Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package expat for openSUSE:Factory checked in at 2022-01-22 08:17:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/expat (Old) and /work/SRC/openSUSE:Factory/.expat.new.1938 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "expat" Sat Jan 22 08:17:45 2022 rev:64 rq:947307 version:2.4.3 Changes: -------- --- /work/SRC/openSUSE:Factory/expat/expat.changes 2021-12-29 21:10:39.318270659 +0100 +++ /work/SRC/openSUSE:Factory/.expat.new.1938/expat.changes 2022-01-22 08:17:46.755067472 +0100 @@ -1,0 +2,32 @@ +Mon Jan 17 09:14:10 UTC 2022 - Dirk M??ller <dmuel...@suse.com> + +- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, + bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480): + * CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "<r xmlns:a='[..]' a:a123='[..]' [..] />" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow + on variable m_groupSize in function doProlog leading + to realloc acting as free. + Impact is denial of service or more. + * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. + +------------------------------------------------------------------- Old: ---- expat-2.4.2.tar.xz expat-2.4.2.tar.xz.asc New: ---- expat-2.4.3.tar.xz expat-2.4.3.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ expat.spec ++++++ --- /var/tmp/diff_new_pack.n7n0en/_old 2022-01-22 08:17:47.623061622 +0100 +++ /var/tmp/diff_new_pack.n7n0en/_new 2022-01-22 08:17:47.631061569 +0100 @@ -1,7 +1,7 @@ # # spec file for package expat # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,9 +16,9 @@ # -%global unversion 2_4_2 +%global unversion 2_4_3 Name: expat -Version: 2.4.2 +Version: 2.4.3 Release: 0 Summary: XML Parser Toolkit License: MIT ++++++ expat-2.4.2.tar.xz -> expat-2.4.3.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/CMake.README new/expat-2.4.3/CMake.README --- old/expat-2.4.2/CMake.README 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/CMake.README 2022-01-16 14:13:19.000000000 +0100 @@ -3,25 +3,25 @@ The cmake based buildsystem for expat works on Windows (cygwin, mingw, Visual Studio) and should work on all other platform cmake supports. -Assuming ~/expat-2.4.2 is the source directory of expat, add a subdirectory +Assuming ~/expat-2.4.3 is the source directory of expat, add a subdirectory build and change into that directory: -~/expat-2.4.2$ mkdir build && cd build -~/expat-2.4.2/build$ +~/expat-2.4.3$ mkdir build && cd build +~/expat-2.4.3/build$ From that directory, call cmake first, then call make, make test and make install in the usual way: -~/expat-2.4.2/build$ cmake .. +~/expat-2.4.3/build$ cmake .. -- The C compiler identification is GNU -- The CXX compiler identification is GNU .... -- Configuring done -- Generating done --- Build files have been written to: /home/patrick/expat-2.4.2/build +-- Build files have been written to: /home/patrick/expat-2.4.3/build If you want to specify the install location for your files, append -DCMAKE_INSTALL_PREFIX=/your/install/path to the cmake call. -~/expat-2.4.2/build$ make && make test && make install +~/expat-2.4.3/build$ make && make test && make install Scanning dependencies of target expat [ 5%] Building C object CMakeFiles/expat.dir/lib/xmlparse.c.o [ 11%] Building C object CMakeFiles/expat.dir/lib/xmlrole.c.o diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/CMakeLists.txt new/expat-2.4.3/CMakeLists.txt --- old/expat-2.4.2/CMakeLists.txt 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/CMakeLists.txt 2022-01-16 14:13:19.000000000 +0100 @@ -7,7 +7,7 @@ # # Copyright (c) 2010 Patrick Spendrin <ps...