Rebased ref, commits from common ancestor:
commit b07ef876a6ffbf41460fa39a7f5b880dd9f314e1
Author: Caolán McNamara <[email protected]>
AuthorDate: Sun Sep 1 14:40:46 2024 +0100
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:14 2025 +0100
use final upstream merged fix for this boost issue
Change-Id: I33a347d3c0efc4a38389d525f3c9e5f41a957d47
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/172723
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <[email protected]>
diff --git a/external/libcmis/0001-Fix-boost-1.86-breakage.patch
b/external/libcmis/0001-Fix-boost-1.86-breakage.patch
new file mode 100644
index 000000000000..ef398dfcc98b
--- /dev/null
+++ b/external/libcmis/0001-Fix-boost-1.86-breakage.patch
@@ -0,0 +1,47 @@
+From dfcb642a491f7ec2ae52e3e83d31bb6cdf3670c2 Mon Sep 17 00:00:00 2001
+From: David Seifert <[email protected]>
+Date: Sat, 31 Aug 2024 12:39:39 +0200
+Subject: [PATCH] Fix boost 1.86 breakage
+
+The fix does not break building against <1.86 since we're now accessing the
+object representation of the return value.
+
+Fixes #67
+---
+ src/libcmis/xml-utils.cxx | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/src/libcmis/xml-utils.cxx b/src/libcmis/xml-utils.cxx
+index e487d17..cdf088f 100644
+--- a/src/libcmis/xml-utils.cxx
++++ b/src/libcmis/xml-utils.cxx
+@@ -531,16 +531,22 @@ namespace libcmis
+ boost::uuids::detail::sha1 sha1;
+ sha1.process_bytes( str.c_str(), str.size() );
+
+- unsigned int digest[5];
++ // on boost < 1.86.0, digest_type is typedef'd as unsigned int[5]
++ // on boost >= 1.86.0, digest_type is typedef'd as unsigned char[20]
++ boost::uuids::detail::sha1::digest_type digest;
+ sha1.get_digest( digest );
+
++ // by using a pointer to unsigned char, we can read the
++ // object representation of either typedef.
++ const unsigned char* ptr = reinterpret_cast<const unsigned char*>(
digest );
++
+ stringstream out;
+- // Setup writing mode. Every number must produce eight
++ // Setup writing mode. Every number must produce two
+ // hexadecimal digits, including possible leading 0s, or we get
+ // less than 40 digits as result.
+ out << hex << setfill('0') << right;
+- for ( int i = 0; i < 5; ++i )
+- out << setw(8) << digest[i];
++ for ( int i = 0; i < sizeof( digest ); ++ptr, ++i )
++ out << setw(2) << static_cast<int>( *ptr );
+ return out.str();
+ }
+
+--
+2.45.1
+
diff --git a/external/libcmis/UnpackedTarball_libcmis.mk
b/external/libcmis/UnpackedTarball_libcmis.mk
index cc6971563e60..90ecedbf7f82 100644
--- a/external/libcmis/UnpackedTarball_libcmis.mk
+++ b/external/libcmis/UnpackedTarball_libcmis.mk
@@ -14,7 +14,7 @@ $(eval $(call
gb_UnpackedTarball_set_tarball,libcmis,$(LIBCMIS_TARBALL)))
$(eval $(call gb_UnpackedTarball_set_patchlevel,libcmis,1))
$(eval $(call gb_UnpackedTarball_add_patches,libcmis,\
- external/libcmis/boost-1.86.0.patch.1 \
+ external/libcmis/0001-Fix-boost-1.86-breakage.patch \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/libcmis/boost-1.86.0.patch.1
b/external/libcmis/boost-1.86.0.patch.1
deleted file mode 100644
index 74d6df54f832..000000000000
--- a/external/libcmis/boost-1.86.0.patch.1
+++ /dev/null
@@ -1,12 +0,0 @@
---- libcmis/src/libcmis/xml-utils.cxx 2024-08-22 12:06:16.595963754 +0200
-+++ libcmis/src/libcmis/xml-utils.cxx 2024-08-22 12:06:29.987877405 +0200
-@@ -536,7 +536,7 @@
- sha1.process_bytes( str.c_str(), str.size() );
-
- unsigned int digest[5];
-- sha1.get_digest( digest );
-+ sha1.get_digest(
reinterpret_cast<boost::uuids::detail::sha1::digest_type&>(digest) );
-
- stringstream out;
- // Setup writing mode. Every number must produce eight
-
commit a868d57d52f8b7d4ca2a590e037fdb57121ffbe6
Author: Xisco Fauli <[email protected]>
AuthorDate: Thu Aug 22 12:10:43 2024 +0200
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:14 2025 +0100
libcmis: fix build against boost-1.86.0
Based on https://github.com/tdf/libcmis/issues/67
Change-Id: I0de90a423110b03a649bd7b20f7392f3aa5a45c3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/172246
Reviewed-by: Xisco Fauli <[email protected]>
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <[email protected]>
diff --git a/external/libcmis/UnpackedTarball_libcmis.mk
b/external/libcmis/UnpackedTarball_libcmis.mk
index 5e31b8939fcb..cc6971563e60 100644
--- a/external/libcmis/UnpackedTarball_libcmis.mk
+++ b/external/libcmis/UnpackedTarball_libcmis.mk
@@ -14,6 +14,7 @@ $(eval $(call
gb_UnpackedTarball_set_tarball,libcmis,$(LIBCMIS_TARBALL)))
$(eval $(call gb_UnpackedTarball_set_patchlevel,libcmis,1))
$(eval $(call gb_UnpackedTarball_add_patches,libcmis,\
+ external/libcmis/boost-1.86.0.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/libcmis/boost-1.86.0.patch.1
b/external/libcmis/boost-1.86.0.patch.1
new file mode 100644
index 000000000000..74d6df54f832
--- /dev/null
+++ b/external/libcmis/boost-1.86.0.patch.1
@@ -0,0 +1,12 @@
+--- libcmis/src/libcmis/xml-utils.cxx 2024-08-22 12:06:16.595963754 +0200
++++ libcmis/src/libcmis/xml-utils.cxx 2024-08-22 12:06:29.987877405 +0200
+@@ -536,7 +536,7 @@
+ sha1.process_bytes( str.c_str(), str.size() );
+
+ unsigned int digest[5];
+- sha1.get_digest( digest );
++ sha1.get_digest(
reinterpret_cast<boost::uuids::detail::sha1::digest_type&>(digest) );
+
+ stringstream out;
+ // Setup writing mode. Every number must produce eight
+
commit ed6f11913e10a34a704b9acd1a8d88baca6fa3e5
Author: Thorsten Behrens <[email protected]>
AuthorDate: Fri Jan 12 12:01:29 2024 +0100
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:14 2025 +0100
Fix system-libfixmath
Seems distros start to disagree on whether its liblibfixmath or just
libfixmath.
Change-Id: I54a42b2ba050980ae632ab3c82254131cad7787e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161969
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <[email protected]>
diff --git a/config_host.mk.in b/config_host.mk.in
index eb5e751e100b..3693a2977124 100644
--- a/config_host.mk.in
+++ b/config_host.mk.in
@@ -438,6 +438,7 @@ export LIBXML_JAR=@LIBXML_JAR@
export LIBXML_LIBS=$(gb_SPACE)@LIBXML_LIBS@
export LIBXSLT_CFLAGS=$(gb_SPACE)@LIBXSLT_CFLAGS@
export LIBXSLT_LIBS=$(gb_SPACE)@LIBXSLT_LIBS@
+export LIBFIXMATH_LIBS=$(gb_SPACE)@LIBFIXMATH_LIBS@
export LOCKFILE=@LOCKFILE@
export LO_CLANG_CC=@LO_CLANG_CC@
export LO_CLANG_CXX=@LO_CLANG_CXX@
diff --git a/configure.ac b/configure.ac
index 906bffb388f8..b5d629467300 100644
--- a/configure.ac
+++ b/configure.ac
@@ -10578,13 +10578,17 @@ if test "$with_system_libfixmath" = "yes"; then
AC_LANG_PUSH([C++])
AC_CHECK_HEADER([libfixmath/fix16.hpp], [],
[AC_MSG_ERROR([libfixmath/fix16.hpp not found. install libfixmath])],
[])
- AC_CHECK_LIB([libfixmath], [fix16_mul], [:], [AC_MSG_ERROR(libfixmath lib
not found or functional)], [])
+ AC_CHECK_LIB([libfixmath], [fix16_mul], [LIBFIXMATH_LIBS=-llibfixmath],
+ [AC_CHECK_LIB([fixmath], [fix16_mul],
[LIBFIXMATH_LIBS=-lfixmath],
+ [AC_MSG_ERROR(libfixmath lib not found or
functional)])])
AC_LANG_POP([C++])
else
AC_MSG_RESULT([internal])
SYSTEM_LIBFIXMATH=
+ LIBFIXMATH_LIBS=
fi
AC_SUBST([SYSTEM_LIBFIXMATH])
+AC_SUBST([LIBFIXMATH_LIBS])
dnl ===================================================================
dnl Check for system glm
diff --git a/tools/Library_tl.mk b/tools/Library_tl.mk
index 8269e6ae98bf..7933e7735cd6 100644
--- a/tools/Library_tl.mk
+++ b/tools/Library_tl.mk
@@ -116,7 +116,7 @@ endif
ifeq ($(SYSTEM_LIBFIXMATH),TRUE)
$(eval $(call gb_Library_add_libs,tl,\
- -llibfixmath \
+ $(LIBFIXMATH_LIBS) \
))
endif
diff --git a/vcl/Library_vcl.mk b/vcl/Library_vcl.mk
index 9fd8db050b39..fede35eb962c 100644
--- a/vcl/Library_vcl.mk
+++ b/vcl/Library_vcl.mk
@@ -572,7 +572,7 @@ vcl_headless_freetype_code=\
ifeq ($(SYSTEM_LIBFIXMATH),TRUE)
$(eval $(call gb_Library_add_libs,vcl,\
- -llibfixmath \
+ $(LIBFIXMATH_LIBS) \
))
endif
commit 5a5e395299c9bb3dc54814dcf19d370cd0dad1c4
Author: Michael Stahl <[email protected]>
AuthorDate: Wed Jan 15 10:55:05 2025 +0100
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:14 2025 +0100
redland: disable all raptor parsers except for "rdfxml"
It's the only one the unordf component invokes.
