Hello community, here is the log from the commit of package libxml2 for openSUSE:Factory checked in at 2019-12-07 15:22:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libxml2 (Old) and /work/SRC/openSUSE:Factory/.libxml2.new.4691 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libxml2" Sat Dec 7 15:22:20 2019 rev:95 rq:751668 version:2.9.10 Changes: -------- --- /work/SRC/openSUSE:Factory/libxml2/libxml2.changes 2019-09-13 14:56:55.481273692 +0200 +++ /work/SRC/openSUSE:Factory/.libxml2.new.4691/libxml2.changes 2019-12-07 15:23:22.439728931 +0100 @@ -1,0 +2,118 @@ +Thu Nov 28 15:32:58 UTC 2019 - Pedro Monreal Gonzalez <[email protected]> + +- Since libxml2-2.9.10 perl-XML-LibXSLT fails to build: [bsc#1157450] + * Revert upstream commit to make xmlFreeNodeList non-recursive + https://github.com/GNOME/libxml2/commit/0762c9b69ba01628f72eada1c64ff3d361fb5716 +- Add patch libxml2-xmlFreeNodeList-recursive.patch + +------------------------------------------------------------------- +Fri Nov 15 17:59:54 UTC 2019 - Pedro Monreal Gonzalez <[email protected]> + +- Version update to 2.9.10: + * Portability: + + Fix exponent digits when running tests under old MSVC + + Work around buggy ceil() function on AIX + + Don't call printf with NULL string in runtest.c + + Switched from unsigned long to ptrdiff_t in parser.c + + timsort.h: support older GCCs + + Make configure.ac work with older pkg-config + * Bug Fixes: + + Fix for conditional sections at end of document + + Make sure that Python tests exit with error code + + Audit memory error handling in xpath.c + + Fix error code in xmlTextWriterStartDocument + + Fix integer overflow when counting written bytes + + Fix uninitialized memory access in HTML parser + + Fix memory leak in xmlSchemaValAtomicType + + Disallow conditional sections in internal subset + + Fix use-after-free in xmlTextReaderFreeNodeList + + Fix Regextests + + Fix empty branch in regex + + Fix integer overflow in entity recursion check + + Don't read external entities or XIncludes from stdin + + Fix Schema determinism check of ##other namespaces + + Fix potential null deref in xmlSchemaIDCFillNodeTables + + Fix potential memory leak in xmlBufBackToBuffer + + Fix error message when processing XIncludes with fallbacks + + Fix memory leak in xmlRegEpxFromParse + + 14:00 is a valid timezone for xs:dateTime + + Fix memory leak in xmlParseBalancedChunkMemoryRecover + + Fix potential null deref in xmlRelaxNGParsePatterns + + Misleading error message with xs:{min|max}Inclusive + + Fix memory leak in xmlXIncludeLoadTxt + + Partial fix for comparison of xs:durations + + Fix null deref in xmlreader buffer + + Fix unability to RelaxNG-validate grammar with choice-based name class + + Fix unability to validate ambiguously constructed interleave for RelaxNG + + Fix possible null dereference in xmlXPathIdFunction + + fix memory leak in xmlAllocOutputBuffer + + Fix unsigned int overflow + + dict.h: gcc 2.95 doesn't allow multiple storage classes + + Fix another code path in xmlParseQName + + Make sure that xmlParseQName returns NULL in error case + + Fix build without reader but with pattern + + Fix memory leak in xmlAllocOutputBufferInternal error path + + Fix unsigned integer overflow + + Fix return value of xmlOutputBufferWrite + + Fix parser termination from "Double hyphen within comment" error + + Fix call stack overflow in xmlFreePattern + + Fix null deref in previous commit + + Fix memory leaks in xmlXPathParseNameComplex error paths + + Check for integer overflow in xmlXPtrEvalChildSeq + + Fix xmllint dump of XPath namespace nodes + + Fix float casts in xmlXPathSubstringFunction + + Fix null deref in xmlregexp error path + + Fix null