@gmx.de> # Copyright (c) 2012 Karl Waclawek <k...@waclawek.net> -# Copyright (c) 2016-2021 Sebastian Pipping <sebast...@pipping.org> +# Copyright (c) 2016-2022 Sebastian Pipping <sebast...@pipping.org> # Copyright (c) 2016 Sergei Nikulov <sergey.niku...@gmail.com> # Copyright (c) 2016 Bj??rn Lindahl <bjorn.lind...@foi.se> # Copyright (c) 2016 Tobias Taschner <git...@tc84.de> @@ -64,7 +64,7 @@ project(expat VERSION - 2.4.2 + 2.4.3 LANGUAGES C ) @@ -151,6 +151,9 @@ if(MSVC OR _EXPAT_HELP) set(EXPAT_MSVC_STATIC_CRT OFF CACHE BOOL "Use /MT flag (static CRT) when compiling in MSVC") endif() +if(NOT _EXPAT_HELP) + set(_EXPAT_M32 OFF CACHE BOOL "(Unofficial!) Produce 32bit code with -m32") +endif() if(EXPAT_BUILD_TESTS) # We have to call enable_language() before modifying any CMAKE_CXX_* variables @@ -322,6 +325,23 @@ endif() endif() +if(_EXPAT_M32 AND NOT MSVC) + foreach(flag_var + CMAKE_CXX_FLAGS_${_EXPAT_BUILD_TYPE_UPPER} + CMAKE_CXX_FLAGS_DEBUG + CMAKE_CXX_FLAGS_RELEASE + CMAKE_CXX_FLAGS_MINSIZEREL + CMAKE_CXX_FLAGS_RELWITHDEBINFO + CMAKE_C_FLAGS_${_EXPAT_BUILD_TYPE_UPPER} + CMAKE_C_FLAGS_DEBUG + CMAKE_C_FLAGS_RELEASE + CMAKE_C_FLAGS_MINSIZEREL + CMAKE_C_FLAGS_RELWITHDEBINFO + ) + set(${flag_var} "${${flag_var}} -m32") + endforeach() +endif() + include_directories(${CMAKE_CURRENT_BINARY_DIR} ${CMAKE_CURRENT_SOURCE_DIR}/lib) if(MSVC) add_definitions(-D_CRT_SECURE_NO_WARNINGS -wd4996) @@ -388,7 +408,7 @@ endif() set(LIBCURRENT 9) # sync -set(LIBREVISION 2) # with +set(LIBREVISION 3) # with set(LIBAGE 8) # configure.ac! math(EXPR LIBCURRENT_MINUS_AGE "${LIBCURRENT} - ${LIBAGE}") @@ -461,8 +481,7 @@ file(GENERATE OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG>/expat.pc - INPUT ${PROJECT_SOURCE_DIR}/expat.pc.cmake - TARGET expat) + INPUT ${PROJECT_SOURCE_DIR}/expat.pc.cmake) expat_install(FILES ${CMAKE_CURRENT_BINARY_DIR}/$<CONFIG>/expat.pc DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig) endif() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/Changes new/expat-2.4.3/Changes --- old/expat-2.4.2/Changes 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/Changes 2022-01-16 14:13:19.000000000 +0100 @@ -2,6 +2,58 @@ https://github.com/libexpat/libexpat/labels/help%20wanted If you can help, please get in touch. Thanks! +Release 2.4.3 Sun January 16 2022 + Security fixes: + #531 #534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "<r xmlns:a='[..]' a:a123='[..]' [..] />" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + #532 #538 CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow + on variable m_groupSize in function doProlog leading + to realloc acting as free. + Impact is denial of service or more. + #539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. + + Other changes: + #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 + #541 Autotools|CMake: MinGW: Make run.sh(.in) work for Cygwin + and MSYS2 by not going through Wine on these platforms + #527 #528 Address compiler warnings + #533 #543 Version info bumped from 9:2:8 to 9:3:8; + see https://verbump.de/ for what these numbers do + + Infrastructure: + #536 CI: Check for realistic minimum CMake version + #529 #539 CI: Cover compilation with -m32 + #529 CI: Store coverage reports as artifacts for download + #528 CI: Upgrade Clang from 11 to 13 + + Special thanks to: + An anonymous whitehat + Christopher Degawa + J. Peter Mugaas + Tyson Smith + and + GCC Farm Project + Trend Micro Zero Day Initiative + Release 2.4.2 Sun December 19 2021 Other changes: #509 #510 Link