CVE-2024-57823 CVE-2024-57822 affect the "ntriples" and "turtle"
parsers.
However it appears that the function raptor_uri_normalize_path() could
also be called from raptor_libxml_* functions? Somewhat unclear, let's
add the patch just in case.
Change-Id: Idd7ebbc29c63e84ca2434b06c26f7aca34bdcaa5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180272
Tested-by: Jenkins
Reviewed-by: Michael Stahl <[email protected]>
diff --git a/external/redland/ExternalProject_raptor.mk
b/external/redland/ExternalProject_raptor.mk
index 1b3b60ebac56..f5a328d11fa4 100644
--- a/external/redland/ExternalProject_raptor.mk
+++ b/external/redland/ExternalProject_raptor.mk
@@ -33,8 +33,8 @@ $(call gb_ExternalProject_get_state_target,raptor,build):
$(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl)))' \
CPPFLAGS="$(if $(SYSBASE),-I$(SYSBASE)/usr/include)
$(gb_EMSCRIPTEN_CPPFLAGS)" \
$(gb_RUN_CONFIGURE) ./configure --disable-gtk-doc \
- --enable-parsers="rdfxml ntriples turtle trig guess
rss-tag-soup" \
- --with-www=xml \
+ --enable-parsers="rdfxml" \
+ --without-www \
--without-xslt-config \
$(gb_CONFIGURE_PLATFORMS) \
$(if $(CROSS_COMPILING),$(if $(filter INTEL
ARM,$(CPUNAME)),ac_cv_c_bigendian=no)) \
diff --git a/external/redland/UnpackedTarball_raptor.mk
b/external/redland/UnpackedTarball_raptor.mk
index 6dc6491132df..dddfb4ba7923 100644
--- a/external/redland/UnpackedTarball_raptor.mk
+++ b/external/redland/UnpackedTarball_raptor.mk
@@ -30,6 +30,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,raptor,\
external/redland/raptor/xml2-config.patch \
external/redland/raptor/raptor-libxml2-11.patch.1 \
$(if $(SYSTEM_ICU),,external/redland/raptor/raptor-icu.patch) \
+ external/redland/raptor/CVE-2024-57823.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/redland/raptor/CVE-2024-57823.patch.1
b/external/redland/raptor/CVE-2024-57823.patch.1
new file mode 100644
index 000000000000..b06689304b0a
--- /dev/null
+++ b/external/redland/raptor/CVE-2024-57823.patch.1
@@ -0,0 +1,35 @@
+--- raptor2-2.0.15/src/raptor_rfc2396.c.CVE-2024-57823 2014-07-26
23:07:37.000000000 +0200
++++ raptor2-2.0.15/src/raptor_rfc2396.c 2025-01-13 12:59:22.175568228
+0100
+@@ -289,10 +289,8 @@ raptor_uri_normalize_path(unsigned char*
+ }
+
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL4("Path '%s' length %ld does not match calculated %ld.",
(const char*)path_buffer, (long)strlen((const char*)path_buffer),
(long)path_len);
+-#endif
+
+ /* Remove all "<component>/../" path components */
+
+@@ -327,10 +325,8 @@ raptor_uri_normalize_path(unsigned char*
+ if(!prev || !cur)
+ continue;
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL3("Path length %ld does not match calculated %ld.",
(long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+
+ /* If the current one is '..' */
+ if(s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
+@@ -393,10 +389,8 @@ raptor_uri_normalize_path(unsigned char*
+ }
+
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL3("Path length %ld does not match calculated %ld.",
(long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+
+ /* RFC3986 Appendix C.2 / 5.4.2 Abnormal Examples
+ * Remove leading /../ and /./
commit ac9233e5711e8f973f72dbb86f051ddd148b437c
Author: Taichi haradaguchi <[email protected]>
AuthorDate: Sat Jan 6 14:49:07 2024 +0900
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
Upgrade raptor to 2.0.16
- Fixes CVE-2017-18926 and CVE-2020-25713.
- drop 0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1:
merged upstream
- drop 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1:
merged upstream
- drop libtool.patch: merged upstream
- drop most of raptor-freebsd.patch.1: merged upstream
- drop most of raptor-msvc.patch.1: merged upsttream
- drop most of ubsan.patch: merged upstream
- drop Wint-conversion.patch: merged upstream
depend on package icu_ure to have libicuuc delivered and add corresponding
directory to rpath-link to make sure the right copy is picked up
use $(strip ...) in LDFLAGS to avoid having to escape , with $(COMMA)
Change-Id: Ic05269ade5dae3761d98432ee504a51434a4c753
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/161704
Reviewed-by: Christian Lohmaier <[email protected]>
Tested-by: Jenkins
diff --git a/configure.ac b/configure.ac
index 78b36d57c82d..906bffb388f8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -10752,8 +10752,8 @@ ICU_RECLASSIFIED_PREPEND_SET_EMPTY="TRUE"
ICU_RECLASSIFIED_CONDITIONAL_JAPANESE_STARTER="TRUE"
ICU_RECLASSIFIED_HEBREW_LETTER="TRUE"
ICU_CFLAGS_internal="-I${WORKDIR}/UnpackedTarball/icu/source/i18n
-I${WORKDIR}/UnpackedTarball/icu/source/common"
-ICU_LIBS_internal="-L${WORKDIR}/UnpackedTarball/icu/source/lib"
-libo_CHECK_SYSTEM_MODULE([icu],[ICU],[icu-i18n >= 4.6])
+ICU_LIBS_internal="-L${WORKDIR}/UnpackedTarball/icu/source/lib -licuuc"
+libo_CHECK_SYSTEM_MODULE([icu],[ICU],[icu-i18n >= 66])
if test "$SYSTEM_ICU" = TRUE; then
AC_LANG_PUSH([C++])
AC_MSG_CHECKING([for unicode/rbbi.h])
diff --git a/download.lst b/download.lst
index d951979a85ad..706f2b8abc50 100644
--- a/download.lst
+++ b/download.lst
@@ -480,8 +480,8 @@ QXP_TARBALL := libqxp-0.0.2.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-RAPTOR_SHA256SUM :=
ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed
-RAPTOR_TARBALL := a39f6c07ddb20d7dd2ff1f95fa21e2cd-raptor2-2.0.15.tar.gz
+RAPTOR_SHA256SUM :=
089db78d7ac982354bdbf39d973baf09581e6904ac4c92a98c5caadb3de44680
+RAPTOR_TARBALL := raptor2-2.0.16.tar.gz
# three static lines
# so that git cherry-pick
# will not run into conflicts
diff --git a/external/redland/ExternalProject_raptor.mk
b/external/redland/ExternalProject_raptor.mk
index b3ae74c10b61..1b3b60ebac56 100644
--- a/external/redland/ExternalProject_raptor.mk
+++ b/external/redland/ExternalProject_raptor.mk
@@ -9,7 +9,12 @@
$(eval $(call gb_ExternalProject_ExternalProject,raptor))
-$(eval $(call gb_ExternalProject_use_external,raptor,libxml2))
+$(eval $(call gb_ExternalProject_use_externals,raptor,\
+ icu \
+ libxml2 \
+))
+
+$(eval $(call gb_ExternalProject_use_package,raptor,icu_ure))
$(eval $(call gb_ExternalProject_register_targets,raptor,\
build \
@@ -23,9 +28,9 @@ $(call gb_ExternalProject_get_state_target,raptor,build):
$(call gb_ExternalProject_get_build_flags,raptor) \
$(if $(filter
TRUE,$(DISABLE_DYNLOADING)),-fvisibility=hidden) \
$(if $(filter
GCCLINUXPOWERPC64,$(COM)$(OS)$(CPUNAME)),-mminimal-toc)" \
- LDFLAGS=" \
- $(if $(filter LINUX
FREEBSD,$(OS)),-Wl$(COMMA)-z$(COMMA)origin
-Wl$(COMMA)-rpath$(COMMA)\"\$$\$$ORIGIN") \
- $(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl))" \
+ LDFLAGS='$(strip \
+ $(if $(filter LINUX FREEBSD,$(OS)),$(strip -Wl,-z,origin
-Wl,-rpath,\$$$$ORIGIN -Wl,-rpath-link,$(INSTROOT)/$(LIBO_URE_LIB_FOLDER))) \
+ $(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl)))' \
CPPFLAGS="$(if $(SYSBASE),-I$(SYSBASE)/usr/include)
$(gb_EMSCRIPTEN_CPPFLAGS)" \
$(gb_RUN_CONFIGURE) ./configure --disable-gtk-doc \
--enable-parsers="rdfxml ntriples turtle trig guess
rss-tag-soup" \
diff --git a/external/redland/ExternalProject_redland.mk