pointer dereference in xmlTextReaderReadOuterXml + + Fix memory leaks in xmlParseStartTag2 error paths + + Fix memory leak in xmlSAX2StartElement + + Fix commit "Memory leak in xmlFreeID (xmlreader.c)" + + Fix NULL pointer deref in xmlTextReaderValidateEntity + + Memory leak in xmlFreeTextReader + + Memory leak in xmlFreeID (xmlreader.c) + * Improvements: + + Propagate memory errors in valuePush + + Propagate memory errors in xmlXPathCompExprAdd + + Make xmlFreeDocElementContent non-recursive + + Avoid ignored attribute warnings under GCC + + Make xmlDumpElementContent non-recursive + + Make apibuild.py ignore ATTRIBUTE_NO_SANITIZE + + Mark xmlExp* symbols as removed + + Make xmlParseConditionalSections non-recursive + + Adjust expected error in Python tests + + Make xmlTextReaderFreeNodeList non-recursive + + Make xmlFreeNodeList non-recursive + + Make xmlParseContent and xmlParseElement non-recursive + + Remove executable bit from non-executable files + + Fix expected output of test/schemas/any4 + + Optimize build instructions in README + + xml2-config.in: Output CFLAGS and LIBS on the same line + + xml2-config: Add a --dynamic switch to print only shared libraries + + Annotate functions with __attribute__((no_sanitize)) + + Fix warnings when compiling without reader or push parser + + Remove unused member `doc` in xmlSaveCtxt + + Limit recursion depth in xmlXPathCompOpEvalPredicate + + Remove -Wno-array-bounds + + Remove unreachable code in xmlXPathCountFunction + + Improve XPath predicate and filter evaluation + + Limit recursion depth in xmlXPathOptimizeExpression + + Disable hash randomization when fuzzing + + Optional recursion limit when parsing XPath expressions + + Optional recursion limit when evaluating XPath expressions + + Use break statements in xmlXPathCompOpEval + + Optional XPath operation limit + + Fix compilation with --with-minimum + + Check XPath stack after calling functions + + Remove debug printf in xmlreader.c + + Always define LIBXML_THREAD_ENABLED when enabled + + Fix unused function warning in testapi.c + + Remove unneeded function pointer casts + + Fix -Wcast-function-type warnings (GCC 8) + + Fix -Wformat-truncation warnings (GCC 8) + * Cleanups: + + Rebuild docs + + Disable xmlExp regex code + + Remove redundant code in xmlRelaxNGValidateState + + Remove redundant code in xmlXPathCompRelationalExpr +- Rebase patch fix-perl.diff + +------------------------------------------------------------------- Old: ---- libxml2-2.9.9.tar.gz libxml2-2.9.9.tar.gz.asc New: ---- libxml2-2.9.10.tar.gz libxml2-2.9.10.tar.gz.asc libxml2-xmlFreeNodeList-recursive.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libxml2.spec ++++++ --- /var/tmp/diff_new_pack.GqpAam/_old 2019-12-07 15:23:23.055728845 +0100 +++ /var/tmp/diff_new_pack.GqpAam/_new 2019-12-07 15:23:23.059728845 +0100 @@ -1,7 +1,7 @@ # # spec file for package libxml2 # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,7 +30,7 @@ %define bname libxml2 %define lname libxml2-2 Name: %{bname}%{pysuffix} -Version: 2.9.9 +Version: 2.9.10 Release: 0 Summary: A Library to Manipulate XML Files License: MIT @@ -47,6 +47,8 @@ Patch2: libxml2-python3-string-null-check.patch # PATCH-FIX-SUSE bsc#1135123 Added a new configurable variable XPATH_DEFAULT_MAX_NODESET_LENGTH to avoid nodeset limit Patch3: libxml2-make-XPATH_MAX_NODESET_LENGTH-configurable.patch +# PATCH-FIX-UPSTREAM bsc#1157450 This commit breaks perl-XML-LibXSLT +Patch4: libxml2-xmlFreeNodeList-recursive.patch BuildRequires: fdupes BuildRequires: pkgconfig BuildRequires: readline-devel @@ -172,6 +174,7 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 -R %build export CFLAGS="%{optflags} -fno-strict-aliasing" ++++++ fix-perl.diff ++++++ --- /var/tmp/diff_new_pack.GqpAam/_old 2019-12-07 15:23:23.103728839 +0100 +++ /var/tmp/diff_new_pack.GqpAam/_new 2019-12-07 15:23:23.103728839 +0100 @@ -11,9 +11,9 @@ Index: SAX2.c =================================================================== ---- SAX2.c.orig 2012-09-11 08:01:01.000000000 +0200 -+++ SAX2.c 2012-12-15 16:32:27.353560391 +0100 -@@ -2188,7 +2188,6 @@ +--- SAX2.c.orig ++++ SAX2.c +@@ -2222,7 +2222,6 @@ xmlSAX2StartElementNs(void *ctx, xmlNodePtr parent; xmlNsPtr last = NULL, ns; const xmlChar *uri, *pref; @@ -21,7 +21,7 @@ int i, j; if (ctx == NULL) return; -@@ -2208,20 +2207,6 @@ +@@ -2242,20 +2241,6 @@ xmlSAX2StartElementNs(void *ctx, } /* @@ -42,7 +42,7 @@ * allocate the node */ if (ctxt->freeElems != NULL) { -@@ -2234,10 +2219,7 @@ +@@ -2269,10 +2254,7 @@ xmlSAX2StartElementNs(void *ctx, if (ctxt->dictNames) ret->name = localname; else { @@ -54,7 +54,7 @@ if (ret->name == NULL) { xmlSAX2ErrMemory(ctxt, "xmlSAX2StartElementNs"); return; -@@ -2249,11 +2231,8 @@ +@@ -2284,11 +2266,8 @@ xmlSAX2StartElementNs(void *ctx, if (ctxt->dictNames) ret = xmlNewDocNodeEatName(ctxt->myDoc, NULL, (xmlChar *) localname, NULL); @@ -67,12 +67,12 @@ if (ret == NULL) { xmlSAX2ErrMemory(ctxt, "xmlSAX2StartElementNs"); return; -@@ -2360,31 +2339,6 @@ +@@ -2399,31 +2378,6 @@ xmlSAX2StartElementNs(void *ctx, */ if (nb_attributes > 0) { for (j = 0,i = 0;i < nb_attributes;i++,j+=5) { - /* -- * Handle the rare case of an undefined atribute prefix +- * Handle the rare case of an undefined attribute prefix - */ - if ((attributes[j+1] != NULL) && (attributes[j+2] == NULL)) { - if (ctxt->dictNames) { @@ -99,7 +99,6 @@ xmlSAX2AttributeNs(ctxt, attributes[j], attributes[j+1], attributes[j+3], attributes[j+4]); } - Index: result/namespaces/err_7.xml =================================================================== --- result/namespaces/err_7.xml.orig ++++++ libxml2-2.9.9.tar.gz -> libxml2-2.9.10.tar.gz ++++++ ++++ 25129 lines of diff (skipped) ++++++ libxml2-xmlFreeNodeList-recursive.patch ++++++ >From 0762c9b69ba01628f72eada1c64ff3d361fb5716 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <[email protected]> Date: Mon, 23 Sep 2019 17:07:40 +0200 Subject: [PATCH] Make xmlFreeNodeList non-recursive Avoid call stack overflow when freeing deeply nested documents. --- tree.c | 26 +++++++++++++++++++++----- 1 file changed, 21 insertions(+), 5 deletions(-) diff --git a/tree.c b/tree.c index bba061407..478132678 100644 --- a/tree.c +++ b/tree.c @@ -3664,7 +3664,9 @@ xmlNextElementSibling(xmlNodePtr node) { void xmlFreeNodeList(xmlNodePtr cur) { xmlNodePtr next; + xmlNodePtr parent; xmlDictPtr dict = NULL; + size_t depth = 0; if (cur == NULL) return; if (cur->type == XML_NAMESPACE_DECL) { @@ -3680,16 +3682,21 @@ xmlFreeNodeList(xmlNodePtr cur) { return; } if (cur->doc != NULL) dict = cur->doc->dict; - while (cur != NULL) { + while (1) { + while ((cur->children != NULL) && + (cur->type != XML_DTD_NODE) && + (cur->type != XML_ENTITY_REF_NODE)) { + cur = cur->children; + depth += 1; + } + next = cur->next; + parent = cur->parent; if (cur->type != XML_DTD_NODE) { if ((__xmlRegisterCallbacks) && (xmlDeregisterNodeDefaultValue)) xmlDeregisterNodeDefaultValue(cur); - if ((cur->children != NULL) && - (cur->type != XML_ENTITY_REF_NODE)) - xmlFreeNodeList(cur->children); if (((cur->type == XML_ELEMENT_NODE) || (cur->type == XML_XINCLUDE_START) || (cur->type == XML_XINCLUDE_END)) && @@ -3720,7 +3727,16 @@ xmlFreeNodeList(xmlNodePtr cur) { DICT_FREE(cur->name) xmlFree(cur); } - cur = next; + + if (next != NULL) { + cur = next; + } else { + if ((depth == 0) || (parent == NULL)) + break; + depth -= 1; + cur = parent; + cur->children = NULL; + } } }
