packages/gsoap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!2 Upgrade package to version 2.8.124

Browse Source 
From: @lyn1001 
Reviewed-by: @caodongxia 
Signed-off-by: @caodongxia
This commit is contained in:
openeuler-ci-bot 2023-05-08 06:30:49 +00:00 committed by Gitee
commit e7e2f56184
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
8 changed files with 37 additions and 495 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
gsoap-libtool.patch
View File

@ -1,8 +1,8 @@
diff -ur gsoap-2.8.orig/configure.ac gsoap-2.8/configure.ac diff -ur gsoap-2.8.orig/configure.ac gsoap-2.8/configure.ac
--- gsoap-2.8.orig/configure.ac 2020-06-30 21:02:21.000000000 +0200 --- gsoap-2.8.orig/configure.ac 2022-12-04 22:03:49.000000000 +0100
+++ gsoap-2.8/configure.ac 2020-07-21 22:24:34.231537804 +0200 +++ gsoap-2.8/configure.ac 2022-12-21 06:11:12.732737406 +0100
@@ -16,8 +16,7 @@ @@ -15,8 +15,7 @@
AM_PROG_LEX AM_PROG_LEX([noyywrap])
AC_PROG_YACC AC_PROG_YACC
AC_PROG_CPP AC_PROG_CPP
-AC_PROG_RANLIB -AC_PROG_RANLIB
@ -11,7 +11,7 @@ diff -ur gsoap-2.8.orig/configure.ac gsoap-2.8/configure.ac
AC_PROG_LN_S AC_PROG_LN_S
AC_PROG_AWK AC_PROG_AWK
AC_PROG_INSTALL AC_PROG_INSTALL
@@ -307,15 +306,15 @@ @@ -303,15 +302,15 @@
WSDL2H_EXTRA_LIBS="${WSDL2H_EXTRA_LIBS} -lgnutls -lgcrypt -lgpg-error -lz" WSDL2H_EXTRA_LIBS="${WSDL2H_EXTRA_LIBS} -lgnutls -lgcrypt -lgpg-error -lz"
SAMPLE_INCLUDES= SAMPLE_INCLUDES=
SAMPLE_SSL_LIBS="-lgnutls -lgcrypt -lgpg-error -lz" SAMPLE_SSL_LIBS="-lgnutls -lgcrypt -lgpg-error -lz"
@ -30,7 +30,7 @@ diff -ur gsoap-2.8.orig/configure.ac gsoap-2.8/configure.ac
fi fi
if test -n "$ZLIB"; then if test -n "$ZLIB"; then
WSDL2H_EXTRA_FLAGS="-I${ZLIB}/include ${WSDL2H_EXTRA_FLAGS}" WSDL2H_EXTRA_FLAGS="-I${ZLIB}/include ${WSDL2H_EXTRA_FLAGS}"
@@ -334,7 +333,7 @@ @@ -330,7 +329,7 @@
WSDL2H_EXTRA_FLAGS= WSDL2H_EXTRA_FLAGS=
SAMPLE_SSL_LIBS= SAMPLE_SSL_LIBS=
SAMPLE_INCLUDES= SAMPLE_INCLUDES=
@ -40,8 +40,8 @@ diff -ur gsoap-2.8.orig/configure.ac gsoap-2.8/configure.ac
AM_CONDITIONAL([WITH_OPENSSL], [test "x$with_openssl" = "xyes" -a "x$with_gnutls" != "xyes"]) AM_CONDITIONAL([WITH_OPENSSL], [test "x$with_openssl" = "xyes" -a "x$with_gnutls" != "xyes"])
AC_SUBST(WSDL2H_EXTRA_FLAGS) AC_SUBST(WSDL2H_EXTRA_FLAGS)
diff -ur gsoap-2.8.orig/gsoap/Makefile.am gsoap-2.8/gsoap/Makefile.am diff -ur gsoap-2.8.orig/gsoap/Makefile.am gsoap-2.8/gsoap/Makefile.am
--- gsoap-2.8.orig/gsoap/Makefile.am 2020-06-30 21:02:23.000000000 +0200 --- gsoap-2.8.orig/gsoap/Makefile.am 2022-12-04 22:03:49.000000000 +0100
+++ gsoap-2.8/gsoap/Makefile.am 2020-07-21 22:24:34.231537804 +0200 +++ gsoap-2.8/gsoap/Makefile.am 2022-12-21 06:11:12.733737409 +0100
@@ -34,20 +34,30 @@ @@ -34,20 +34,30 @@
dom_cpp.cpp: dom.cpp dom_cpp.cpp: dom.cpp
$(LN_S) -f $(top_srcdir)/gsoap/dom.cpp dom_cpp.cpp $(LN_S) -f $(top_srcdir)/gsoap/dom.cpp dom_cpp.cpp
@ -87,8 +87,8 @@ diff -ur gsoap-2.8.orig/gsoap/Makefile.am gsoap-2.8/gsoap/Makefile.am