b/external/redland/ExternalProject_redland.mk
index d92c642b9cd1..4e2f2fbe4e8b 100644
--- a/external/redland/ExternalProject_redland.mk
+++ b/external/redland/ExternalProject_redland.mk
@@ -24,9 +24,9 @@ $(call gb_ExternalProject_get_state_target,redland,build):
$(call gb_Trace_StartRange,redland,EXTERNAL)
$(call gb_ExternalProject_run,build,\
CFLAGS="$(CFLAGS) $(if $(filter
TRUE,$(DISABLE_DYNLOADING)),-fvisibility=hidden) $(call
gb_ExternalProject_get_build_flags,redland) $(gb_EMSCRIPTEN_CPPFLAGS)" \
- LDFLAGS=" \
- $(if $(filter LINUX
FREEBSD,$(OS)),-Wl$(COMMA)-z$(COMMA)origin
-Wl$(COMMA)-rpath$(COMMA)\"\$$\$$ORIGIN") \
- $(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl))" \
+ LDFLAGS='$(strip \
+ $(if $(filter LINUX FREEBSD,$(OS)),$(strip -Wl,-z,origin
-Wl,-rpath,\$$$$ORIGIN -Wl,-rpath-link,$(INSTROOT)/$(LIBO_URE_LIB_FOLDER))) \
+ $(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl)))' \
CPPFLAGS="$(if $(SYSBASE),-I$(SYSBASE)/usr/include)" \
PKG_CONFIG="" \
RAPTOR2_CFLAGS="-I$(call
gb_UnpackedTarball_get_dir,raptor)/src" \
diff --git a/external/redland/Library_raptor.mk
b/external/redland/Library_raptor.mk
index b2779f7dec17..9cfc4aeb36fc 100644
--- a/external/redland/Library_raptor.mk
+++ b/external/redland/Library_raptor.mk
@@ -17,6 +17,8 @@ $(eval $(call gb_Library_set_include,raptor2, \
$(eval $(call gb_Library_use_unpacked,raptor2,raptor))
$(eval $(call gb_Library_use_externals,raptor2,\
+ icu_headers \
+ icuuc \
libxml2 \
libxslt \
))
diff --git a/external/redland/README b/external/redland/README
index 591e93398726..efa6f45d71ba 100644
--- a/external/redland/README
+++ b/external/redland/README
@@ -1,4 +1,4 @@
-Redland RDF library (librdf) from [http://librdf.org/]
+Redland RDF library (librdf) from [https://librdf.org/]
== License ==
[git:redland/LICENSE.txt]
diff --git a/external/redland/UnpackedTarball_raptor.mk
b/external/redland/UnpackedTarball_raptor.mk
index ae61e9e4f3dd..6dc6491132df 100644
--- a/external/redland/UnpackedTarball_raptor.mk
+++ b/external/redland/UnpackedTarball_raptor.mk
@@ -28,11 +28,8 @@ $(eval $(call gb_UnpackedTarball_add_patches,raptor,\
external/redland/raptor/ubsan.patch \
$(if $(SYSTEM_LIBXML),,external/redland/raptor/rpath.patch) \
external/redland/raptor/xml2-config.patch \
-
external/redland/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
\
-
external/redland/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1
\
- external/redland/raptor/libtool.patch \
- external/redland/raptor/Wint-conversion.patch \
external/redland/raptor/raptor-libxml2-11.patch.1 \
+ $(if $(SYSTEM_ICU),,external/redland/raptor/raptor-icu.patch) \
))
# vim: set noet sw=4 ts=4:
diff --git
a/external/redland/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1
b/external/redland/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1
deleted file mode 100644
index 1fb279df3e4d..000000000000
---
a/external/redland/raptor/0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1
+++ /dev/null
@@ -1,33 +0,0 @@
-From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <[email protected]>
-Date: Tue, 24 Nov 2020 10:30:20 +0000
-Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a
- segfault
-
-due to an out of bounds array access in
-raptor_xml_writer_start_element_common
-
-See:
-https://bugs.mageia.org/show_bug.cgi?id=27605
-https://www.openwall.com/lists/oss-security/2020/11/13/1
-https://gerrit.libreoffice.org/c/core/+/106249
----
- src/raptor_xml_writer.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
-index 56993dc3..4426d38c 100644
---- a/src/raptor_xml_writer.c
-+++ b/src/raptor_xml_writer.c
-@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer*
xml_writer,
-
- /* check it wasn't an earlier declaration too */
- for(j = 0; j < nspace_declarations_count; j++)
-- if(nspace_declarations[j].nspace ==
element->attributes[j]->nspace) {
-+ if(nspace_declarations[j].nspace ==
element->attributes[i]->nspace) {
- declare_me = 0;
- break;
- }
---
-2.28.0
-
diff --git
a/external/redland/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
b/external/redland/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
deleted file mode 100644
index 6fa726cae6da..000000000000
---
a/external/redland/raptor/0001-Calcualte-max-nspace-declarations-correctly-for-XML-.patch.1
+++ /dev/null
@@ -1,43 +0,0 @@
-From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001
-From: Dave Beckett <[email protected]>
-Date: Sun, 16 Apr 2017 23:15:12 +0100
-Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
-
-(raptor_xml_writer_start_element_common): Calculate max including for
-each attribute a potential name and value.
-
-Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
-and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
----
- src/raptor_xml_writer.c | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
-index 693b946..0d3a36a 100644
---- a/src/raptor_xml_writer.c
-+++ b/src/raptor_xml_writer.c
-@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer*
xml_writer,
- size_t nspace_declarations_count = 0;
- unsigned int i;
-
-- /* max is 1 per element and 1 for each attribute + size of declared */
- if(nstack) {
-- int nspace_max_count = element->attribute_count+1;
-+ int nspace_max_count = element->attribute_count * 2; /* attr and value */
-+ if(element->name->nspace)
-+ nspace_max_count++;
- if(element->declared_nspaces)
- nspace_max_count += raptor_sequence_size(element->declared_nspaces);
- if(element->xml_language)
-@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer*
xml_writer,
- }
- }
-
-- /* Add the attribute + value */
-+ /* Add the attribute's value */
- nspace_declarations[nspace_declarations_count].declaration=
- raptor_qname_format_as_xml(element->attributes[i],
-
&nspace_declarations[nspace_declarations_count].length);
---
-2.9.3
-
diff --git a/external/redland/raptor/Wint-conversion.patch
b/external/redland/raptor/Wint-conversion.patch
deleted file mode 100644
index fb85f4f13518..000000000000
--- a/external/redland/raptor/Wint-conversion.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- src/raptor_parse.c
-+++ src/raptor_parse.c
-@@ -257,7 +257,7 @@
- int
- raptor_world_get_parsers_count(raptor_world* world)
- {
-- RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, NULL);
-+ RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, 0);
-
- raptor_world_open(world);
-
---- src/raptor_serialize.c
-+++ src/raptor_serialize.c
-@@ -240,7 +240,7 @@
- int
- raptor_world_get_serializers_count(raptor_world* world)
- {
-- RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, NULL);
-+ RAPTOR_ASSERT_OBJECT_POINTER_RETURN_VALUE(world, raptor_world, 0);
-
- raptor_world_open(world);
-
diff --git a/external/redland/raptor/libtool.patch
b/external/redland/raptor/libtool.patch
deleted file mode 100644
index b0baae661bab..000000000000
--- a/external/redland/raptor/libtool.patch
+++ /dev/null
@@ -1,27 +0,0 @@
---- build/ltmain.sh
-+++ build/ltmain.sh
-@@ -5301,6 +5301,12 @@
- prev=
- continue
- ;;
-+ mllvm)
-+ # Clang does not use LLVM to link, so we can simply discard any
-+ # '-mllvm $arg' options when doing the link step.