againgst libm for function "isnan" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/README.md new/expat-2.4.3/README.md --- old/expat-2.4.2/README.md 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/README.md 2022-01-16 14:13:19.000000000 +0100 @@ -5,7 +5,7 @@ [![Downloads GitHub](https://img.shields.io/github/downloads/libexpat/libexpat/total?label=Downloads%20GitHub)](https://github.com/libexpat/libexpat/releases) -# Expat, Release 2.4.2 +# Expat, Release 2.4.3 This is Expat, a C library for parsing XML, started by [James Clark](https://en.wikipedia.org/wiki/James_Clark_%28programmer%29) in 1997. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/configure new/expat-2.4.3/configure --- old/expat-2.4.2/configure 2021-12-19 23:30:38.000000000 +0100 +++ new/expat-2.4.3/configure 2022-01-16 14:53:12.000000000 +0100 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for expat 2.4.2. +# Generated by GNU Autoconf 2.71 for expat 2.4.3. # # Report bugs to <expat-b...@libexpat.org>. # @@ -621,8 +621,8 @@ # Identity of this package. PACKAGE_NAME='expat' PACKAGE_TARNAME='expat' -PACKAGE_VERSION='2.4.2' -PACKAGE_STRING='expat 2.4.2' +PACKAGE_VERSION='2.4.3' +PACKAGE_STRING='expat 2.4.3' PACKAGE_BUGREPORT='expat-b...@libexpat.org' PACKAGE_URL='' @@ -1413,7 +1413,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures expat 2.4.2 to adapt to many kinds of systems. +\`configure' configures expat 2.4.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1484,7 +1484,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of expat 2.4.2:";; + short | recursive ) echo "Configuration of expat 2.4.3:";; esac cat <<\_ACEOF @@ -1618,7 +1618,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -expat configure 2.4.2 +expat configure 2.4.3 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -2249,7 +2249,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by expat $as_me 2.4.2, which was +It was created by expat $as_me 2.4.3, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -3816,7 +3816,7 @@ # Define the identity of the package. PACKAGE='expat' - VERSION='2.4.2' + VERSION='2.4.3' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -3923,7 +3923,7 @@ LIBCURRENT=9 # sync -LIBREVISION=2 # with +LIBREVISION=3 # with LIBAGE=8 # CMakeLists.txt! ac_config_headers="$ac_config_headers expat_config.h" @@ -20214,7 +20214,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by expat $as_me 2.4.2, which was +This file was extended by expat $as_me 2.4.3, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -20282,7 +20282,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -expat config.status 2.4.2 +expat config.status 2.4.3 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/configure.ac new/expat-2.4.3/configure.ac --- old/expat-2.4.2/configure.ac 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/configure.ac 2022-01-16 14:13:19.000000000 +0100 @@ -11,7 +11,7 @@ dnl Copyright (c) 2000-2005 Fred L. Drake, Jr. <fdr...@users.sourceforge.net> dnl Copyright (c) 2001-2003 Greg Stein <gst...@users.sourceforge.net> dnl Copyright (c) 2006-2012 Karl Waclawek <k...@waclawek.net> -dnl Copyright (c) 2016-2021 Sebastian Pipping <sebast...@pipping.org> +dnl Copyright (c) 2016-2022 Sebastian Pipping <sebast...@pipping.org> dnl Copyright (c) 2017 S. P. Zeidler <s...@netbsd.org> dnl Copyright (c) 2017 Stephen Groat <step...@groat.us> dnl Copyright (c) 2017-2020 Joe Orton <jor...