BUILT_SOURCES = stdsoap2_cpp.cpp dom_cpp.cpp stdsoap2_ck.c stdsoap2_ck_cpp.cpp stdsoap2_ssl.c stdsoap2_ssl_cpp.cpp BUILT_SOURCES = stdsoap2_cpp.cpp dom_cpp.cpp stdsoap2_ck.c stdsoap2_ck_cpp.cpp stdsoap2_ssl.c stdsoap2_ssl_cpp.cpp
diff -ur gsoap-2.8.orig/gsoap/samples/autotest/Makefile.am gsoap-2.8/gsoap/samples/autotest/Makefile.am diff -ur gsoap-2.8.orig/gsoap/samples/autotest/Makefile.am gsoap-2.8/gsoap/samples/autotest/Makefile.am
--- gsoap-2.8.orig/gsoap/samples/autotest/Makefile.am 2020-06-30 21:02:24.000000000 +0200 --- gsoap-2.8.orig/gsoap/samples/autotest/Makefile.am 2022-12-04 22:03:49.000000000 +0100
+++ gsoap-2.8/gsoap/samples/autotest/Makefile.am 2020-07-21 22:24:34.231537804 +0200 +++ gsoap-2.8/gsoap/samples/autotest/Makefile.am 2022-12-21 06:11:12.733737409 +0100
@@ -14,7 +14,7 @@ @@ -14,7 +14,7 @@
WSDLINPUT=$(top_srcdir)/gsoap/samples/autotest/examples.wsdl WSDLINPUT=$(top_srcdir)/gsoap/samples/autotest/examples.wsdl
SOAPHEADER=$(top_srcdir)/gsoap/samples/autotest/examples.h SOAPHEADER=$(top_srcdir)/gsoap/samples/autotest/examples.h
@ -99,8 +99,8 @@ diff -ur gsoap-2.8.orig/gsoap/samples/autotest/Makefile.am gsoap-2.8/gsoap/sampl
$(SOAP_CPP_SRC) : $(WSDLINPUT) $(SOAP_CPP_SRC) : $(WSDLINPUT)
$(WSDL) $(WSDL_FLAGS) $(WSDLINPUT) $(WSDL) $(WSDL_FLAGS) $(WSDLINPUT)
diff -ur gsoap-2.8.orig/gsoap/samples/databinding/Makefile.am gsoap-2.8/gsoap/samples/databinding/Makefile.am diff -ur gsoap-2.8.orig/gsoap/samples/databinding/Makefile.am gsoap-2.8/gsoap/samples/databinding/Makefile.am
--- gsoap-2.8.orig/gsoap/samples/databinding/Makefile.am 2020-06-30 21:02:25.000000000 +0200 --- gsoap-2.8.orig/gsoap/samples/databinding/Makefile.am 2022-12-04 22:03:50.000000000 +0100
+++ gsoap-2.8/gsoap/samples/databinding/Makefile.am 2020-07-21 22:24:34.232537807 +0200 +++ gsoap-2.8/gsoap/samples/databinding/Makefile.am 2022-12-21 06:11:12.733737409 +0100
@@ -14,7 +14,7 @@ @@ -14,7 +14,7 @@
WSDLINPUT=$(top_srcdir)/gsoap/samples/databinding/address.xsd WSDLINPUT=$(top_srcdir)/gsoap/samples/databinding/address.xsd
SOAPHEADER=$(top_srcdir)/gsoap/samples/databinding/address.h SOAPHEADER=$(top_srcdir)/gsoap/samples/databinding/address.h
@ -111,8 +111,8 @@ diff -ur gsoap-2.8.orig/gsoap/samples/databinding/Makefile.am gsoap-2.8/gsoap/sa
$(SOAP_CPP_SRC) : $(WSDLINPUT) $(SOAP_CPP_SRC) : $(WSDLINPUT)
$(WSDL) $(WSDL_FLAGS) $(WSDLINPUT) $(WSDL) $(WSDL_FLAGS) $(WSDLINPUT)
diff -ur gsoap-2.8.orig/gsoap/samples/Makefile.defines gsoap-2.8/gsoap/samples/Makefile.defines diff -ur gsoap-2.8.orig/gsoap/samples/Makefile.defines gsoap-2.8/gsoap/samples/Makefile.defines
--- gsoap-2.8.orig/gsoap/samples/Makefile.defines 2020-06-30 21:02:25.000000000 +0200 --- gsoap-2.8.orig/gsoap/samples/Makefile.defines 2022-12-04 22:03:50.000000000 +0100
+++ gsoap-2.8/gsoap/samples/Makefile.defines 2020-07-21 22:24:34.232537807 +0200 +++ gsoap-2.8/gsoap/samples/Makefile.defines 2022-12-21 06:11:12.734737411 +0100
@@ -13,13 +13,13 @@ @@ -13,13 +13,13 @@
SOAP_C_CORE=soapC.c SOAP_C_CORE=soapC.c
SOAP_C_CLIENT=soapClient.c $(SOAP_C_CORE) SOAP_C_CLIENT=soapClient.c $(SOAP_C_CORE)