-+ prev=
-+ continue
-+ ;;
- objectlist)
- if test -f "$arg"; then
- save_arg=$arg
-@@ -5639,6 +5645,11 @@
- continue
- ;;
-
-+ -mllvm)
-+ prev=mllvm
-+ continue
-+ ;;
-+
- -module)
- module=yes
- continue
diff --git a/external/redland/raptor/raptor-android.patch.1
b/external/redland/raptor/raptor-android.patch.1
index cb843839c848..854f1c6b3932 100644
--- a/external/redland/raptor/raptor-android.patch.1
+++ b/external/redland/raptor/raptor-android.patch.1
@@ -1,13 +1,13 @@
No sonames on Android
---- a/configure 2013-03-29 19:46:34.922901756 +0100
-+++ b/configure 2013-03-29 19:46:56.051901574 +0100
-@@ -9866,7 +9866,7 @@
+--- a/configure 2023-03-02 02:58:10.000000000 +0900
++++ b/configure 2024-03-07 21:32:06.394607400 +0900
+@@ -11165,7 +11165,7 @@
*Sun\ F*) # Sun Fortran 8.3
tmp_sharedflag='-G' ;;
esac
-- archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs
$compiler_flags ${wl}-soname $wl$soname -o $lib'
+- archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs
$compiler_flags $wl-soname $wl$soname -o $lib'
+ archive_cmds='$CC '"$tmp_sharedflag""$tmp_addflag"' $libobjs $deplibs
$compiler_flags -o $lib'
- if test "x$supports_anon_versioning" = xyes; then
+ if test yes = "$supports_anon_versioning"; then
archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~
diff --git a/external/redland/raptor/raptor-bundled-soname.patch.1
b/external/redland/raptor/raptor-bundled-soname.patch.1
index cce2482d147f..5e3eef560542 100644
--- a/external/redland/raptor/raptor-bundled-soname.patch.1
+++ b/external/redland/raptor/raptor-bundled-soname.patch.1
@@ -1,11 +1,11 @@
rhbz#809466 change soname of bundled redland libs
---- a/src/Makefile.in 2013-03-29 19:11:27.944919859 +0100
-+++ b/src/Makefile.in 2013-03-29 19:17:42.173916644 +0100
-@@ -507,7 +507,7 @@
- $(am__append_21) $(am__append_22) $(am__append_23) \
- $(am__append_24) $(am__append_25) $(am__append_26)
- libraptor2_la_LIBADD = $(am__append_29) @LTLIBOBJS@
+--- a/src/Makefile.in 2023-03-02 02:58:09.000000000 +0900
++++ b/src/Makefile.in 2024-01-06 13:59:13.424477428 +0900
+@@ -783,7 +783,7 @@
+ $(am__append_24) $(am__append_25) $(am__append_26) \
+ $(am__append_27) $(am__append_28)
+ libraptor2_la_LIBADD = $(am__append_31) @LTLIBOBJS@
-libraptor2_la_LDFLAGS = -version-info @RAPTOR_LIBTOOL_VERSION@ \
+libraptor2_la_LDFLAGS = -version-info @RAPTOR_LIBTOOL_VERSION@ -release lo \
@RAPTOR_LDFLAGS@ $(MEM_LIBS)
diff --git a/external/redland/raptor/raptor-emscripten.patch.1
b/external/redland/raptor/raptor-emscripten.patch.1
index e3c53b35b7b0..847ccfe8341b 100644
--- a/external/redland/raptor/raptor-emscripten.patch.1
+++ b/external/redland/raptor/raptor-emscripten.patch.1
@@ -1,12 +1,12 @@
-*- Mode: Diff -*-
--- raptor/src/sort_r.h
+++ raptor/src/sort_r.h
-@@ -27,7 +27,7 @@
- defined AMIGA)
+@@ -28,7 +28,7 @@
# define _SORT_R_BSD
#elif (defined _GNU_SOURCE || defined __gnu_hurd__ || defined __GNU__ || \
-- defined __linux__ || defined __MINGW32__ || defined __GLIBC__)
-+ defined __linux__ || defined __MINGW32__ || defined __GLIBC__ ||
defined __EMSCRIPTEN__)
+ defined __linux__ || defined __MINGW32__ || defined __GLIBC__ || \
+- defined __CYGWIN__)
++ defined __CYGWIN__ || defined __EMSCRIPTEN__)
# define _SORT_R_LINUX
#elif (defined _WIN32 || defined _WIN64 || defined __WINDOWS__)
# define _SORT_R_WINDOWS
diff --git a/external/redland/raptor/raptor-freebsd.patch.1
b/external/redland/raptor/raptor-freebsd.patch.1
index 349f3a197b8a..3909ada0a335 100644
--- a/external/redland/raptor/raptor-freebsd.patch.1
+++ b/external/redland/raptor/raptor-freebsd.patch.1
@@ -1,28 +1,17 @@
Usual patch to produce Linux-like .so files on FreeBSD
---- a/build/ltmain.sh 2008-02-02 22:28:24.000000000 +0900
-+++ b/build/ltmain.sh 2008-07-08 11:58:42.000000000 +0900
-@@ -7341,9 +7341,9 @@
- revision="$number_revision"
+--- a/build/ltmain.sh 2023-02-24 11:51:18.000000000 +0900
++++ b/build/ltmain.sh 2024-01-06 13:46:15.460224000 +0900
+@@ -9107,9 +9107,9 @@
+ revision=$number_revision
;;
- freebsd-aout|freebsd-elf|qnx|sunos)
-- current="$number_major"
-- revision="$number_minor"
-- age="0"
+ freebsd-aout|qnx|sunos)
+- current=$number_major
+- revision=$number_minor
+- age=0
+ current=`expr $number_major + $number_minor`
-+ age="$number_minor"
-+ revision="$number_revision"
++ age=$number_minor
++ revision=$number_revision
;;
irix|nonstopux)
func_arith $number_major + $number_minor
-@@ -7420,8 +7420,8 @@
- ;;
-
- freebsd-elf)
-- major=".$current"
-- versuffix=".$current"
-+ major=.`expr $current - $age`
-+ versuffix="$major.$age.$revision"
- ;;
-
- irix | nonstopux)
diff --git a/external/redland/raptor/raptor-icu.patch
b/external/redland/raptor/raptor-icu.patch
new file mode 100644
index 000000000000..227392dc5539
--- /dev/null
+++ b/external/redland/raptor/raptor-icu.patch
@@ -0,0 +1,11 @@
+--- configure 2023-03-02 02:58:10.000000000 +0900
++++ configure 2024-05-11 16:19:06.843539720 +0900
+@@ -16583,7 +16583,7 @@
+ printf "%s
" "yes" >&6; }
+
+ have_icu=yes
+- ICU_UC_VERSION=`$PKG_CONFIG icu-uc --modversion`
++ ICU_UC_VERSION="$ICU_MAJOR.$ICU_MINOR"
+
+ fi
+ ICU_UC_MAJOR_VERSION=`echo "$ICU_UC_VERSION" | sed -e 's/\..*$//'`
diff --git a/external/redland/raptor/raptor-msvc.patch.1
b/external/redland/raptor/raptor-msvc.patch.1
index 245b19bdca70..7bf9c76d01e8 100644
--- a/external/redland/raptor/raptor-msvc.patch.1
+++ b/external/redland/raptor/raptor-msvc.patch.1
@@ -1,13 +1,3 @@
---- raptor/src/raptor2.h.in.orig 2016-08-26 23:45:34.543400074 +0200
-+++ raptor/src/raptor2.h.in 2016-08-26 23:45:40.479399614 +0200
-@@ -2176,6 +2176,7 @@
- void* raptor_avltree_iterator_get(raptor_avltree_iterator* iterator);
-
- /* utility methods */
-+RAPTOR_API
- void raptor_sort_r(void *base, size_t nel, size_t width,
raptor_data_compare_arg_handler compar, void *user_data);
-
-
--- raptor/src/raptor_uri.c 2016-08-26 23:45:34.543400074 +0200
+++ raptor/src/raptor_uri.c 2016-08-26 23:45:40.479399614 +0200
@@ -51,6 +51,10 @@
diff --git a/external/redland/raptor/raptor2.h
b/external/redland/raptor/raptor2.h
index 4929117e772e..72935aa73a29 100644
--- a/external/redland/raptor/raptor2.h
+++ b/external/redland/raptor/raptor2.h
@@ -53,14 +53,14 @@ extern "C" {
*
* Format: major * 10000 + minor * 100 + release
*/
-#define RAPTOR_VERSION 20015
+#define RAPTOR_VERSION 20016
/**
* RAPTOR_VERSION_STRING:
*
* Raptor library version string
*/
-#define RAPTOR_VERSION_STRING "2.0.15"
+#define RAPTOR_VERSION_STRING "2.0.16"
/**
* RAPTOR_VERSION_MAJOR:
@@ -81,7 +81,7 @@ extern "C" {
*
* Raptor library release
*/
-#define RAPTOR_VERSION_RELEASE 15
+#define RAPTOR_VERSION_RELEASE 16
/**
* RAPTOR_API:
@@ -251,6 +251,14 @@ extern const unsigned int raptor_rdf_namespace_uri_len;
RAPTOR_API
extern const unsigned char * const raptor_rdf_schema_namespace_uri;
+/**
+ * raptor_rdf_schenma_namespace_uri_len:
+ *
+ * Length of #raptor_rdf_schenma_namespace_uri string
+ */
+RAPTOR_API
+extern const unsigned int raptor_rdf_schema_namespace_uri_len;
+
/**
* raptor_xmlschema_datatypes_namespace_uri:
*
@@ -1433,10 +1441,16 @@ int raptor_www_set_ssl_cert_options(raptor_www* www,
const char* cert_filename,
RAPTOR_API
int raptor_www_set_ssl_verify_options(raptor_www* www, int verify_peer, int
verify_host);
RAPTOR_API
+int raptor_www_set_user_agent2(raptor_www *www, const char *user_agent, size_t
user_agent_len);
+RAPTOR_API RAPTOR_DEPRECATED
void raptor_www_set_user_agent(raptor_www *www, const char *user_agent);
RAPTOR_API
+int raptor_www_set_proxy2(raptor_www *www, const char *proxy, size_t
proxy_len);
+RAPTOR_API RAPTOR_DEPRECATED
void raptor_www_set_proxy(raptor_www *www, const char *proxy);
RAPTOR_API
+int raptor_www_set_http_accept2(raptor_www *www, const char *value, size_t
value_len);
+RAPTOR_API RAPTOR_DEPRECATED
void raptor_www_set_http_accept(raptor_www *www, const char *value);
RAPTOR_API
void raptor_www_set_write_bytes_handler(raptor_www *www,
raptor_www_write_bytes_handler handler, void *user_data);
@@ -1812,8 +1826,8 @@ int raptor_iostream_read_eof(raptor_iostream *iostr);
/**
* raptor_escaped_write_bitflags:
* @RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_BF : Allow � �,
- * @RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_TNRU : ALlow
\u
- * @RAPTOR_ESCAPED_WRITE_BITFLAG_UTF8 : Allow UTF-8 for printable U
*
+ * @RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_TNRU : Allow
\u \U
+ * @RAPTOR_ESCAPED_WRITE_BITFLAG_UTF8 : Use UTF-8 instead of \u \U
for U+0080 or larger (will always use \u for U+0000..U+001F and U+007F)
* @RAPTOR_ESCAPED_WRITE_BITFLAG_SPARQL_URI_ESCAPES: Must escape
#x00-#x20<>\"{}|^` in URIs
* @RAPTOR_ESCAPED_WRITE_NTRIPLES_LITERAL: N-Triples literal
* @RAPTOR_ESCAPED_WRITE_NTRIPLES_URI: N-Triples URI
@@ -1823,7 +1837,7 @@ int raptor_iostream_read_eof(raptor_iostream *iostr);
* @RAPTOR_ESCAPED_WRITE_TURTLE_URI: Turtle 2013 URIs (like SPARQL)
* @RAPTOR_ESCAPED_WRITE_TURTLE_LITERAL: Turtle 2013 literals (like SPARQL)
* @RAPTOR_ESCAPED_WRITE_TURTLE_LONG_LITERAL: Turtle 2013 long literals (like
SPARQL)
- * @RAPTOR_ESCAPED_WRITE_JSON_LITERAL: JSON literals: � �
and \u \U
+ * @RAPTOR_ESCAPED_WRITE_JSON_LITERAL: JSON literals: UTF-8 plus � �
, \uXXXX only, no \U
*
* Bit flags for raptor_string_escaped_write() and friends.
