--- a/xmltooling/base.h
+++ b/xmltooling/base.h
@@ -811,16 +811,7 @@
XMLCh* m_##proper; \
public: \
pair<bool,int> get##proper() const { \
- if (m_##proper) { \
- try { \
- return std::make_pair(true, xercesc::XMLString::parseInt(m_##proper)); \
- } \
- catch (...) { \
- return std::make_pair(true, 0); \
- } \
- } else { \
- return std::make_pair(false, 0); \
- } \
+ return make_pair((m_##proper!=nullptr),(m_##proper!=nullptr ? xercesc::XMLString::parseInt(m_##proper): 0)); \
} \
void set##proper(const XMLCh* proper) { \
m_##proper = prepareForAssignment(m_##proper,proper); \
@@ -1378,16 +1369,7 @@
#define DECL_INTEGER_CONTENT(proper) \
XMLTOOLING_DOXYGEN(Returns proper in integer form after a NULL indicator.) \
std::pair<bool,int> get##proper() const { \
- if (getTextContent()) { \
- try { \
- return std::make_pair(true, xercesc::XMLString::parseInt(getTextContent())); \
- } \
- catch (...) { \
- return std::make_pair(true, 0); \
- } \
- } else { \
- return std::make_pair(false, 0); \
- } \
+ return std::make_pair((getTextContent()!=nullptr), (getTextContent()!=nullptr ? xercesc::XMLString::parseInt(getTextContent()) : 0)); \
} \
XMLTOOLING_DOXYGEN(Sets proper.) \
void set##proper(int proper) { \
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-shibboleth/xmltooling.git
More information about the Pkg-shibboleth-devel
mailing list