@redhat.com> @@ -82,7 +82,7 @@ dnl LIBCURRENT=9 # sync -LIBREVISION=2 # with +LIBREVISION=3 # with LIBAGE=8 # CMakeLists.txt! AC_CONFIG_HEADERS([expat_config.h]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/doc/reference.html new/expat-2.4.3/doc/reference.html --- old/expat-2.4.2/doc/reference.html 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/doc/reference.html 2022-01-16 14:13:19.000000000 +0100 @@ -14,7 +14,7 @@ Copyright (c) 2000 Clark Cooper <coope...@users.sourceforge.net> Copyright (c) 2000-2004 Fred L. Drake, Jr. <fdr...@users.sourceforge.net> Copyright (c) 2002-2012 Karl Waclawek <k...@waclawek.net> - Copyright (c) 2017-2021 Sebastian Pipping <sebast...@pipping.org> + Copyright (c) 2017-2022 Sebastian Pipping <sebast...@pipping.org> Copyright (c) 2017 Jakub Wilk <jw...@jwilk.net> Copyright (c) 2021 Tomas Korbar <tkor...@redhat.com> Copyright (c) 2021 Nicolas Cavallari <nicolas.cavall...@green-communications.fr> @@ -49,7 +49,7 @@ <div> <h1> The Expat XML Parser - <small>Release 2.4.2</small> + <small>Release 2.4.3</small> </h1> </div> <div class="content"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/doc/xmlwf.1 new/expat-2.4.3/doc/xmlwf.1 --- old/expat-2.4.2/doc/xmlwf.1 2021-12-19 23:30:45.000000000 +0100 +++ new/expat-2.4.3/doc/xmlwf.1 2022-01-16 14:53:19.000000000 +0100 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH XMLWF 1 "December 19, 2021" "" "" +.TH XMLWF 1 "January 16, 2022" "" "" .SH NAME xmlwf \- Determines if an XML document is well-formed .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/doc/xmlwf.xml new/expat-2.4.3/doc/xmlwf.xml --- old/expat-2.4.2/doc/xmlwf.xml 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/doc/xmlwf.xml 2022-01-16 14:13:19.000000000 +0100 @@ -9,7 +9,7 @@ Copyright (c) 2001 Scott Bronson <bron...@rinspin.com> Copyright (c) 2002-2003 Fred L. Drake, Jr. <fdr...@users.sourceforge.net> Copyright (c) 2009 Karl Waclawek <k...@waclawek.net> - Copyright (c) 2016-2021 Sebastian Pipping <sebast...@pipping.org> + Copyright (c) 2016-2022 Sebastian Pipping <sebast...@pipping.org> Copyright (c) 2016 Ardo van Rangelrooij <a...@debian.org> Copyright (c) 2017 Rhodri James <rho...@wildebeest.org.uk> Copyright (c) 2020 Joe Orton <jor...@redhat.com> @@ -22,7 +22,7 @@ <!ENTITY dhfirstname "<firstname>Scott</firstname>"> <!ENTITY dhsurname "<surname>Bronson</surname>"> <!-- Please adjust the date whenever revising the manpage. --> - <!ENTITY dhdate "<date>December 19, 2021</date>"> + <!ENTITY dhdate "<date>January 16, 2022</date>"> <!ENTITY dhsection "<manvolnum>1</manvolnum>"> <!ENTITY dhemail "<email>bron...@rinspin.com</email>"> <!ENTITY dhusername "Scott Bronson"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/expat.pc.cmake new/expat-2.4.3/expat.pc.cmake --- old/expat-2.4.2/expat.pc.cmake 2021-12-15 15:25:31.000000000 +0100 +++ new/expat-2.4.3/expat.pc.cmake 2022-01-13 23:29:11.000000000 +0100 @@ -1,11 +1,11 @@ -prefix=$<TARGET_PROPERTY:pkgconfig_prefix> -exec_prefix=$<TARGET_PROPERTY:pkgconfig_exec_prefix> -libdir=$<TARGET_PROPERTY:pkgconfig_libdir> -includedir=$<TARGET_PROPERTY:pkgconfig_includedir> +prefix=$<TARGET_PROPERTY:expat,pkgconfig_prefix> +exec_prefix=$<TARGET_PROPERTY:expat,pkgconfig_exec_prefix> +libdir=$<TARGET_PROPERTY:expat,pkgconfig_libdir> +includedir=$<TARGET_PROPERTY:expat,pkgconfig_includedir> -Name: $<TARGET_PROPERTY:pkgconfig_$<LOWER_CASE:$<CONFIG>>_name> -Version: $<TARGET_PROPERTY:pkgconfig_version> +Name: $<TARGET_PROPERTY:expat,pkgconfig_$<LOWER_CASE:$<CONFIG>>_name> +Version: $<TARGET_PROPERTY:expat,pkgconfig_version> Description: expat XML parser URL: https://libexpat.github.io/ -Libs: -L${libdir} -l$<TARGET_PROPERTY:pkgconfig_$<LOWER_CASE:$<CONFIG>>_name> $<TARGET_PROPERTY:pkgconfig_libm> +Libs: -L${libdir} -l$<TARGET_PROPERTY:expat,pkgconfig_$<LOWER_CASE:$<CONFIG>>_name> $<TARGET_PROPERTY:expat,pkgconfig_libm> Cflags: -I${includedir} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/expat_config.h new/expat-2.4.3/expat_config.h --- old/expat-2.4.2/expat_config.h 2021-12-19 23:30:44.000000000 +0100 +++ new/expat-2.4.3/expat_config.h 2022-01-16 14:53:18.000000000 +0100 @@ -77,7 +77,7 @@ #define PACKAGE_NAME "expat" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "expat 2.4.2" +#define PACKAGE_STRING "expat 2.4.3" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "expat" @@ -86,7 +86,7 @@ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "2.4.2" +#define PACKAGE_VERSION "2.4.3" /* Define to 1 if all of the C90 standard headers exist (not just the ones required in a freestanding environment). This macro is provided for @@ -94,7 +94,7 @@ #define STDC_HEADERS 1 /* Version number of package */ -#define VERSION "2.4.2" +#define VERSION "2.4.3" /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most significant byte first (like Motorola and SPARC, unlike Intel). */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/lib/expat.h new/expat-2.4.3/lib/expat.h --- old/expat-2.4.2/lib/expat.h 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/lib/expat.h 2022-01-16 14:13:19.000000000 +0100 @@ -11,7 +11,7 @@ Copyright (c) 2000-2005 Fred L. Drake, Jr. <fdr...@users.sourceforge.net> Copyright (c) 2001-2002 Greg Stein <gst...@users.sourceforge.net> Copyright (c) 2002-2016 Karl Waclawek <k...@waclawek.net> - Copyright (c) 2016-2021 Sebastian Pipping <sebast...@pipping.org> + Copyright (c) 2016-2022 Sebastian Pipping <sebast...@pipping.org> Copyright (c) 2016 Cristian Rodr??guez <crrodrig...@opensuse.org> Copyright (c) 2016 Thomas Beutlich <t...@tbeu.de> Copyright (c) 2017 Rhodri James <rho...@wildebeest.org.uk> @@ -1041,7 +1041,7 @@ */ #define XML_MAJOR_VERSION 2 #define XML_MINOR_VERSION 4 -#define XML_MICRO_VERSION 2 +#define XML_MICRO_VERSION 3 #ifdef __cplusplus } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/lib/xmlparse.c new/expat-2.4.3/lib/xmlparse.c --- old/expat-2.4.2/lib/xmlparse.c 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/lib/xmlparse.c 2022-01-16 14:13:19.000000000 +0100 @@ -1,4 +1,4 @@ -/* 0550bc9a27b099d462d8d1007271cfeaa39852f20cd0d5d2caeadaeb39516fbe (2.4.2+) +/* 9ca2a2fedc35bcb13ba9a134ba5e173020bc2ff5f5a311abf742cec7da1ff26a (2.4.3+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -13,7 +13,7 @@ Copyright (c) 2002-2016 Karl Waclawek <k...@waclawek.net> Copyright (c) 2005-2009 Steven Solie <sso...@users.sourceforge.net> Copyright (c) 2016 Eric Rahm <er...@mozilla.com> - Copyright (c) 2016-2021 Sebastian Pipping <sebast...@pipping.org> + Copyright (c) 2016-2022 Sebastian Pipping <sebast...@pipping.org> Copyright (c) 2016 Gaurav <g.gu...@samsung.com> Copyright (c) 2016 Thomas Beutlich <t...@tbeu.de> Copyright (c) 2016 Gustavo Grieco <gustavo.gri...@imag.fr> @@ -3261,13 +3261,38 @@ /* get the attributes from the tokenizer */ n = XmlGetAttributes(enc, attStr, parser->m_attsSize, parser->m_atts); + + /* Detect and prevent integer overflow */ + if (n > INT_MAX - nDefaultAtts) { + return XML_ERROR_NO_MEMORY; + } + if (n + nDefaultAtts > parser->m_attsSize) { int oldAttsSize = parser->m_attsSize; ATTRIBUTE *temp; #ifdef XML_ATTR_INFO XML_AttrInfo *temp2; #endif + + /* Detect and prevent integer overflow */ + if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE) + || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) { + return