*/
@@ -1851,8 +1865,8 @@ typedef enum {
RAPTOR_ESCAPED_WRITE_TURTLE_LITERAL = RAPTOR_ESCAPED_WRITE_SPARQL_LITERAL,
RAPTOR_ESCAPED_WRITE_TURTLE_LONG_LITERAL =
RAPTOR_ESCAPED_WRITE_SPARQL_LONG_LITERAL,
- /* JSON literals: � �
and \u \U */
- RAPTOR_ESCAPED_WRITE_JSON_LITERAL =
RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_TNRU |
RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_BF
+ /* JSON literals: UTF-8 plus � �
\uXXXX */
+ RAPTOR_ESCAPED_WRITE_JSON_LITERAL =
RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_TNRU |
RAPTOR_ESCAPED_WRITE_BITFLAG_BS_ESCAPES_BF | RAPTOR_ESCAPED_WRITE_BITFLAG_UTF8
} raptor_escaped_write_bitflags;
@@ -2153,6 +2167,8 @@ void* raptor_avltree_remove(raptor_avltree* tree, void*
p_data);
RAPTOR_API
int raptor_avltree_delete(raptor_avltree* tree, void* p_data);
RAPTOR_API
+void raptor_avltree_trim(raptor_avltree* tree);
+RAPTOR_API
void* raptor_avltree_search(raptor_avltree* tree, const void* p_data);
RAPTOR_API
int raptor_avltree_visit(raptor_avltree* tree, raptor_avltree_visit_handler
visit_handler, void* user_data);
diff --git a/external/redland/raptor/raptor_config.h
b/external/redland/raptor/raptor_config.h
index 74f58de95e94..b1e663519eee 100644
--- a/external/redland/raptor/raptor_config.h
+++ b/external/redland/raptor/raptor_config.h
@@ -66,12 +66,6 @@
/* Define to 1 if you have the <limits.h> header file. */
#define HAVE_LIMITS_H 1
-/* Define to 1 if you have the <math.h> header file. */
-#define HAVE_MATH_H 1
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
/* Define to 1 if you have the `qsort_r' function. */
#undef HAVE_QSORT_R
@@ -99,6 +93,9 @@
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
+/* Define to 1 if you have the <stdio.h> header file. */
+#define HAVE_STDIO_H 1
+
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
@@ -114,7 +111,7 @@
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
-/* Define to 1 if you have the `strtok_r' function. */
+/* have the strtok_r function */
#undef HAVE_STRTOK_R
/* Define to 1 if you have the <sys/param.h> header file. */
@@ -129,6 +126,9 @@
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
+/* Define to 1 if you have the <time.h> header file. */
+#define HAVE_TIME_H 1
+
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
@@ -156,8 +156,10 @@
/* Is __FUNCTION__ available */
#define HAVE___FUNCTION__ 1
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
- */
+/* ICU UC major version */
+#define ICU_UC_MAJOR_VERSION ICU_MAJOR
+
+/* Define to the sub-directory where libtool stores uninstalled libraries. */
#undef LT_OBJDIR
/* Define to 1 if maintainer mode is enabled. */
@@ -166,9 +168,6 @@
/* need 'extern int optind' declaration? */
#undef NEED_OPTIND_DECLARATION
-/* Define to 1 if your C compiler doesn't accept -c and -o together. */
-#undef NO_MINUS_C_MINUS_O
-
/* Name of package */
#undef PACKAGE
@@ -194,7 +193,7 @@
#undef RAPTOR_DEBUG
/* Use ICU for Unicode NFC check */
-#undef RAPTOR_ICU_NFC
+#define RAPTOR_ICU_NFC 1
/* does libxml struct xmlEntity have a field etype */
#define RAPTOR_LIBXML_ENTITY_ETYPE 1
@@ -259,6 +258,9 @@
/* Building JSON serializer */
#undef RAPTOR_SERIALIZER_JSON
+/* Building mKR serializer */
+#undef RAPTOR_SERIALIZER_MKR
+
/* Building N-Quads serializer */
#undef RAPTOR_SERIALIZER_NQUADS
@@ -278,7 +280,7 @@
#undef RAPTOR_SERIALIZER_TURTLE
/* Release version as a decimal */
-#define RAPTOR_VERSION_DECIMAL 20015
+#define RAPTOR_VERSION_DECIMAL 20016
/* Major version number */
#define RAPTOR_VERSION_MAJOR 2
@@ -287,7 +289,7 @@
#define RAPTOR_VERSION_MINOR 0
/* Release version number */
-#define RAPTOR_VERSION_RELEASE 15
+#define RAPTOR_VERSION_RELEASE 16
/* Have libcurl WWW library */
#undef RAPTOR_WWW_LIBCURL
@@ -307,14 +309,13 @@
/* Use libxml XML parser */
#define RAPTOR_XML_LIBXML 1
-/* Define to 1 if you have the ANSI C header files. */
+/* Define to 1 if all of the C90 standard headers exist (not just the ones
+ required in a freestanding environment). This macro is provided for
+ backward compatibility; new code need not use it. */
#undef STDC_HEADERS
-/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
-#undef TIME_WITH_SYS_TIME
-
/* Version number of package */
-#define VERSION "2.0.15"
+#define VERSION "2.0.16"
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
@@ -332,11 +333,6 @@
`char[]'. */
#undef YYTEXT_POINTER
-/* Enable large inode numbers on macOS 10.5. */
-#ifndef _DARWIN_USE_64_BIT_INODE
-# define _DARWIN_USE_64_BIT_INODE 1
-#endif
-
/* Number of bits in a file offset, on hosts where this is settable. */
#undef _FILE_OFFSET_BITS
diff --git a/external/redland/raptor/ubsan.patch
b/external/redland/raptor/ubsan.patch
index 641d60bb7b49..54b041e80f1f 100644
--- a/external/redland/raptor/ubsan.patch
+++ b/external/redland/raptor/ubsan.patch
@@ -9,17 +9,3 @@
/* Remove <component>/.. at the end of the path */
*prev = '
path_len -= (s-prev);
---- src/raptor_uri.c
-+++ src/raptor_uri.c
-@@ -1336,9 +1336,9 @@
- !strncmp((const char*)base_detail->scheme,
- (const char*)reference_detail->scheme,
- base_detail->scheme_len) &&
-- !strncmp((const char*)base_detail->authority,
-+ (base_detail->authority_len == 0 || !strncmp((const
char*)base_detail->authority,
- (const char*)reference_detail->authority,
-- base_detail->authority_len)) {
-+ base_detail->authority_len))) {
-
- if(!base_detail->path) {
- if(reference_detail->path) {
diff --git a/external/redland/raptor/xml2-config.patch
b/external/redland/raptor/xml2-config.patch
index 2550acee044a..41f338eccb66 100644
--- a/external/redland/raptor/xml2-config.patch
+++ b/external/redland/raptor/xml2-config.patch
@@ -1,6 +1,6 @@
--- configure
+++ configure
-@@ -14197,6 +14197,11 @@
+@@ -16004,6 +16004,11 @@
test -n "$XML_CONFIG" && break
done
@@ -12,11 +12,11 @@
fi
fi
-@@ -14481,6 +14481,7 @@
+@@ -16104,6 +16109,7 @@
LIBXML_VERSION=`$PKG_CONFIG libxml-2.0 --modversion`
libxml_source="pkg-config"
+ XML_CONFIG="$PKG_CONFIG libxml-2.0"
fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libxml via
pkg-config" >&5
+ { printf "%s
" "$as_me:${as_lineno-$LINENO}: checking for libxml via pkg-config" >&5
diff --git a/external/redland/rasqal/rasqal-pkgconfig.patch.1
b/external/redland/rasqal/rasqal-pkgconfig.patch.1
index ac3eab07c4e4..0db4c993d256 100644
--- a/external/redland/rasqal/rasqal-pkgconfig.patch.1
+++ b/external/redland/rasqal/rasqal-pkgconfig.patch.1
@@ -7,8 +7,7 @@ Let the pkg-config stuff be overridden by variables
$as_echo "yes" >&6; }
- RAPTOR_VERSION=`$PKG_CONFIG raptor2 --modversion 2>/dev/null`
-+ RAPTOR_VERSION=2.0.15
++ RAPTOR_VERSION=2.0.16
raptor_too_old=0
as_arg_v1=$RAPTOR_VERSION
as_arg_v2=$RAPTOR_MIN_VERSION
-
commit ace5ac9114f504f1b4f2b589dae86c048e835de0
Author: Stephan Bergmann <[email protected]>
AuthorDate: Sat Dec 7 17:36:22 2024 +0100
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
Fix check for further exotic protocols
...that were added in 59891cd3985469bc44dbd05c9fc704eeb07f0c78 "look at
'embedded' protocols for protocols that support them"
Change-Id: I42836d6fd27cd99e39ab07e626053f002a2651f5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178047