336
gsoap-plugins-hardening.patch
View File

@ -1,336 +0,0 @@
diff -ur gsoap2-code-r191/gsoap/plugin/httpda.c gsoap2-code-r192/gsoap/plugin/httpda.c
--- gsoap2-code-r191/gsoap/plugin/httpda.c 2020-06-30 21:06:47.000000000 +0200
+++ gsoap2-code-r192/gsoap/plugin/httpda.c 2020-11-19 19:29:25.000000000 +0100
@@ -1460,7 +1460,7 @@
MUTEX_LOCK(http_da_session_lock);
for (session = http_da_session; session; session = session->next)
- if (!strcmp(session->realm, realm) && !strcmp(session->nonce, nonce) && !strcmp(session->opaque, opaque))
+ if (session->realm && session->nonce && session->opaque && !strcmp(session->realm, realm) && !strcmp(session->nonce, nonce) && !strcmp(session->opaque, opaque))
break;
if (session)
diff -ur gsoap2-code-r191/gsoap/plugin/wsaapi.c gsoap2-code-r192/gsoap/plugin/wsaapi.c
--- gsoap2-code-r191/gsoap/plugin/wsaapi.c 2020-06-30 21:06:47.000000000 +0200
+++ gsoap2-code-r192/gsoap/plugin/wsaapi.c 2020-11-19 19:29:25.000000000 +0100
@@ -1056,7 +1056,7 @@
oldheader->SOAP_WSA(FaultTo)->Address = oldheader->SOAP_WSA(ReplyTo)->Address;
}
/* use FaultTo */
- if (oldheader && oldheader->SOAP_WSA(FaultTo) && !strcmp(oldheader->SOAP_WSA(FaultTo)->Address, soap_wsa_noneURI))
+ if (oldheader && oldheader->SOAP_WSA(FaultTo) && oldheader->SOAP_WSA(FaultTo)->Address && !strcmp(oldheader->SOAP_WSA(FaultTo)->Address, soap_wsa_noneURI))
return soap_send_empty_response(soap, SOAP_OK); /* HTTP ACCEPTED */
soap->header = NULL;
/* allocate a new header */
diff -ur gsoap2-code-r191/gsoap/plugin/wsseapi.c gsoap2-code-r192/gsoap/plugin/wsseapi.c
--- gsoap2-code-r191/gsoap/plugin/wsseapi.c 2020-10-16 23:01:09.000000000 +0200
+++ gsoap2-code-r192/gsoap/plugin/wsseapi.c 2020-11-19 19:29:25.000000000 +0100
@@ -2957,7 +2957,7 @@
else
{
/* check password text */
- if (!strcmp(token->Password->__item, password))
+ if (token->Password->__item && !strcmp(token->Password->__item, password))
return SOAP_OK;
}
}
@@ -3119,6 +3119,7 @@
{
_wsse__BinarySecurityToken *token = soap_wsse_BinarySecurityToken(soap, id);
DBGFUN1("soap_wsse_get_BinarySecurityToken", "id=%s", id?id:"");
+ *data = NULL;
if (token)
{
*valueType = token->ValueType;
@@ -3149,9 +3150,9 @@
X509 *cert = NULL;
char *valueType = NULL;
#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
- const unsigned char *data;
+ const unsigned char *data = NULL;
#else
- unsigned char *data;
+ unsigned char *data = NULL;
#endif
int size;
DBGFUN1("soap_wsse_get_BinarySecurityTokenX509", "id=%s", id?id:"");
@@ -3271,7 +3272,7 @@
SOAP_FMAC2
soap_wsse_add_SecurityContextToken(struct soap *soap, const char *id, const char *identifier)
{
- char *URI;
+ char *URI = NULL;
size_t l;
_wsse__Security *security = soap_wsse_add_Security(soap);
DBGFUN2("soap_wsse_add_SecurityContextToken", "id=%s", id, "identifier=%s", identifier?identifier:"");
@@ -3653,7 +3654,7 @@
{
ds__SignatureType *signature = soap_wsse_add_Signature(soap);
const char *method = NULL;
- char *sig;
+ char *sig = NULL;
int siglen;
int err;
const char *c14ninclude = soap->c14ninclude;
@@ -3884,10 +3885,10 @@
&& signature->SignedInfo
&& signature->SignatureValue)
{
- char *sig;
- const char *sigval;
+ char *sig = NULL;
+ const char *sigval = NULL;
int method, bits, siglen, sigvallen;
- struct soap_dom_element *elt;
+ struct soap_dom_element *elt = NULL;
/* check that we are using the intended signature algorithm */
if (soap_wsse_get_SignedInfo_SignatureMethod(soap, &method, &bits))
return soap->error;
@@ -3944,8 +3945,8 @@
for (att = prt->atts; att; att = att->next)
{
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "DOM attribute = %s\n", att->name));
- if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
- soap_attribute(soap, att->name, att->text);
