packages/expat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!43 CVE-2022-40674

Browse Source 
From: @dillon_chen 
Reviewed-by: @overweight 
Signed-off-by: @overweight
This commit is contained in:
openeuler-ci-bot 2022-09-15 03:33:38 +00:00 committed by Gitee
commit 3418237b0e
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
expat.spec
View File

@ -1,11 +1,12 @@
%define Rversion %(echo %{version} | sed -e 's/\\./_/g' -e 's/^/R_/')
Name: expat
Version: 2.4.8
Release: 1
Release: 2
Summary: An XML parser library
License: MIT
URL: https://libexpat.github.io/
Source0: https://github.com/libexpat/libexpat/releases/download/%{Rversion}/expat-%{version}.tar.gz
Patch1: xmlparse.CVE-2022-40674.patch
BuildRequires: sed,autoconf,automake,gcc-c++,libtool,xmlto
@ -59,6 +60,9 @@ make check
%{_mandir}/man1/*
%changelog
* Thu Sep 15 2022 dillon chen<dillon.chen@gmail.com> -2.4.8-2
- fix CVE-2022-40674
* Fri Jul 1 2022 panxiaohe <panxh.life@foxmail.com> - 2.4.8-1
- update to 2.4.8

31
xmlparse.CVE-2022-40674.patch Normal file
View File

@ -0,0 +1,31 @@
--- expat-2.4.8/lib/xmlparse.c 2022-03-29 05:11:43.000000000 +0800
+++ xmlparse.c 2022-09-15 10:56:50.317146415 +0800
@@ -4271,7 +4271,7 @@
const XML_Char *storedEncName = NULL;
const ENCODING *newEncoding = NULL;
const char *version = NULL;
- const char *versionend;
+ const char *versionend = NULL;
const XML_Char *storedversion = NULL;
int standalone = -1;
@@ -5826,10 +5826,15 @@
{
parser->m_processor = contentProcessor;
/* see externalEntityContentProcessor vs contentProcessor */
- return doContent(parser, parser->m_parentParser ? 1 : 0, parser->m_encoding,
- s, end, nextPtr,
- (XML_Bool)! parser->m_parsingStatus.finalBuffer,
- XML_ACCOUNT_DIRECT);
+ result = doContent(parser, parser->m_parentParser ? 1 : 0,
+ parser->m_encoding, s, end, nextPtr,
+ (XML_Bool)! parser->m_parsingStatus.finalBuffer,
+ XML_ACCOUNT_DIRECT);
+ if (result == XML_ERROR_NONE) {
+ if (! storeRawNames(parser))
+ return XML_ERROR_NO_MEMORY;
+ }
+ return result;
}
}