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <[email protected]>
(cherry picked from commit 8075798b22f2188530f57b8747589923bfd419ef)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178065
Tested-by: Caolán McNamara <[email protected]>
Reviewed-by: Caolán McNamara <[email protected]>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178166
Reviewed-by: Miklos Vajna <[email protected]>
Tested-by: Jenkins CollaboraOffice <[email protected]>
(cherry picked from commit a58893f2de8210008fa7bb403e9c9000869e6c04)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178294
diff --git a/tools/qa/cppunit/test_urlobj.cxx b/tools/qa/cppunit/test_urlobj.cxx
index 273b5feff954..1df859b305f9 100644
--- a/tools/qa/cppunit/test_urlobj.cxx
+++ b/tools/qa/cppunit/test_urlobj.cxx
@@ -354,6 +354,49 @@ namespace tools_urlobj
}
}
+ void testIsExoticProtocol() {
+ {
+ INetURLObject url(u"vnd.sun.star.pkg://slot%3A0");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg,
url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject
url(u"vnd.sun.star.pkg://vnd.sun.star.pkg%3A%2F%2Fslot%253A0");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg,
url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject
url(u"vnd.sun.star.pkg://http%3A%2F%2Fexample.net");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::VndSunStarPkg,
url.GetProtocol());
+ CPPUNIT_ASSERT(!url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0/foo");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0?foo");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject url(u"vnd.sun.star.zip://slot%3A0#foo");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(url.IsExoticProtocol());
+ }
+ {
+ INetURLObject
url(u"vnd.sun.star.zip://http%3A%2F%2Fexample.net");
+ CPPUNIT_ASSERT_EQUAL(INetProtocol::Generic, url.GetProtocol());
+ CPPUNIT_ASSERT(!url.IsExoticProtocol());
+ }
+ }
+
// Change the following lines only, if you add, remove or rename
// member functions of the current class,
// because these macros are need by auto register mechanism.
@@ -371,6 +414,7 @@ namespace tools_urlobj
CPPUNIT_TEST( testChangeScheme );
CPPUNIT_TEST( testTd146382 );
CPPUNIT_TEST( testParseSmart );
+ CPPUNIT_TEST( testIsExoticProtocol );
CPPUNIT_TEST_SUITE_END( );
}; // class createPool
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 7faf15dcd073..827fbe217965 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4891,10 +4891,21 @@ bool INetURLObject::IsExoticProtocol() const
{
return true;
}
- if (isSchemeEqualTo(u"vnd.sun.star.pkg") ||
isSchemeEqualTo(u"vnd.sun.star.zip"))
+ if (m_eScheme == INetProtocol::VndSunStarPkg) {
+ return
INetURLObject(GetHost(INetURLObject::DecodeMechanism::WithCharset))
+ .IsExoticProtocol();
+ }
+ if (isSchemeEqualTo(u"vnd.sun.star.zip"))
{
- OUString sPayloadURL =
GetURLPath(INetURLObject::DecodeMechanism::WithCharset);
- return sPayloadURL.startsWith(u"//") &&
INetURLObject(sPayloadURL.subView(2)).IsExoticProtocol();
+ OUString sPayloadURL =
GetURLPath(INetURLObject::DecodeMechanism::NONE);
+ if (!sPayloadURL.startsWith(u"//")) {
+ return false;
+ }
+ auto const find = [&sPayloadURL](auto c) {
+ auto const n = sPayloadURL.indexOf(c, 2);
+ return n == -1 ? sPayloadURL.getLength() : n;
+ };
+ return INetURLObject(decode(sPayloadURL.subView(2, std::min(find('/'),
find('?')) - 2),
INetURLObject::DecodeMechanism::WithCharset)).IsExoticProtocol();
}
return false;
}
commit 3a8a8e37ab426f3a237cfb0db592f9c1125f74f2
Author: Caolán McNamara <[email protected]>
AuthorDate: Fri Dec 6 14:41:19 2024 +0000
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
look at 'embedded' protocols too
Change-Id: Ie99f5f5a390639bdc69397c831e0a32594a5030c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177981
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <[email protected]>
(cherry picked from commit 59891cd3985469bc44dbd05c9fc704eeb07f0c78)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/177987
Reviewed-by: Stephan Bergmann <[email protected]>
(cherry picked from commit b63aa51c55244ee67410201fa5e7c003427b1009)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178164
Tested-by: Jenkins CollaboraOffice <[email protected]>
Reviewed-by: Miklos Vajna <[email protected]>
(cherry picked from commit e25d074b3163971d64d24976af1a9bd0634c8da5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178293
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 23a0d67d2717..7faf15dcd073 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4882,12 +4882,21 @@ OUString INetURLObject::CutExtension()
bool INetURLObject::IsExoticProtocol() const
{
- return m_eScheme == INetProtocol::Slot ||
- m_eScheme == INetProtocol::Macro ||
- m_eScheme == INetProtocol::Uno ||
- m_eScheme == INetProtocol::VndSunStarExpand ||
- isSchemeEqualTo(u"vnd.sun.star.script") ||
- isSchemeEqualTo(u"service");
+ if (m_eScheme == INetProtocol::Slot ||
+ m_eScheme == INetProtocol::Macro ||
+ m_eScheme == INetProtocol::Uno ||
+ m_eScheme == INetProtocol::VndSunStarExpand ||
+ isSchemeEqualTo(u"vnd.sun.star.script") ||
+ isSchemeEqualTo(u"service"))
+ {
+ return true;
+ }
+ if (isSchemeEqualTo(u"vnd.sun.star.pkg") ||
isSchemeEqualTo(u"vnd.sun.star.zip"))
+ {
+ OUString sPayloadURL =
GetURLPath(INetURLObject::DecodeMechanism::WithCharset);
+ return sPayloadURL.startsWith(u"//") &&
INetURLObject(sPayloadURL.subView(2)).IsExoticProtocol();
+ }
+ return false;
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit 509ce3e45de1208bddb94681c6da41578e3e7833
Author: Caolán McNamara <[email protected]>
AuthorDate: Fri Nov 15 12:30:39 2024 +0000
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
consider VndSunStarExpand an exotic protocol
and generally don't bother with it when fetching data
from urls
Change-Id: I51a2601c6fb7d6c32f9e2d1286ee0d3b05b370b9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176922
Reviewed-by: Miklos Vajna <[email protected]>
Tested-by: Jenkins CollaboraOffice <[email protected]>
(cherry picked from commit 4fbe740677b90d8b73842b60863e2f4c9f4ea382)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/178292
Reviewed-by: Caolán McNamara <[email protected]>
diff --git a/avmedia/source/viewer/mediawindow_impl.cxx
b/avmedia/source/viewer/mediawindow_impl.cxx
index 82ca1b92821c..7a6755e40052 100644
--- a/avmedia/source/viewer/mediawindow_impl.cxx
+++ b/avmedia/source/viewer/mediawindow_impl.cxx
@@ -170,15 +170,16 @@ void MediaWindowImpl::dispose()
uno::Reference<media::XPlayer> MediaWindowImpl::createPlayer(const OUString&
rURL, const OUString& rReferer, const OUString*)
{
- uno::Reference<media::XPlayer> xPlayer;
-
if( rURL.isEmpty() )
- return xPlayer;
+ return nullptr;
if (SvtSecurityOptions::isUntrustedReferer(rReferer))
- {
- return xPlayer;
- }
+ return nullptr;
+
+ if (INetURLObject(rURL).IsExoticProtocol())
+ return nullptr;
+
+ uno::Reference<media::XPlayer> xPlayer;
// currently there isn't anything else, throw any mime type to the media
players
//if (!pMimeType || *pMimeType == AVMEDIA_MIMETYPE_COMMON)
diff --git a/editeng/source/items/frmitems.cxx
b/editeng/source/items/frmitems.cxx
index 94b7704303ba..d79f75109a21 100644
--- a/editeng/source/items/frmitems.cxx
