source

Caolán McNamara (via logerrit) Thu, 22 Feb 2024 11:29:32 -0800

 download.lst                                    |   14 +++++++-------
 external/libxml2/ExternalPackage_libxml2.mk     |    2 +-
 external/libxml2/libxml2-global-symbols.patch   |    8 +++++++-
 filter/source/xsltfilter/LibXSLTTransformer.cxx |   16 ++++++++++++++++
 helpcompiler/source/HelpCompiler.cxx            |   14 ++++++++++++++
 xmlsecurity/source/xmlsec/saxhelper.cxx         |   15 ++++++++++++++-
 6 files changed, 59 insertions(+), 10 deletions(-)


New commits:
commit 4203efb98bf96ee168847c614b6bc7a3bfb7896c
Author:     Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Wed Jan 3 20:45:14 2024 +0000
Commit:     Michael Stahl <michael.st...@allotropia.de>
CommitDate: Thu Feb 22 20:29:06 2024 +0100

    upgrade libxml2, libxslt & liblangtag
    
    what I'm really after is some vexating not-reproducible oss-fuzz msan
    warnings when using libxml2 in the fodt2pdf fuzzer. So lets upgrade
    libxml2 to the latest, which requires bumping libxslt, and then requires
    a newer liblangtag because of no longer implicit includes that it
    depended on.
    
    xmlKeepBlanksDefaultValue and xmlSubstituteEntitiesDefault are
    deprecated, we should get around to updating those uses
    
    Change-Id: I8fda0dffda0a7ea65407d246a3121875cb8ad4a4
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161598
    Tested-by: Jenkins
    Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
    (cherry picked from commit 6875c975f80d8b813b1829a530162869a1e2d92e)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/163752
    Reviewed-by: Michael Stahl <michael.st...@allotropia.de>

diff --git a/download.lst b/download.lst
index db2385c300dc..5d76eb5783a7 100644
--- a/download.lst
+++ b/download.lst
@@ -319,8 +319,8 @@ LIBGPGERROR_TARBALL := libgpg-error-1.43.tar.bz2
 # three static lines
 # so that git cherry-pick
 # will not run into conflicts
-LIBLANGTAG_SHA256SUM := 
1f12a20a02ec3a8d22e54dedb8b683a43c9c160bda1ba337bf1060607ae733bd
-LIBLANGTAG_TARBALL := liblangtag-0.6.3.tar.bz2
+LIBLANGTAG_SHA256SUM := 
5ed6bcd4ae3f3c05c912e62f216cd1a44123846147f729a49fb5668da51e030e
+LIBLANGTAG_TARBALL := liblangtag-0.6.7.tar.bz2
 # three static lines
 # so that git cherry-pick
 # will not run into conflicts
@@ -344,14 +344,14 @@ XMLSEC_TARBALL := xmlsec1-1.2.37.tar.gz
 # three static lines
 # so that git cherry-pick
 # will not run into conflicts
-LIBXML_SHA256SUM := 
737e1d7f8ab3f139729ca13a2494fd17bf30ddb4b7a427cf336252cab57f57f7
-LIBXML_VERSION_MICRO := 4
-LIBXML_TARBALL := libxml2-2.11.$(LIBXML_VERSION_MICRO).tar.xz
+LIBXML_SHA256SUM := 
8c8f1092340a89ff32bc44ad5c9693aff9bc8a7a3e161bb239666e5d15ac9aaa
+LIBXML_VERSION_MICRO := 3
+LIBXML_TARBALL := libxml2-2.12.$(LIBXML_VERSION_MICRO).tar.xz
 # three static lines
 # so that git cherry-pick
 # will not run into conflicts
-LIBXSLT_SHA256SUM := 
1f32450425819a09acaff2ab7a5a7f8a2ec7956e505d7beeb45e843d0e1ecab1
-LIBXSLT_VERSION_MICRO := 38
+LIBXSLT_SHA256SUM := 
2a20ad621148339b0759c4d4e96719362dee64c9a096dbba625ba053846349f0
+LIBXSLT_VERSION_MICRO := 39
 LIBXSLT_TARBALL := libxslt-1.1.$(LIBXSLT_VERSION_MICRO).tar.xz
 # three static lines
 # so that git cherry-pick
diff --git a/external/libxml2/ExternalPackage_libxml2.mk 
b/external/libxml2/ExternalPackage_libxml2.mk
index 3c399970cd5b..799044575f9a 100644
--- a/external/libxml2/ExternalPackage_libxml2.mk
+++ b/external/libxml2/ExternalPackage_libxml2.mk
@@ -21,7 +21,7 @@ else # COM=MSC
 $(eval $(call 
gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.dll,win32/bin.msvc/libxml2.dll))
 endif
 else # OS!=WNT
-$(eval $(call 
gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.11.$(LIBXML_VERSION_MICRO)))
+$(eval $(call 
gb_ExternalPackage_add_file,libxml2,$(LIBO_URE_LIB_FOLDER)/libxml2.so.2,.libs/libxml2.so.2.12.$(LIBXML_VERSION_MICRO)))
 endif
 endif # DISABLE_DYNLOADING
 
diff --git a/external/libxml2/libxml2-global-symbols.patch 
b/external/libxml2/libxml2-global-symbols.patch
index cbbe5a622284..32146da4b3d7 100644
--- a/external/libxml2/libxml2-global-symbols.patch
+++ b/external/libxml2/libxml2-global-symbols.patch
@@ -13,7 +13,7 @@
  } LIBXML2_2.6.28;
  