+ if (att->name && att->text && !strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
+ (void)soap_attribute(soap, att->name, att->text);
}
}
/* push xmlns="..." */
@@ -3953,9 +3954,9 @@
{
for (att = prt->atts; att; att = att->next)
{
- if (!strcmp(att->name, "xmlns"))
+ if (att->name && att->text && !strcmp(att->name, "xmlns"))
{
- soap_attribute(soap, att->name, att->text);
+ (void)soap_attribute(soap, att->name, att->text);
prt = NULL;
break;
}
@@ -4239,17 +4240,17 @@
for (att = prt->atts; att; att = att->next)
{
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "DOM attribute = %s\n", att->name));
- if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
- soap_attribute(soap, att->name, att->text);
+ if (att->name && att->text && !strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
+ (void)soap_attribute(soap, att->name, att->text);
}
}
for (prt = dom->prnt; prt; prt = prt->prnt)
{
for (att = prt->atts; att; att = att->next)
{
- if (!strcmp(att->name, "xmlns"))
+ if (att->name && att->text && !strcmp(att->name, "xmlns"))
{
- soap_attribute(soap, att->name, att->text);
+ (void)soap_attribute(soap, att->name, att->text);
prt = NULL;
break;
}
@@ -5090,7 +5091,7 @@
if (elt)
{
att = soap_att_get(elt, NULL, "EncodingType");
- if (att)
+ if (att && soap_att_get_text(att))
keybase = !strcmp(soap_att_get_text(att), wsse_Base64BinaryURI);
att = soap_att_get(elt, NULL, "ValueType");
keytype = soap_att_get_text(att);
@@ -5140,7 +5141,7 @@
{
int keylen;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Verify EncryptedKey %s alg=%x\n", keyalgo, data->deco_alg));
- if (keydata)
+ if (keytype && keydata)
{
if (!strcmp(keytype, wsse_X509v3URI))
{
@@ -6111,9 +6112,8 @@
*/
static int soap_p_hash(struct soap *soap, const char *hmac_key, size_t hmac_key_len, const char *secret, size_t secretlen, int alg, char HA[], size_t HA_len, char temp[], char *phash, size_t phashlen)
{
- char *buffer;
size_t i;
- buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen);
+ char *buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen);
if (!buffer)
return soap->error = SOAP_EOM;
i = 0;
@@ -7351,7 +7351,7 @@
soap_strcpy(URI + 1, l + 1, Id);
}
#endif
- if (!strcmp(tag, "SOAP-ENV:Body"))
+ if (tag && !strcmp(tag, "SOAP-ENV:Body"))
{
if (soap_element(soap, tag, id, type)
|| soap_element_start_end_out(soap, NULL))
@@ -7401,7 +7401,7 @@
}
if (data && (!data->encid || soap_tagsearch(data->encid, tag)))
{
- if (!strcmp(tag, "SOAP-ENV:Body"))
+ if (tag && !strcmp(tag, "SOAP-ENV:Body"))
{
if (soap_wsse_encrypt_end(soap))
return soap->error;
diff -ur gsoap2-code-r191/gsoap/plugin/wsseapi.cpp gsoap2-code-r192/gsoap/plugin/wsseapi.cpp
--- gsoap2-code-r191/gsoap/plugin/wsseapi.cpp 2020-10-16 23:01:09.000000000 +0200
+++ gsoap2-code-r192/gsoap/plugin/wsseapi.cpp 2020-11-19 19:29:25.000000000 +0100
@@ -2957,7 +2957,7 @@
else
{
/* check password text */
- if (!strcmp(token->Password->__item, password))
+ if (token->Password->__item && !strcmp(token->Password->__item, password))
return SOAP_OK;
}
}
@@ -3119,6 +3119,7 @@
{
_wsse__BinarySecurityToken *token = soap_wsse_BinarySecurityToken(soap, id);
DBGFUN1("soap_wsse_get_BinarySecurityToken", "id=%s", id?id:"");
+ *data = NULL;
if (token)
{
*valueType = token->ValueType;
@@ -3149,9 +3150,9 @@
X509 *cert = NULL;
char *valueType = NULL;
#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
- const unsigned char *data;
+ const unsigned char *data = NULL;
#else
- unsigned char *data;
+ unsigned char *data = NULL;
#endif
int size;
DBGFUN1("soap_wsse_get_BinarySecurityTokenX509", "id=%s", id?id:"");
@@ -3271,7 +3272,7 @@
SOAP_FMAC2
soap_wsse_add_SecurityContextToken(struct soap *soap, const char *id, const char *identifier)