XML_ERROR_NO_MEMORY; + } + parser->m_attsSize = n + nDefaultAtts + INIT_ATTS_SIZE; + + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) { + parser->m_attsSize = oldAttsSize; + return XML_ERROR_NO_MEMORY; + } +#endif + temp = (ATTRIBUTE *)REALLOC(parser, (void *)parser->m_atts, parser->m_attsSize * sizeof(ATTRIBUTE)); if (temp == NULL) { @@ -3276,6 +3301,17 @@ } parser->m_atts = temp; #ifdef XML_ATTR_INFO + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +# if UINT_MAX >= SIZE_MAX + if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) { + parser->m_attsSize = oldAttsSize; + return XML_ERROR_NO_MEMORY; + } +# endif + temp2 = (XML_AttrInfo *)REALLOC(parser, (void *)parser->m_attInfo, parser->m_attsSize * sizeof(XML_AttrInfo)); if (temp2 == NULL) { @@ -3414,7 +3450,13 @@ if (nPrefixes) { int j; /* hash table index */ unsigned long version = parser->m_nsAttsVersion; - int nsAttsSize = (int)1 << parser->m_nsAttsPower; + + /* Detect and prevent invalid shift */ + if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) { + return XML_ERROR_NO_MEMORY; + } + + unsigned int nsAttsSize = 1u << parser->m_nsAttsPower; unsigned char oldNsAttsPower = parser->m_nsAttsPower; /* size of hash table must be at least 2 * (# of prefixed attributes) */ if ((nPrefixes << 1) @@ -3425,7 +3467,28 @@ ; if (parser->m_nsAttsPower < 3) parser->m_nsAttsPower = 3; - nsAttsSize = (int)1 << parser->m_nsAttsPower; + + /* Detect and prevent invalid shift */ + if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) { + /* Restore actual size of memory in m_nsAtts */ + parser->m_nsAttsPower = oldNsAttsPower; + return XML_ERROR_NO_MEMORY; + } + + nsAttsSize = 1u << parser->m_nsAttsPower; + + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) { + /* Restore actual size of memory in m_nsAtts */ + parser->m_nsAttsPower = oldNsAttsPower; + return XML_ERROR_NO_MEMORY; + } +#endif + temp = (NS_ATT *)REALLOC(parser, parser->m_nsAtts, nsAttsSize * sizeof(NS_ATT)); if (! temp) { @@ -3583,9 +3646,31 @@ tagNamePtr->prefixLen = prefixLen; for (i = 0; localPart[i++];) ; /* i includes null terminator */ + + /* Detect and prevent integer overflow */ + if (binding->uriLen > INT_MAX - prefixLen + || i > INT_MAX - (binding->uriLen + prefixLen)) { + return XML_ERROR_NO_MEMORY; + } + n = i + binding->uriLen + prefixLen; if (n > binding->uriAlloc) { TAG *p; + + /* Detect and prevent integer overflow */ + if (n > INT_MAX - EXPAND_SPARE) { + return XML_ERROR_NO_MEMORY; + } + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { + return XML_ERROR_NO_MEMORY; + } +#endif + uri = (XML_Char *)MALLOC(parser, (n + EXPAND_SPARE) * sizeof(XML_Char)); if (! uri) return XML_ERROR_NO_MEMORY; @@ -3681,6 +3766,21 @@ if (parser->m_freeBindingList) { b = parser->m_freeBindingList; if (len > b->uriAlloc) { + /* Detect and prevent integer overflow */ + if (len > INT_MAX - EXPAND_SPARE) { + return XML_ERROR_NO_MEMORY; + } + + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { + return XML_ERROR_NO_MEMORY; + } +#endif + XML_Char *temp = (XML_Char *)REALLOC( parser, b->uri, sizeof(XML_Char) * (len + EXPAND_SPARE)); if (temp == NULL) @@ -3693,6 +3793,21 @@ b = (BINDING *)MALLOC(parser, sizeof(BINDING)); if (! b) return XML_ERROR_NO_MEMORY; + + /* Detect and prevent integer overflow */ + if (len > INT_MAX - EXPAND_SPARE) { + return XML_ERROR_NO_MEMORY; + } + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { + return XML_ERROR_NO_MEMORY; + } +#endif + b->uri = (XML_Char *)MALLOC(parser, sizeof(XML_Char) * (len + EXPAND_SPARE)); if (! b->uri) { @@ -5019,6 +5134,11 @@ if (parser->m_prologState.level >= parser->m_groupSize) { if (parser->m_groupSize) { { + /* Detect and prevent integer overflow */ + if (parser->m_groupSize > (unsigned int)(-1) / 2u) { + return XML_ERROR_NO_MEMORY; + } + char *const new_connector = (char *)REALLOC( parser, parser->m_groupConnector, parser->m_groupSize *= 2); if (new_connector == NULL) { @@ -5029,6 +5149,16 @@ } if (dtd->scaffIndex) { + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if (parser->m_groupSize > (size_t)(-1) / sizeof(int)) { + return XML_ERROR_NO_MEMORY; + } +#endif + int *const new_scaff_index = (int *)REALLOC( parser, dtd->scaffIndex, parser->m_groupSize * sizeof(int)); if (new_scaff_index == NULL) @@ -6099,7 +6229,24 @@ } } else { DEFAULT_ATTRIBUTE *temp; + + /* Detect and prevent integer overflow */ + if (type->allocDefaultAtts > INT_MAX / 2) { + return 0; + } + int count = type->allocDefaultAtts * 2; + + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) { + return 0; + } +#endif + temp = (DEFAULT_ATTRIBUTE *)REALLOC(parser, type->defaultAtts, (count * sizeof(DEFAULT_ATTRIBUTE))); if (temp == NULL) @@ -6750,8 +6897,20 @@ /* check for overflow (table is half full) */ if (table->used >> (table->power - 1)) { unsigned char newPower = table->power + 1; + + /* Detect and prevent invalid shift */ + if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) { + return NULL; + } + size_t newSize = (size_t)1 << newPower; unsigned long newMask = (unsigned long)newSize - 1; + + /* Detect and prevent integer overflow */ + if (newSize > (size_t)(-1) / sizeof(NAMED *)) { + return NULL; + } + size_t tsize = newSize * sizeof(NAMED *); NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize); if (! newV) @@ -7101,6 +7260,20 @@ if (dtd->scaffCount >= dtd->scaffSize) { CONTENT_SCAFFOLD *temp; if (dtd->scaffold) { + /* Detect and prevent integer overflow */ + if (dtd->scaffSize > UINT_MAX / 2u) { + return -1; + } + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) { + return -1; + } +#endif + temp = (CONTENT_SCAFFOLD *)REALLOC( parser, dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD)); if (temp == NULL) @@ -7170,8 +7343,26 @@ XML_Content *ret; XML_Content *cpos; XML_Char *str; - int allocsize = (dtd->scaffCount * sizeof(XML_Content) - + (dtd->contentStringLen * sizeof(XML_Char))); + + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning + * from -Wtype-limits on platforms where + * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ +#if UINT_MAX >= SIZE_MAX + if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) { + return NULL; + } + if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) { + return NULL; + } +#endif + if (dtd->scaffCount * sizeof(XML_Content) + > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) { + return NULL; + } + + const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content) + + (dtd->contentStringLen * sizeof(XML_Char))); ret = (XML_Content *)MALLOC(parser, allocsize); if (! ret) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/lib/xmltok_ns.c new/expat-2.4.3/lib/xmltok_ns.c --- old/expat-2.4.2/lib/xmltok_ns.c 2021-10-22 13:24:55.000000000 +0200 +++ new/expat-2.4.3/lib/xmltok_ns.c 2022-01-16 14:13:19.000000000 +0100 @@ -11,7 +11,7 @@ Copyright (c) 2002 Greg Stein <gst...@users.sourceforge.net> Copyright (c) 2002 Fred L. Drake, Jr. <fdr...@users.sourceforge.net> Copyright (c) 2002-2006 Karl Waclawek <k...@waclawek.net> - Copyright (c) 2017 Sebastian Pipping <sebast...@pipping.org> + Copyright (c) 2017-2021 Sebastian Pipping <sebast...