community/raptor2: backport fix for CVE-2017-18926

93fca7e4 · Natanael Copa · Leo · 908046ad · 93fca7e4 · 93fca7e4
Commit 93fca7e4 authored 4 years ago by Natanael Copa Committed by Leo 4 years ago
--- a/community/raptor2/APKBUILD
+++ b/community/raptor2/APKBUILD
-# Contributor: 
+# Contributor:
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=raptor2
 pkgver=2.0.15
-pkgrel=1
+pkgrel=2
 pkgdesc="RDF parser toolkit for Redland"
 url="http://www.librdf.org/raptor"
 arch="all"
@@ -12,7 +12,13 @@ depends_dev="curl-dev libxml2-dev libxslt-dev yajl-dev"
 makedepends="$depends_dev"
 install=""
 subpackages="$pkgname-dev $pkgname-doc"
-source="http://download.librdf.org/source/raptor2-$pkgver.tar.gz"
+source="http://download.librdf.org/source/raptor2-$pkgver.tar.gz
+	CVE-2017-18926.patch
+	"
+
+# secfixes:
+#   2.0.15-r2:
+#     - CVE-2017-18926

 _builddir="$srcdir"/raptor2-$pkgver
 prepare() {
@@ -46,4 +52,5 @@ package() {
 	make DESTDIR="$pkgdir" install || return 1
 }

-sha512sums="563dd01869eb4df8524ec12e2c0a541653874dcd834bd1eb265bc2943bb616968f624121d4688579cdce11b4f00a8ab53b7099f1a0850e256bb0a2c16ba048ee  raptor2-2.0.15.tar.gz"
+sha512sums="563dd01869eb4df8524ec12e2c0a541653874dcd834bd1eb265bc2943bb616968f624121d4688579cdce11b4f00a8ab53b7099f1a0850e256bb0a2c16ba048ee  raptor2-2.0.15.tar.gz
+203ae75dae8242fb7988a199df8a7337b0660871f5caa6c9098167536ba880ad55765bb60fd4315020f208ed3ae8dc03eb1b91241851410a961a797192ecb969  CVE-2017-18926.patch"
--- a/community/raptor2/CVE-2017-18926.patch
+++ b/community/raptor2/CVE-2017-18926.patch
+From 590681e546cd9aa18d57dc2ea1858cb734a3863f Mon Sep 17 00:00:00 2001
+From: Dave Beckett <dave@dajobe.org>
+Date: Sun, 16 Apr 2017 23:15:12 +0100
+Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
+
+(raptor_xml_writer_start_element_common): Calculate max including for
+each attribute a potential name and value.
+
+Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
+and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
+---
+ src/raptor_xml_writer.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
+index 693b9468..0d3a36a5 100644
+--- a/src/raptor_xml_writer.c
+++ b/src/raptor_xml_writer.c
+@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+   size_t nspace_declarations_count = 0;  
+   unsigned int i;
+ 
+-  /* max is 1 per element and 1 for each attribute + size of declared */
+   if(nstack) {
+-    int nspace_max_count = element->attribute_count+1;
+    int nspace_max_count = element->attribute_count * 2; /* attr and value */
+    if(element->name->nspace)
+      nspace_max_count++;
+     if(element->declared_nspaces)
+       nspace_max_count += raptor_sequence_size(element->declared_nspaces);
+     if(element->xml_language)
+@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+         }
+       }
+ 
+-      /* Add the attribute + value */
+      /* Add the attribute's value */
+       nspace_declarations[nspace_declarations_count].declaration=
+         raptor_qname_format_as_xml(element->attributes[i],
+                                    &nspace_declarations[nspace_declarations_count].length);