Bug#498768: ubuntu patch matching upstream

Sat, 20 Sep 2008 00:46:45 -0700 

On Fri, Sep 19, 2008 at 07:10:14PM -0700, Kees Cook wrote:
> Hi,
> 
> On Fri, Sep 19, 2008 at 09:24:30PM +0200, Mike Hommey wrote:
> > On Mon, Sep 15, 2008 at 08:55:10AM -0700, Kees Cook wrote:
> > > As far as I know, this patch matches the upstream changes for the
> > > problem.  Please see:
> > > 
> > > https://bugzilla.redhat.com/show_bug.cgi?id=460396
> > 
> > Actually there are differences between upstream and ubuntu changes:
> > (a is ubuntu, b is upstream)
> > 
> > diff -u a/parser.c b/parser.c
> > --- a/parser.c
> > +++ b/parser.c
> > @@ -2390,7 +2390,6 @@
> >   */
> >  #define growBuffer(buffer) {                                               
> > \
> >      xmlChar *tmp;                                                  \
> > -    buffer##_size += XML_PARSER_BUFFER_SIZE ;                              
> > \
> >      buffer##_size *= 2;                                                    
> > \
> >      tmp = (xmlChar *)                                                      
> > \
> >             xmlRealloc(buffer, buffer##_size * sizeof(xmlChar));    \
> > @@ -3451,7 +3450,7 @@
> >                  * Just output the reference
> >                  */
> >                 buf[len++] = '&';
> > -               while (len > buf_size - i - 10) {
> > +               if (len > buf_size - i - 10) {
> >                     growBuffer(buf);
> >                 }
> >                 for (;i > 0;i--)
> 
> The above changes are for CVE-2008-3529.

Certainly not. It's not in upstream patch.

> BTW, would it be possible to
> add a patch system to libxml2?  It's much easier to split up the patches
> over time, and is nice for anyone doing post-release updates. :)

There is a (D)VCS.

> > @@ -6476,8 +6475,6 @@
> >                 } else if (list != NULL) {
> >                     xmlFreeNodeList(list);
> >                     list = NULL;
> > -               } else if (ent->owner != 1) {
> > -                   ctxt->nbentities += ent->owner;
> >                 }
> >             }
> >             ent->checked = 1;
> > @@ -6668,6 +6665,8 @@
> >                 ctxt->nodelen = 0;
> >                 return;
> >             }
> > +       } else if (ent->owner != 1) {
> > +           ctxt->nbentities += ent->owner;
> >         }
> >     } else {
> >         val = ent->content;
> 
> Was this just interdiff output?  There were some changes to this area of
> code that needed some by-hand backporting, so the versions used to
> compare might not end up looking clean.  Or, I could have messed up the
> backport, but I put them through a bunch of xml regression tests and
> things seemed to be behaving.

There was only 1 conflict when applying upstream patch for RHEL5, and
only because of tabulations/spaces, on my end...

Mike



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to