@pipping.org> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -93,7 +93,7 @@ static const ENCODING * NS(findEncoding)(const ENCODING *enc, const char *ptr, const char *end) { # define ENCODING_MAX 128 - char buf[ENCODING_MAX]; + char buf[ENCODING_MAX] = ""; char *p = buf; int i; XmlUtf8Convert(enc, &ptr, end, &p, p + ENCODING_MAX - 1); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/run.sh.in new/expat-2.4.3/run.sh.in --- old/expat-2.4.2/run.sh.in 2021-10-22 13:24:55.000000000 +0200 +++ new/expat-2.4.3/run.sh.in 2022-01-16 14:13:19.000000000 +0100 @@ -6,7 +6,7 @@ # \___/_/\_\ .__/ \__,_|\__| # |_| XML parser # -# Copyright (c) 2017 Sebastian Pipping <sebast...@pipping.org> +# Copyright (c) 2017-2022 Sebastian Pipping <sebast...@pipping.org> # Licensed under the MIT license: # # Permission is hereby granted, free of charge, to any person obtaining @@ -30,7 +30,16 @@ case "@host@" in *-mingw*) - exec wine "$@" + case "$(uname -o)" in + Cygwin|Msys) + # Windows binary on Windows host + exec "$@" + ;; + *) + # Windows binary on non-Windows host + exec wine "$@" + ;; + esac ;; *) exec "$@" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/tests/runtests.c new/expat-2.4.3/tests/runtests.c --- old/expat-2.4.2/tests/runtests.c 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/tests/runtests.c 2022-01-16 14:13:19.000000000 +0100 @@ -10,7 +10,7 @@ Copyright (c) 2003 Greg Stein <gst...@users.sourceforge.net> Copyright (c) 2005-2007 Steven Solie <sso...@users.sourceforge.net> Copyright (c) 2005-2012 Karl Waclawek <k...@waclawek.net> - Copyright (c) 2016-2021 Sebastian Pipping <sebast...@pipping.org> + Copyright (c) 2016-2022 Sebastian Pipping <sebast...@pipping.org> Copyright (c) 2017-2018 Rhodri James <rho...@wildebeest.org.uk> Copyright (c) 2017 Joe Orton <jor...@redhat.com> Copyright (c) 2017 Jos?? Guti??rrez de la Concha <j...@zeroc.com> @@ -7352,7 +7352,7 @@ fail("Version mismatch"); #if ! defined(XML_UNICODE) || defined(XML_UNICODE_WCHAR_T) - if (xcstrcmp(version_text, XCS("expat_2.4.2"))) /* needs bump on releases */ + if (xcstrcmp(version_text, XCS("expat_2.4.3"))) /* needs bump on releases */ fail("XML_*_VERSION in expat.h out of sync?\n"); #else /* If we have XML_UNICODE defined but not XML_UNICODE_WCHAR_T diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/win32/expat.iss new/expat-2.4.3/win32/expat.iss --- old/expat-2.4.2/win32/expat.iss 2021-12-19 23:21:42.000000000 +0100 +++ new/expat-2.4.3/win32/expat.iss 2022-01-16 14:13:19.000000000 +0100 @@ -14,7 +14,7 @@ ; Copyright (c) 2001 Tim Peters <tim.pet...@gmail.com> ; Copyright (c) 2001-2005 Fred L. Drake, Jr. <fdr...@users.sourceforge.net> ; Copyright (c) 2006-2017 Karl Waclawek <k...@waclawek.net> -; Copyright (c) 2007-2021 Sebastian Pipping <sebast...@pipping.org> +; Copyright (c) 2007-2022 Sebastian Pipping <sebast...@pipping.org> ; Licensed under the MIT license: ; ; Permission is hereby granted, free of charge, to any person obtaining @@ -36,7 +36,7 @@ ; OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE ; USE OR OTHER DEALINGS IN THE SOFTWARE. -#define expatVer "2.4.2" +#define expatVer "2.4.3" [Setup] AppName=Expat diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.4.2/xmlwf/xmlwf.c new/expat-2.4.3/xmlwf/xmlwf.c --- old/expat-2.4.2/xmlwf/xmlwf.c 2021-10-22 13:24:55.000000000 +0200 +++ new/expat-2.4.3/xmlwf/xmlwf.c 2022-01-13 23:41:22.000000000 +0100 @@ -1128,6 +1128,8 @@ #ifdef XML_DTD XML_SetBillionLaughsAttackProtectionActivationThreshold( parser, attackThresholdBytes); +#else + (void)attackThresholdBytes; // silence -Wunused-but-set-variable #endif }