Date: Sat, 20 Feb 2021 16:23:19 +0000 (UTC) From: Adriaan de Groot <adridg@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r566164 - in head/textproc/raptor2: . files Message-ID: <202102201623.11KGNJmU006050@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: adridg Date: Sat Feb 20 16:23:19 2021 New Revision: 566164 URL: https://svnweb.freebsd.org/changeset/ports/566164 Log: Add fix for CVE-2020-25713 raptor2: malformed input file segfault The sample file in the upstream bug report from the PR causes a bus error in PORTREVISION 16, and returns an error (as I suppose it should) now. PR: 251102 Reported by: pi Obtained from: upstream Added: head/textproc/raptor2/files/patch-CVE-2020-25713 (contents, props changed) Modified: head/textproc/raptor2/Makefile Modified: head/textproc/raptor2/Makefile ============================================================================== --- head/textproc/raptor2/Makefile Sat Feb 20 15:30:51 2021 (r566163) +++ head/textproc/raptor2/Makefile Sat Feb 20 16:23:19 2021 (r566164) @@ -3,7 +3,7 @@ PORTNAME= raptor2 PORTVERSION= 2.0.15 -PORTREVISION= 16 +PORTREVISION= 17 CATEGORIES= textproc MASTER_SITES= http://download.librdf.org/source/ \ SF/librdf/${PORTNAME}/${PORTVERSION} Added: head/textproc/raptor2/files/patch-CVE-2020-25713 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/textproc/raptor2/files/patch-CVE-2020-25713 Sat Feb 20 16:23:19 2021 (r566164) @@ -0,0 +1,33 @@ +From a549457461874157c8c8e8e8a6e0eec06da4fbd0 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com> +Date: Tue, 24 Nov 2020 10:30:20 +0000 +Subject: [PATCH] CVE-2020-25713 raptor2: malformed input file can lead to a + segfault + +due to an out of bounds array access in +raptor_xml_writer_start_element_common + +See: +https://bugs.mageia.org/show_bug.cgi?id=27605 +https://www.openwall.com/lists/oss-security/2020/11/13/1 +https://gerrit.libreoffice.org/c/core/+/106249 +--- + src/raptor_xml_writer.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c +index 56993dc3..4426d38c 100644 +--- src/raptor_xml_writer.c ++++ src/raptor_xml_writer.c +@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer, + + /* check it wasn't an earlier declaration too */ + for(j = 0; j < nspace_declarations_count; j++) +- if(nspace_declarations[j].nspace == element->attributes[j]->nspace) { ++ if(nspace_declarations[j].nspace == element->attributes[i]->nspace) { + declare_me = 0; + break; + } +-- +2.28.0 +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102201623.11KGNJmU006050>