{
- char *URI;
+ char *URI = NULL;
size_t l;
_wsse__Security *security = soap_wsse_add_Security(soap);
DBGFUN2("soap_wsse_add_SecurityContextToken", "id=%s", id, "identifier=%s", identifier?identifier:"");
@@ -3653,7 +3654,7 @@
{
ds__SignatureType *signature = soap_wsse_add_Signature(soap);
const char *method = NULL;
- char *sig;
+ char *sig = NULL;
int siglen;
int err;
const char *c14ninclude = soap->c14ninclude;
@@ -3884,10 +3885,10 @@
&& signature->SignedInfo
&& signature->SignatureValue)
{
- char *sig;
- const char *sigval;
+ char *sig = NULL;
+ const char *sigval = NULL;
int method, bits, siglen, sigvallen;
- struct soap_dom_element *elt;
+ struct soap_dom_element *elt = NULL;
/* check that we are using the intended signature algorithm */
if (soap_wsse_get_SignedInfo_SignatureMethod(soap, &method, &bits))
return soap->error;
@@ -3944,8 +3945,8 @@
for (att = prt->atts; att; att = att->next)
{
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "DOM attribute = %s\n", att->name));
- if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
- soap_attribute(soap, att->name, att->text);
+ if (att->name && att->text && !strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
+ (void)soap_attribute(soap, att->name, att->text);
}
}
/* push xmlns="..." */
@@ -3953,9 +3954,9 @@
{
for (att = prt->atts; att; att = att->next)
{
- if (!strcmp(att->name, "xmlns"))
+ if (att->name && att->text && !strcmp(att->name, "xmlns"))
{
- soap_attribute(soap, att->name, att->text);
+ (void)soap_attribute(soap, att->name, att->text);
prt = NULL;
break;
}
@@ -4239,17 +4240,17 @@
for (att = prt->atts; att; att = att->next)
{
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "DOM attribute = %s\n", att->name));
- if (!strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
- soap_attribute(soap, att->name, att->text);
+ if (att->name && att->text && !strncmp(att->name, "xmlns:", 6) && !soap_lookup_ns(soap, att->name + 6, strlen(att->name + 6)))
+ (void)soap_attribute(soap, att->name, att->text);
}
}
for (prt = dom->prnt; prt; prt = prt->prnt)
{
for (att = prt->atts; att; att = att->next)
{
- if (!strcmp(att->name, "xmlns"))
+ if (att->name && att->text && !strcmp(att->name, "xmlns"))
{
- soap_attribute(soap, att->name, att->text);
+ (void)soap_attribute(soap, att->name, att->text);
prt = NULL;
break;
}
@@ -5090,7 +5091,7 @@
if (elt)
{
att = soap_att_get(elt, NULL, "EncodingType");
- if (att)
+ if (att && soap_att_get_text(att))
keybase = !strcmp(soap_att_get_text(att), wsse_Base64BinaryURI);
att = soap_att_get(elt, NULL, "ValueType");
keytype = soap_att_get_text(att);
@@ -5140,7 +5141,7 @@
{
int keylen;
DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Verify EncryptedKey %s alg=%x\n", keyalgo, data->deco_alg));
- if (keydata)
+ if (keytype && keydata)
{
if (!strcmp(keytype, wsse_X509v3URI))
{
@@ -6111,9 +6112,8 @@
*/
static int soap_p_hash(struct soap *soap, const char *hmac_key, size_t hmac_key_len, const char *secret, size_t secretlen, int alg, char HA[], size_t HA_len, char temp[], char *phash, size_t phashlen)
{
- char *buffer;
size_t i;
- buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen);
+ char *buffer = (char*)SOAP_MALLOC(soap, HA_len + secretlen);
if (!buffer)
return soap->error = SOAP_EOM;
i = 0;
@@ -7351,7 +7351,7 @@
soap_strcpy(URI + 1, l + 1, Id);
}
#endif
- if (!strcmp(tag, "SOAP-ENV:Body"))
+ if (tag && !strcmp(tag, "SOAP-ENV:Body"))
{
if (soap_element(soap, tag, id, type)
|| soap_element_start_end_out(soap, NULL))
@@ -7401,7 +7401,7 @@
}
if (data && (!data->encid || soap_tagsearch(data->encid, tag)))
{
- if (!strcmp(tag, "SOAP-ENV:Body"))
+ if (tag && !strcmp(tag, "SOAP-ENV:Body"))
{
if (soap_wsse_encrypt_end(soap))
return soap->error;

