Control: tags 832602 + patch Control: tags 832602 + pending Control: tags 832864 + patch Control: tags 832864 + pending
Dear maintainer, I've prepared an NMU for libxml2 (versioned as 2.9.4+dfsg1-2.2) and uploaded it to DELAYED/7. Please feel free to tell me if I should delay it longer. It would be great if you upload new version of libxml instead of this NMU, since this patch is already included. Regards.
diff -Nru libxml2-2.9.4+dfsg1/debian/changelog libxml2-2.9.4+dfsg1/debian/changelog --- libxml2-2.9.4+dfsg1/debian/changelog 2016-10-30 16:30:55.000000000 +0100 +++ libxml2-2.9.4+dfsg1/debian/changelog 2017-01-14 15:31:49.000000000 +0100 @@ -1,3 +1,11 @@ +libxml2 (2.9.4+dfsg1-2.2) unstable; urgency=medium + + * Non-maintainer upload. + * Fix attribute decoding during XML schema validation + (Closes: #832602, #832864) + + -- Mònica Ramírez Arceda <mon...@debian.org> Sat, 14 Jan 2017 15:31:49 +0100 + libxml2 (2.9.4+dfsg1-2.1) unstable; urgency=medium * Non-maintainer upload. diff -Nru libxml2-2.9.4+dfsg1/debian/patches/0008-Fix-attribute-decoding-during-XML-schema-validation.patch libxml2-2.9.4+dfsg1/debian/patches/0008-Fix-attribute-decoding-during-XML-schema-validation.patch --- libxml2-2.9.4+dfsg1/debian/patches/0008-Fix-attribute-decoding-during-XML-schema-validation.patch 1970-01-01 01:00:00.000000000 +0100 +++ libxml2-2.9.4+dfsg1/debian/patches/0008-Fix-attribute-decoding-during-XML-schema-validation.patch 2017-01-14 15:10:14.000000000 +0100 @@ -0,0 +1,66 @@ +From 256366ed60f8795279b25f7b7b55e8089b4c6ff4 Mon Sep 17 00:00:00 2001 +From: Alex Henrie <alexhenri...@gmail.com> +Date: Thu, 26 May 2016 17:38:35 -0600 +Subject: [PATCH] Fix attribute decoding during XML schema validation + +For https://bugzilla.gnome.org/show_bug.cgi?id=766834 + +vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs, +so this function can't call xmlStringLenDecodeEntities to decode the +entities. +--- + xmlschemas.c | 30 +++++++++++++++++++++++++----- + 1 file changed, 25 insertions(+), 5 deletions(-) + +diff --git a/xmlschemas.c b/xmlschemas.c +index e1b3a4f..59535e5 100644 +--- a/xmlschemas.c ++++ b/xmlschemas.c +@@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx, + * attributes yet. + */ + if (nb_attributes != 0) { ++ int valueLen, k, l; + xmlChar *value; + + for (j = 0, i = 0; i < nb_attributes; i++, j += 5) { +@@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx, + * libxml2 differs from normal SAX here in that it escapes all ampersands + * as & instead of delivering the raw converted string. Changing the + * behavior at this point would break applications that use this API, so +- * we are forced to work around it. There is no danger of accidentally +- * decoding some entity other than & in this step because without +- * unescaped ampersands there can be no other entities in the string. ++ * we are forced to work around it. + */ +- value = xmlStringLenDecodeEntities(vctxt->parserCtxt, attributes[j+3], +- attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0, 0); ++ valueLen = attributes[j+4] - attributes[j+3]; ++ value = xmlMallocAtomic(valueLen + 1); ++ if (value == NULL) { ++ xmlSchemaVErrMemory(vctxt, ++ "allocating string for decoded attribute", ++ NULL); ++ goto internal_error; ++ } ++ for (k = 0, l = 0; k < valueLen; l++) { ++ if (k < valueLen - 4 && ++ attributes[j+3][k+0] == '&' && ++ attributes[j+3][k+1] == '#' && ++ attributes[j+3][k+2] == '3' && ++ attributes[j+3][k+3] == '8' && ++ attributes[j+3][k+4] == ';') { ++ value[l] = '&'; ++ k += 5; ++ } else { ++ value[l] = attributes[j+3][k]; ++ k++; ++ } ++ } ++ value[l] = '\0'; + /* + * TODO: Set the node line. + */ +-- +2.8.3 + diff -Nru libxml2-2.9.4+dfsg1/debian/patches/series libxml2-2.9.4+dfsg1/debian/patches/series --- libxml2-2.9.4+dfsg1/debian/patches/series 2016-10-30 16:30:55.000000000 +0100 +++ libxml2-2.9.4+dfsg1/debian/patches/series 2017-01-14 15:10:14.000000000 +0100 @@ -5,3 +5,4 @@ 0005-Fix-XPointer-paths-beginning-with-range-to.patch 0006-Disallow-namespace-nodes-in-XPointer-ranges.patch 0007-Fix-more-NULL-pointer-derefs-in-xpointer.c.patch +0008-Fix-attribute-decoding-during-XML-schema-validation.patch