  LIBXML2_2.6.32 {
-@@ -2231,3 +2231,49 @@
+@@ -2231,3 +2231,55 @@
    xmlPopOutputCallbacks;
  } LIBXML2_2.9.8;
  
@@ -23,6 +23,12 @@
 +    xmlNewSAXParserCtxt;
 +} LIBXML2_2.9.11;
 +
++LIBXML2_2.12.3 {
++    global:
++    xmlCtxtSetMaxAmplification;
++    xmlTextReaderSetMaxAmplification;
++} LIBXML2_2.11.4;
++
 +# HACK: export global variable accessor functions (globals.h)
 +LIBXML2_GLOBAL_VARIABLES {
 +    global:
diff --git a/filter/source/xsltfilter/LibXSLTTransformer.cxx 
b/filter/source/xsltfilter/LibXSLTTransformer.cxx
index 5e9a7c4bcd35..28803b68e840 100644
--- a/filter/source/xsltfilter/LibXSLTTransformer.cxx
+++ b/filter/source/xsltfilter/LibXSLTTransformer.cxx
@@ -503,7 +503,23 @@ namespace XSLT
         {   // backward compatibility for old clients using createInstance
             params = args;
         }
+
+#ifdef __GNUC__
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+#if defined(_MSC_VER)
+#pragma warning(push)
+#pragma warning(disable:4996)
+#endif
         xmlSubstituteEntitiesDefault(0);
+#if defined(_MSC_VER)
+#pragma warning(pop)
+#endif
+#ifdef __GNUC__
+#pragma GCC diagnostic pop
+#endif
+
         m_parameters.clear();
         for (const Any& p : std::as_const(params))
         {
diff --git a/helpcompiler/source/HelpCompiler.cxx 
b/helpcompiler/source/HelpCompiler.cxx
index b2329c0678f7..d32e1e05a42c 100644
--- a/helpcompiler/source/HelpCompiler.cxx
+++ b/helpcompiler/source/HelpCompiler.cxx
@@ -39,7 +39,21 @@ HelpCompiler::HelpCompiler(StreamTable &in_streamTable, 
fs::path in_inputFile,
     src(std::move(in_src)), zipdir(std::move(in_zipdir)), 
module(std::move(in_module)), lang(std::move(in_lang)), 
resCompactStylesheet(std::move(in_resCompactStylesheet)),
     resEmbStylesheet(std::move(in_resEmbStylesheet)), bExtensionMode( 
in_bExtensionMode )
 {
+#ifdef __GNUC__
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+#if defined(_MSC_VER)
+#pragma warning(push)
+#pragma warning(disable:4996)
+#endif
     xmlKeepBlanksDefaultValue = 0;
+#if defined(_MSC_VER)
+#pragma warning(pop)
+#endif
+#ifdef __GNUC__
+#pragma GCC diagnostic pop
+#endif
     char* os = getenv("OS");
     if (os)
     {
diff --git a/xmlsecurity/source/xmlsec/saxhelper.cxx 
b/xmlsecurity/source/xmlsec/saxhelper.cxx
index ff576db49673..0d395848941d 100644
--- a/xmlsecurity/source/xmlsec/saxhelper.cxx
+++ b/xmlsecurity/source/xmlsec/saxhelper.cxx
@@ -118,11 +118,24 @@ SAXHelper::SAXHelper( )
      * compile error:
      * xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS ;
      */
+#ifdef __GNUC__
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#endif
+#if defined(_MSC_VER)
+#pragma warning(push)
+#pragma warning(disable:4996)
+#endif
     xmlSubstituteEntitiesDefault(0) ;
-
 #ifndef XMLSEC_NO_XSLT
     xmlIndentTreeOutput = 1 ;
 #endif /* XMLSEC_NO_XSLT */
+#if defined(_MSC_VER)
+#pragma warning(pop)
+#endif
+#ifdef __GNUC__
+#pragma GCC diagnostic pop
+#endif
 
     m_pParserCtxt = xmlNewParserCtxt() ;

core.git: Branch 'libreoffice-7-6' - download.lst external/libxml2 filter/source helpcompiler/source xmlsecurity/source

Reply via email to