36
gsoap-url-parse-hardening.patch
View File

@ -1,36 +0,0 @@
diffdiff -ur gsoap2-code-r193/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp gsoap2-code-r194/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp
--- gsoap2-code-r193/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp 2021-01-17 20:13:51.000000000 +0100
+++ gsoap2-code-r194/gsoap/samples/calc_vs2005/calc_vs2005/stdsoap2.cpp 2021-01-22 23:49:26.000000000 +0100
@@ -21246,7 +21243,7 @@
if (*s == ':')
{
s++;
- if (*s != '@')
+ if (*s != '@' && s < t)
{
l = t - s + 1;
r = r + strlen(r) + 1;
diff -ur gsoap2-code-r193/gsoap/stdsoap2.c gsoap2-code-r194/gsoap/stdsoap2.c
--- gsoap2-code-r193/gsoap/stdsoap2.c 2021-01-17 20:13:51.000000000 +0100
+++ gsoap2-code-r194/gsoap/stdsoap2.c 2021-01-22 23:49:26.000000000 +0100
@@ -21246,7 +21243,7 @@
if (*s == ':')
{
s++;
- if (*s != '@')
+ if (*s != '@' && s < t)
{
l = t - s + 1;
r = r + strlen(r) + 1;
diff -ur gsoap2-code-r193/gsoap/stdsoap2.cpp gsoap2-code-r194/gsoap/stdsoap2.cpp
--- gsoap2-code-r193/gsoap/stdsoap2.cpp 2021-01-17 20:13:51.000000000 +0100
+++ gsoap2-code-r194/gsoap/stdsoap2.cpp 2021-01-22 23:49:26.000000000 +0100
@@ -21246,7 +21243,7 @@
if (*s == ':')
{
s++;
- if (*s != '@')
+ if (*s != '@' && s < t)
{
l = t - s + 1;
r = r + strlen(r) + 1;

94
gsoap-wsse.patch
View File

@ -1,94 +0,0 @@
diff -ur gsoap2-code-r187/gsoap/plugin/wsseapi.c gsoap2-code-r188/gsoap/plugin/wsseapi.c
--- gsoap2-code-r187/gsoap/plugin/wsseapi.c 2020-06-30 21:06:47.000000000 +0200
+++ gsoap2-code-r188/gsoap/plugin/wsseapi.c 2020-07-22 22:20:04.000000000 +0200
@@ -3956,9 +3956,12 @@
if (!strcmp(att->name, "xmlns"))
{
soap_attribute(soap, att->name, att->text);
+ prt = NULL;
break;
}
}
+ if (!prt)
+ break;
}
}
else
@@ -4247,9 +4250,12 @@
if (!strcmp(att->name, "xmlns"))
{
soap_attribute(soap, att->name, att->text);
+ prt = NULL;
break;
}
}
+ if (!prt)
+ break;
}
}
else
@@ -4984,7 +4990,7 @@
if (soap_tagsearch(data->encid, "ds:Signature"))
{
/* support ds:Signature encryption only with HTTP chunking, otherwise content length is incorrect */
- if ((soap->omode & SOAP_IO) == SOAP_IO_BUFFER)
+ if ((soap->omode & SOAP_IO) == SOAP_IO_BUFFER || (soap->omode & SOAP_IO) == SOAP_IO_FLUSH)
soap->omode = (soap->omode & ~SOAP_IO) | SOAP_IO_CHUNK;
}
}
@@ -7573,6 +7579,8 @@
soap->c14ninclude = NULL; /* but do not render inclusive namespaces */
if ((soap->mode & SOAP_XML_INDENT))
soap->count += 5; /* correction for soap->ns = 0: add \n+indent */
+ if ((soap->mode & SOAP_XML_DEFAULTNS))
+ soap->count -= 2*(9 + strlen(ds_URI)); /* correct for xmlns="http://www.w3.org/2000/09/xmldsig#" added to SignedInfo and ds:SignatureValue */
}
soap_out_ds__SignedInfoType(soap, "ds:SignedInfo", 0, signature->SignedInfo, NULL);
soap_out__ds__SignatureValue(soap, "ds:SignatureValue", 0, &signature->SignatureValue, NULL);
diff -ur gsoap2-code-r187/gsoap/plugin/wsseapi.cpp gsoap2-code-r188/gsoap/plugin/wsseapi.cpp
--- gsoap2-code-r187/gsoap/plugin/wsseapi.cpp 2020-06-30 21:06:47.000000000 +0200
+++ gsoap2-code-r188/gsoap/plugin/wsseapi.cpp 2020-07-22 22:20:04.000000000 +0200
@@ -3956,9 +3956,12 @@
if (!strcmp(att->name, "xmlns"))
{
soap_attribute(soap, att->name, att->text);
+ prt = NULL;
break;
}
}
+ if (!prt)
+ break;
}
}
else
@@ -4247,9 +4250,12 @@
if (!strcmp(att->name, "xmlns"))
{
soap_attribute(soap, att->name, att->text);
+ prt = NULL;
break;
}
}
+ if (!prt)
+ break;
}
}
else
@@ -4984,7 +4990,7 @@
if (soap_tagsearch(data->encid, "ds:Signature"))
{
/* support ds:Signature encryption only with HTTP chunking, otherwise content length is incorrect */
- if ((soap->omode & SOAP_IO) == SOAP_IO_BUFFER)
+ if ((soap->omode & SOAP_IO) == SOAP_IO_BUFFER || (soap->omode & SOAP_IO) == SOAP_IO_FLUSH)
soap->omode = (soap->omode & ~SOAP_IO) | SOAP_IO_CHUNK;
}
}
@@ -7573,6 +7579,8 @@
soap->c14ninclude = NULL; /* but do not render inclusive namespaces */
if ((soap->mode & SOAP_XML_INDENT))
soap->count += 5; /* correction for soap->ns = 0: add \n+indent */
+ if ((soap->mode & SOAP_XML_DEFAULTNS))
+ soap->count -= 2*(9 + strlen(ds_URI)); /* correct for xmlns="http://www.w3.org/2000/09/xmldsig#" added to SignedInfo and ds:SignatureValue */
}
soap_out_ds__SignedInfoType(soap, "ds:SignedInfo", 0, signature->SignedInfo, NULL);
soap_out__ds__SignatureValue(soap, "ds:SignatureValue", 0, &signature->SignatureValue, NULL);

