rpms/python-4Suite-XML/F-10 python-4Suite-XML-1.0.2-expat-dos.patch, NONE, 1.1 python-4Suite-XML.spec, 1.11, 1.12

Miloslav Trmac mitr at fedoraproject.org
Tue Nov 3 14:43:35 UTC 2009 

Author: mitr

Update of /cvs/extras/rpms/python-4Suite-XML/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21170

Modified Files:
	python-4Suite-XML.spec 
Added Files:
	python-4Suite-XML-1.0.2-expat-dos.patch 
Log Message:
* Tue Nov  3 2009 Miloslav Trmač <mitr at redhat.com> - 1.0.2-8
- Fix an expat DoS
  Related: #531697


python-4Suite-XML-1.0.2-expat-dos.patch:
 xmltok.c      |    4 ++--
 xmltok_impl.c |    2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

--- NEW FILE python-4Suite-XML-1.0.2-expat-dos.patch ---
diff -up 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c.expat-dos 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c
--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c.expat-dos	2006-04-28 21:54:54.000000000 +0200
+++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok.c	2009-11-03 14:18:03.994197360 +0100
@@ -328,13 +328,13 @@ utf8_updatePosition(const ENCODING *enc,
                     const char *end,
                     POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     unsigned char ch = (unsigned char)*ptr;
     if (ch >= 32) {
       if (ch < 128)
         ptr++;
       else
-        ptr += utf8_code_length[ch];
+        ptr += utf8_code_length[ch] ? utf8_code_length[ch] : 1;
       pos->columnNumber++;
     } else if (ch == 10) {
       pos->columnNumber = 0;
diff -up 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c.expat-dos 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c
--- 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c.expat-dos	2006-04-28 21:54:54.000000000 +0200
+++ 4Suite-XML-1.0.2/Ft/Xml/src/expat/lib/xmltok_impl.c	2009-11-03 14:17:55.169954596 +0100
@@ -1742,7 +1742,7 @@ PREFIX(updatePosition)(const ENCODING *e
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \


Index: python-4Suite-XML.spec
===================================================================
RCS file: /cvs/extras/rpms/python-4Suite-XML/F-10/python-4Suite-XML.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- python-4Suite-XML.spec	29 Aug 2008 21:40:55 -0000	1.11
+++ python-4Suite-XML.spec	3 Nov 2009 14:43:34 -0000	1.12
@@ -2,7 +2,7 @@
 
 Name: python-4Suite-XML
 Version: 1.0.2
-Release: 4%{?dist}
+Release: 8%{?dist}
 Summary: A collection of XML-related technologies for Python
 
 Group: Development/Libraries
@@ -10,7 +10,7 @@ License: ASL 1.1
 URL: http://www.4suite.org/
 Source0: http://dl.sourceforge.net/foursuite/4Suite-XML-%{version}.tar.bz2
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-
+Patch0: python-4Suite-XML-1.0.2-expat-dos.patch
 BuildRequires: python-devel
 
 %description
@@ -24,6 +24,7 @@ Its major components include the followi
 
 %prep
 %setup -q -n 4Suite-XML-%{version}
+%patch0 -p1 -b .expat-dos
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS"
@@ -59,6 +60,19 @@ rm -rf $RPM_BUILD_ROOT
 %{_datadir}/4Suite
 
 %changelog
+* Tue Nov  3 2009 Miloslav Trmač <mitr at redhat.com> - 1.0.2-8
+- Fix an expat DoS
+  Related: #531697
+
+* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.2-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Thu Feb 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.0.2-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Sat Nov 29 2008 Ignacio Vazquez-Abrams <ivazqueznet+rpm at gmail.com> - 1.0.2-5
+- Rebuild for Python 2.6
+
 * Fri Aug 29 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 1.0.2-4
 - fix license tag

More information about the fedora-extras-commits mailing list