+++ b/editeng/source/items/frmitems.cxx
@@ -46,6 +46,7 @@
#include <svl/memberid.h>
#include <rtl/math.hxx>
#include <rtl/ustring.hxx>
+#include <sal/log.hxx>
#include <tools/mapunit.hxx>
#include <tools/UnitConversion.hxx>
#include <vcl/graphicfilter.hxx>
@@ -4398,6 +4399,13 @@ const GraphicObject*
SvxBrushItem::GetGraphicObject(OUString const & referer) co
return nullptr;
}
+ INetURLObject aGraphicURL( maStrLink );
+ if (aGraphicURL.IsExoticProtocol())
+ {
+ SAL_WARN("editeng", "Ignore exotic protocol: " << maStrLink);
+ return nullptr;
+ }
+
// tdf#94088 prepare graphic and state
Graphic aGraphic;
bool bGraphicLoaded = false;
@@ -4418,8 +4426,6 @@ const GraphicObject*
SvxBrushItem::GetGraphicObject(OUString const & referer) co
// a 'data:' scheme url and try to load that (embedded graphics)
if(!bGraphicLoaded)
{
- INetURLObject aGraphicURL( maStrLink );
-
if( INetProtocol::Data == aGraphicURL.GetProtocol() )
{
std::unique_ptr<SvMemoryStream> const
xMemStream(aGraphicURL.getData());
diff --git a/embeddedobj/source/commonembedding/persistence.cxx
b/embeddedobj/source/commonembedding/persistence.cxx
index 1ccd15884318..35154da9b75f 100644
--- a/embeddedobj/source/commonembedding/persistence.cxx
+++ b/embeddedobj/source/commonembedding/persistence.cxx
@@ -54,6 +54,7 @@
#include <comphelper/mimeconfighelper.hxx>
#include <comphelper/namedvaluecollection.hxx>
#include <comphelper/propertyvalue.hxx>
+#include <tools/urlobj.hxx>
#include <unotools/mediadescriptor.hxx>
#include <comphelper/diagnose_ex.hxx>
@@ -373,11 +374,19 @@ uno::Reference< util::XCloseable >
OCommonEmbeddedObject::LoadLink_Impl()
uno::Sequence< beans::PropertyValue > aArgs(
m_aDocMediaDescriptor.getLength() + nLen );
auto pArgs = aArgs.getArray();
- pArgs[0].Name = "URL";
- if(m_aLinkTempFile.is())
- pArgs[0].Value <<= m_aLinkTempFile->getUri();
+ OUString sURL;
+ if (m_aLinkTempFile.is())
+ sURL = m_aLinkTempFile->getUri();
else
- pArgs[0].Value <<= m_aLinkURL;
+ sURL = m_aLinkURL;
+ if (INetURLObject(sURL).IsExoticProtocol())
+ {
+ SAL_WARN("embeddedobj.common", "Ignore exotic protocol: " <<
pArgs[0].Value);
+ return nullptr;
+ }
+
+ pArgs[0].Name = "URL";
+ pArgs[0].Value <<= sURL;
pArgs[1].Name = "FilterName";
pArgs[1].Value <<= m_aLinkFilterName;
diff --git a/forms/source/component/ImageControl.cxx
b/forms/source/component/ImageControl.cxx
index c2bc0953c6c8..0187456b0e8d 100644
--- a/forms/source/component/ImageControl.cxx
+++ b/forms/source/component/ImageControl.cxx
@@ -398,6 +398,10 @@ void OImageControlModel::read(const
Reference<XObjectInputStream>& _rxInStream)
bool OImageControlModel::impl_updateStreamForURL_lck( const OUString& _rURL,
ValueChangeInstigator _eInstigator )
{
+ if (INetURLObject(_rURL).IsExoticProtocol()) {
+ return false;
+ }
+
// create a stream for the image specified by the URL
std::unique_ptr< SvStream > pImageStream;
Reference< XInputStream > xImageStream;
diff --git a/forms/source/component/clickableimage.cxx
b/forms/source/component/clickableimage.cxx
index e1f6f068faf0..4908c12edfa9 100644
--- a/forms/source/component/clickableimage.cxx
+++ b/forms/source/component/clickableimage.cxx
@@ -736,7 +736,7 @@ namespace frm
// the SfxMedium is not allowed to be created with an invalid URL, so
we have to check this first
INetURLObject aUrl(rURL);
- if (INetProtocol::NotValid == aUrl.GetProtocol())
+ if (INetProtocol::NotValid == aUrl.GetProtocol() ||
aUrl.IsExoticProtocol())
// we treat an invalid URL like we would treat no URL
return;
diff --git a/sfx2/source/appl/linkmgr2.cxx b/sfx2/source/appl/linkmgr2.cxx
index 6a3e0c7e8821..587b99399f66 100644
--- a/sfx2/source/appl/linkmgr2.cxx
+++ b/sfx2/source/appl/linkmgr2.cxx
@@ -524,8 +524,11 @@ bool LinkManager::GetGraphicFromAny(std::u16string_view
rMimeType,
sReferer = sh->GetMedium()->GetName();
OUString sURL = rValue.get<OUString>();
- if (!SvtSecurityOptions::isUntrustedReferer(sReferer))
+ if (!SvtSecurityOptions::isUntrustedReferer(sReferer) &&
+ !INetURLObject(sURL).IsExoticProtocol())
+ {
rGraphic = vcl::graphic::loadFromURL(sURL, pParentWin);
+ }
if (rGraphic.IsNone())
rGraphic.SetDefaultType();
rGraphic.setOriginURL(sURL);
diff --git a/sw/source/filter/html/htmlgrin.cxx
b/sw/source/filter/html/htmlgrin.cxx
index 1deccee5f9b2..1a5252aa1c6a 100644
--- a/sw/source/filter/html/htmlgrin.cxx
+++ b/sw/source/filter/html/htmlgrin.cxx
@@ -673,7 +673,8 @@ IMAGE_SETEVENT:
bool bNeedWidth = (!bPercentWidth && !nWidth) || bRelWidthScale;
bool bRelHeightScale = bPercentHeight && nHeight ==
SwFormatFrameSize::SYNCED;
bool bNeedHeight = (!bPercentHeight && !nHeight) || bRelHeightScale;
- if ((bNeedWidth || bNeedHeight) && !bFuzzing && allowAccessLink(*m_xDoc))
+ if ((bNeedWidth || bNeedHeight) && !bFuzzing && allowAccessLink(*m_xDoc) &&
+ !aGraphicURL.IsExoticProtocol())
{
GraphicDescriptor aDescriptor(aGraphicURL);
if (aDescriptor.Detect(/*bExtendedInfo=*/true))
diff --git a/toolkit/source/controls/unocontrols.cxx
b/toolkit/source/controls/unocontrols.cxx
index 7ce4b471c80c..51cebfd5f88d 100644
--- a/toolkit/source/controls/unocontrols.cxx
+++ b/toolkit/source/controls/unocontrols.cxx
@@ -32,6 +32,7 @@
#include <controls/formattedcontrol.hxx>
#include <toolkit/controls/unocontrols.hxx>
#include <helper/property.hxx>
+#include <tools/urlobj.hxx>
#include <toolkit/helper/macros.hxx>
// for introspection
@@ -68,7 +69,7 @@ css::uno::Reference< css::graphic::XGraphic >
ImageHelper::getGraphicFromURL_nothrow( const OUString& _rURL )
{
uno::Reference< graphic::XGraphic > xGraphic;
- if ( _rURL.isEmpty() )
+ if (_rURL.isEmpty() || INetURLObject(_rURL).IsExoticProtocol())
return xGraphic;
try
diff --git a/tools/source/fsys/urlobj.cxx b/tools/source/fsys/urlobj.cxx
index 35b5e9244191..23a0d67d2717 100644
--- a/tools/source/fsys/urlobj.cxx
+++ b/tools/source/fsys/urlobj.cxx
@@ -4885,6 +4885,7 @@ bool INetURLObject::IsExoticProtocol() const
return m_eScheme == INetProtocol::Slot ||
m_eScheme == INetProtocol::Macro ||
m_eScheme == INetProtocol::Uno ||
+ m_eScheme == INetProtocol::VndSunStarExpand ||
isSchemeEqualTo(u"vnd.sun.star.script") ||
isSchemeEqualTo(u"service");
}
diff --git a/unotools/source/misc/mediadescriptor.cxx
b/unotools/source/misc/mediadescriptor.cxx
index b8bb7f13469e..11e6f1e4619a 100644
--- a/unotools/source/misc/mediadescriptor.cxx
+++ b/unotools/source/misc/mediadescriptor.cxx
@@ -334,6 +334,9 @@ bool MediaDescriptor::impl_openStreamWithPostData( const
css::uno::Reference< cs
/*-----------------------------------------------*/
bool MediaDescriptor::impl_openStreamWithURL( const OUString& sURL, bool
bLockFile )
{
+ if (INetURLObject(sURL).IsExoticProtocol())
+ return false;
+
OUString referer(getUnpackedValueOrDefault(PROP_REFERRER, OUString()));
if (SvtSecurityOptions::isUntrustedReferer(referer)) {
return false;
diff --git a/vcl/source/filter/graphicfilter.cxx
b/vcl/source/filter/graphicfilter.cxx
index 3c5b559d4d61..11b69da50c16 100644
--- a/vcl/source/filter/graphicfilter.cxx
+++ b/vcl/source/filter/graphicfilter.cxx
@@ -488,10 +488,16 @@ ErrCode GraphicFilter::CanImportGraphic(
std::u16string_view rMainUrl, SvStream&
ErrCode GraphicFilter::ImportGraphic( Graphic& rGraphic, const INetURLObject&