19
gsoap.spec
View File

@ -1,6 +1,6 @@
Summary: Generator Tools for Coding SOAP/XML Web Services in C and C++ Summary: Generator Tools for Coding SOAP/XML Web Services in C and C++
Name: gsoap Name: gsoap
Version: 2.8.104 Version: 2.8.124
Release: 1 Release: 1
License: GPLv2+ with exceptions License: GPLv2+ with exceptions
URL: http://gsoap2.sourceforge.net/ URL: http://gsoap2.sourceforge.net/
@ -10,9 +10,6 @@ Source2: wsdl2h.1
Source3: index.html Source3: index.html
Patch0: %{name}-libtool.patch Patch0: %{name}-libtool.patch
Patch1: %{name}-doxygen-tabs.patch Patch1: %{name}-doxygen-tabs.patch
Patch2: gsoap-wsse.patch
Patch3: gsoap-plugins-hardening.patch
Patch4: gsoap-url-parse-hardening.patch
BuildRequires: gcc-c++ flex bison dos2unix openssl-devel zlib-devel autoconf automake libtool BuildRequires: gcc-c++ flex bison dos2unix openssl-devel zlib-devel autoconf automake libtool
BuildRequires: doxygen graphviz make BuildRequires: doxygen graphviz make
%description %description
@ -37,9 +34,6 @@ gSOAP documentation in html.
%setup -q -n gsoap-2.8 %setup -q -n gsoap-2.8
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
find gsoap/samples/autotest/databinding/examples -name '*.xml' \ find gsoap/samples/autotest/databinding/examples -name '*.xml' \
-exec chmod a-x {} ';' -exec chmod a-x {} ';'
chmod a-x gsoap/doc/fonts/* chmod a-x gsoap/doc/fonts/*
@ -58,8 +52,8 @@ find . -name .DS_Store -exec rm {} ';'
%build %build
autoreconf --install --force autoreconf --install --force
%configure --disable-static --prefix=/usr --enable-ipv6 --enable-samples %configure --disable-static --enable-ipv6 --enable-samples
make %make_build -j1 SOAPCPP2_IMPORTPATH='-DSOAPCPP2_IMPORT_PATH="\"%{_datadir}/gsoap/import:%{_datadir}/gsoap\""'
cp -pr gsoap/doc gsoap/doc-build cp -pr gsoap/doc gsoap/doc-build
pushd gsoap/doc-build pushd gsoap/doc-build
rm -rf */html rm -rf */html
@ -78,7 +72,7 @@ popd
install -m 644 -p %{SOURCE3} gsoap/doc-build install -m 644 -p %{SOURCE3} gsoap/doc-build
%install %install
make install DESTDIR=%{buildroot} %make_install -j1
rm -f %{buildroot}/%_libdir/*.la rm -f %{buildroot}/%_libdir/*.la
rm %{buildroot}/%_datadir/gsoap/plugin/testmsgr-httpda.o rm %{buildroot}/%_datadir/gsoap/plugin/testmsgr-httpda.o
rm %{buildroot}/%_datadir/gsoap/plugin/testmsgr-smdevp.o rm %{buildroot}/%_datadir/gsoap/plugin/testmsgr-smdevp.o
@ -86,7 +80,7 @@ mkdir -p %{buildroot}/%_mandir/man1
install -m 644 -p %{SOURCE1} %{SOURCE2} %{buildroot}/%_mandir/man1 install -m 644 -p %{SOURCE1} %{SOURCE2} %{buildroot}/%_mandir/man1
%check %check
make check %make_build -j1 check
%files %files
%doc factsheet.pdf NOTES.txt README.txt %doc factsheet.pdf NOTES.txt README.txt
@ -131,5 +125,8 @@ make check
%license LICENSE.txt GPLv2_license.txt %license LICENSE.txt GPLv2_license.txt
%changelog %changelog
* Mon Apr 17 2023 liyanan <thistleslyn@163.com> - 2.8.124-1
- Update to 2.8.124
* Mon Sep 6 2021 wulei <wulei80@huawei.com> - 2.8.104-1 * Mon Sep 6 2021 wulei <wulei80@huawei.com> - 2.8.104-1
- package init - package init

BIN
gsoap_2.8.104.zip → gsoap_2.8.124.zip
View File

Binary file not shown.

11
soapcpp2.1
View File

@ -20,8 +20,6 @@ soapcpp2 \- the gSOAP Stub and Skeleton Compiler for C and C++
.SH SYNOPSIS .SH SYNOPSIS
\fBsoapcpp2\fR [\fIOPTIONS\fR] \fIINPUT\fR \fBsoapcpp2\fR [\fIOPTIONS\fR] \fIINPUT\fR
.SH DESCRIPTION .SH DESCRIPTION
Please see /usr/share/doc/gsoap-doc/soapdoc2.html for details.
.PP
Create stubs and client and server code from input \fIINPUT\fR or Create stubs and client and server code from input \fIINPUT\fR or
standard input if \fIINPUT\fR is not specified. standard input if \fIINPUT\fR is not specified.
.SH OPTIONS .SH OPTIONS
@ -56,6 +54,12 @@ Generate C++ source code (default).
\fB\-c++11\fR \fB\-c++11\fR
Generate C++ source code optimized for C++11 (compile with -std=c++11). Generate C++ source code optimized for C++11 (compile with -std=c++11).
.TP .TP
\fB\-c++14\fR
Generate C++ source code optimized for C++14 (compile with -std=c++14).
.TP
\fB\-c++17\fR
Generate C++ source code optimized for C++17 (compile with -std=c++17).
.TP
\fB\-d\fIpath\fR \fB\-d\fIpath\fR
Use \fIpath\fR to save files. Use \fIpath\fR to save files.
.TP .TP
@ -151,6 +155,9 @@ Compatibility with 2.7.x: Omit XML output for NULL pointers.
.TP .TP
\fB\-z3\fR \fB\-z3\fR
Compatibility up to 2.8.30: \fB_param_N\fR indexing and nillable pointers. Compatibility up to 2.8.30: \fB_param_N\fR indexing and nillable pointers.
.TP
\fB\-z4\fR
Compatibility up to 2.8.105: \fBchar*\fR member defaults, even when omitted.
.SH SEE ALSO .SH SEE ALSO
.BR wsdl2h (1). .BR wsdl2h (1).
.SH AUTHOR .SH AUTHOR

8
wsdl2h.1
View File

@ -20,8 +20,6 @@ wsdl2h \- the gSOAP WSDL/WADL/XSD processor for C and C++
.SH SYNOPSIS .SH SYNOPSIS
\fBwsdl2h\fR [\fIOPTIONS\fR] \fISOURCE\fR ... \fBwsdl2h\fR [\fIOPTIONS\fR] \fISOURCE\fR ...
.SH DESCRIPTION .SH DESCRIPTION
Please see /usr/share/doc/gsoap-doc/soapdoc2.html for details.
.PP
Converts a \fBWSDL\fR or \fBXSD\fR input file, or from an HTTP address, Converts a \fBWSDL\fR or \fBXSD\fR input file, or from an HTTP address,
\fISOURCE\fR to a declaration file that can be parsed by \fISOURCE\fR to a declaration file that can be parsed by
\fBsoapcpp2\fR(1). If no \fISOURCE\fR argument is specified, read \fBsoapcpp2\fR(1). If no \fISOURCE\fR argument is specified, read
@ -43,6 +41,12 @@ Generate C++ source code (default).
\fB\-c++11\fR \fB\-c++11\fR
Generate C++11 source code. Generate C++11 source code.
.TP .TP
\fB\-c++14\fR
Generate C++14 source code.
.TP
\fB\-c++17\fR
Generate C++17 source code.
.TP
\fB\-D\fR \fB\-D\fR
Make attribute members with default/fixed values optional with pointers. Make attribute members with default/fixed values optional with pointers.
.TP .TP