rPath,
sal_uInt16 nFormat, sal_uInt16 *
pDeterminedFormat, GraphicFilterImportFlags nImportFlags )
{
- ErrCode nRetValue = ERRCODE_GRFILTER_FORMATERROR;
SAL_WARN_IF( rPath.GetProtocol() == INetProtocol::NotValid, "vcl.filter",
"GraphicFilter::ImportGraphic() : ProtType == INetProtocol::NotValid" );
OUString aMainUrl( rPath.GetMainURL(
INetURLObject::DecodeMechanism::NONE ) );
+ if (rPath.IsExoticProtocol())
+ {
+ SAL_WARN("vcl.filter", "GraphicFilter::ImportGraphic(), ignore exotic
protocol: " << aMainUrl);
+ return ERRCODE_GRFILTER_FORMATERROR;
+ }
+
+ ErrCode nRetValue = ERRCODE_GRFILTER_FORMATERROR;
std::unique_ptr<SvStream> xStream(::utl::UcbStreamHelper::CreateStream(
aMainUrl, StreamMode::READ | StreamMode::SHARE_DENYNONE ));
if (xStream)
{
commit 532fc9f8450662eda6e56f08325e8746a0a7d283
Author: Caolán McNamara <[email protected]>
AuthorDate: Fri Nov 8 16:51:47 2024 +0000
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
be conservative on allowed temp font names
Change-Id: Iefdc1a8c9b4c7e8c08c84f747f8287ac3c419839
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176286
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <[email protected]>
Reviewed-by: Michael Stahl <[email protected]>
diff --git a/vcl/source/gdi/embeddedfontshelper.cxx
b/vcl/source/gdi/embeddedfontshelper.cxx
index afddbf41387c..09507ef169f8 100644
--- a/vcl/source/gdi/embeddedfontshelper.cxx
+++ b/vcl/source/gdi/embeddedfontshelper.cxx
@@ -19,6 +19,7 @@
#include <vcl/svapp.hxx>
#include <vcl/embeddedfontshelper.hxx>
#include <com/sun/star/io/XInputStream.hpp>
+#include <comphelper/storagehelper.hxx>
#include <font/PhysicalFontFaceCollection.hxx>
#include <font/PhysicalFontCollection.hxx>
@@ -191,10 +192,6 @@ void EmbeddedFontsHelper::activateFonts()
OUString EmbeddedFontsHelper::fileUrlForTemporaryFont( const OUString&
fontName, const char* extra )
{
- OUString path = "${$BRAND_BASE_DIR/" LIBO_ETC_FOLDER "/" SAL_CONFIGFILE(
"bootstrap") "::UserInstallation}";
- rtl::Bootstrap::expandMacros( path );
- path += "/user/temp/embeddedfonts/fromdocs/";
- osl::Directory::createPath( path );
OUString filename = fontName;
static int uniqueCounter = 0;
if( strcmp( extra, "?" ) == 0 )
@@ -202,6 +199,17 @@ OUString EmbeddedFontsHelper::fileUrlForTemporaryFont(
const OUString& fontName,
else
filename += OStringToOUString( extra, RTL_TEXTENCODING_ASCII_US );
filename += ".ttf"; // TODO is it always ttf?
+
+ if (!::comphelper::OStorageHelper::IsValidZipEntryFileName(filename,
false))
+ {
+ SAL_WARN( "vcl.fonts", "Cannot use filename: " << filename << " for
temporary font");
+ filename = "font" + OUString::number(uniqueCounter++) + ".ttf";
+ }
+
+ OUString path = "${$BRAND_BASE_DIR/" LIBO_ETC_FOLDER "/" SAL_CONFIGFILE(
"bootstrap") "::UserInstallation}";
+ rtl::Bootstrap::expandMacros( path );
+ path += "/user/temp/embeddedfonts/fromdocs/";
+ osl::Directory::createPath( path );
return path + filename;
}
commit 175c124aec9fa8e6a8cbf1be1efd71afdc5a2bf9
Author: Michael Stahl <[email protected]>
AuthorDate: Fri Aug 2 14:24:29 2024 +0200
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
nss: upgrade to release 3.102.1
Not sure what moz#1905691 is but they did an ESR release for it...
Change-Id: I271d592dd9d61157f4fbe819258c90414c1b4e52
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171425
Tested-by: Jenkins
Reviewed-by: Michael Stahl <[email protected]>
diff --git a/download.lst b/download.lst
index 3ab0be63dd84..d951979a85ad 100644
--- a/download.lst
+++ b/download.lst
@@ -397,8 +397,8 @@ MYTHES_TARBALL := mythes-1.2.5.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-NSS_SHA256SUM :=
566faa9283ff3d9a7d6c44272df6e4330e3e06ca4e841a68840d31b27c9161c4
-NSS_TARBALL := nss-3.101-with-nspr-4.35.tar.gz
+NSS_SHA256SUM :=
ddfdec73fb4b0eedce5fc4de09de9ba14d2ddbfbf67e42372903e1510f2d3d65
+NSS_TARBALL := nss-3.102.1-with-nspr-4.35.tar.gz
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit a278dbb9b824ad71c4ea3b6bab15b8e473cbbebf
Author: Xisco Fauli <[email protected]>
AuthorDate: Tue Jun 11 09:50:36 2024 +0200
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
nss: upgrade to 3.101
Downloaded from
https://ftp.mozilla.org/pub/security/nss/releases/NSS_3_101_RTM/src/nss-3.101-with-nspr-4.35.tar.gz
Change-Id: I8314faf1af069a5dc438f0d53f327ae2193ca59d
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168663
Reviewed-by: Xisco Fauli <[email protected]>
Tested-by: Jenkins
diff --git a/download.lst b/download.lst
index 70a8114c7bd9..3ab0be63dd84 100644
--- a/download.lst
+++ b/download.lst
@@ -397,8 +397,8 @@ MYTHES_TARBALL := mythes-1.2.5.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-NSS_SHA256SUM :=
5f29fea64b3234b33a615b6df40469e239a4168ac0909106bd00e6490b274c31
-NSS_TARBALL := nss-3.99-with-nspr-4.35.tar.gz
+NSS_SHA256SUM :=
566faa9283ff3d9a7d6c44272df6e4330e3e06ca4e841a68840d31b27c9161c4
+NSS_TARBALL := nss-3.101-with-nspr-4.35.tar.gz
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit bc26ad62c535c6e6d0a7bc21727ab8e240c0a3a9
Author: Xisco Fauli <[email protected]>
AuthorDate: Mon Mar 25 10:56:38 2024 +0100
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
nss: upgrade to release 3.99
Change-Id: I77ccc45854b2d0aecc288f471d94c81ad9089f85
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165273
Tested-by: Xisco Fauli <[email protected]>
Reviewed-by: Xisco Fauli <[email protected]>
diff --git a/download.lst b/download.lst
index c0816eaf4280..70a8114c7bd9 100644
--- a/download.lst
+++ b/download.lst
@@ -397,8 +397,8 @@ MYTHES_TARBALL := mythes-1.2.5.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-NSS_SHA256SUM :=
59bb55a59b02e4004fc26ad0aa1a13fe8d73c6c90c447dd2f2efb73fb81083ed
-NSS_TARBALL := nss-3.98-with-nspr-4.35.tar.gz
+NSS_SHA256SUM :=
5f29fea64b3234b33a615b6df40469e239a4168ac0909106bd00e6490b274c31
+NSS_TARBALL := nss-3.99-with-nspr-4.35.tar.gz
# three static lines
# so that git cherry-pick
# will not run into conflicts
commit 6dfa545317899cece0a2f3891ee93f596683e9bf
Author: Michael Stahl <[email protected]>
AuthorDate: Wed Sep 18 11:20:43 2024 +0200
Commit: Thorsten Behrens <[email protected]>
CommitDate: Fri Feb 14 01:26:13 2025 +0100
libtiff: upgrade to release 4.7.0
Fixes CVE-2023-52356 CVE-2024-7006
ofz65182.patch was apparently merged upstream and then reverted;
Caolán suggested to drop the patch and see if ofz still finds a problem
there.
Change-Id: I0967708f19a7151b020372eca3c906b30f693db9
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/173602
Tested-by: Jenkins
Reviewed-by: Michael Stahl <[email protected]>
diff --git a/download.lst b/download.lst
index 7d536c8f714b..c0816eaf4280 100644
--- a/download.lst
+++ b/download.lst
@@ -453,8 +453,8 @@ LIBPNG_TARBALL := libpng-1.6.40.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
-LIBTIFF_SHA256SUM :=
d6da35c9986a4ec845eb96258b3693f8df515f7eb4c1e597ceb03e22788f305b
-LIBTIFF_TARBALL := tiff-4.6.0t.tar.xz
+LIBTIFF_SHA256SUM :=
273a0a73b1f0bed640afee4a5df0337357ced5b53d3d5d1c405b936501f71017
+LIBTIFF_TARBALL := tiff-4.7.0.tar.xz
# three static lines
# so that git cherry-pick
# will not run into conflicts
