external/redland/ExternalProject_raptor.mk | 2 -
external/redland/UnpackedTarball_raptor.mk | 1
external/redland/raptor/CVE-2024-57823.patch.1 | 35 +++++++++++++++++++++++++
3 files changed, 37 insertions(+), 1 deletion(-)
New commits:
commit 7b599301d90ad9c90a85568de0840b9e579d9908
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Jan 15 10:55:05 2025 +0100
Commit: Andras Timar <andras.ti...@collabora.com>
CommitDate: Mon Feb 3 16:41:18 2025 +0100
redland: disable all raptor parsers except for "rdfxml"
It's the only one the unordf component invokes.
CVE-2024-57823 CVE-2024-57822 affect the "ntriples" and "turtle"
parsers.
However it appears that the function raptor_uri_normalize_path() could
also be called from raptor_libxml_* functions? Somewhat unclear, let's
add the patch just in case.
Change-Id: Idd7ebbc29c63e84ca2434b06c26f7aca34bdcaa5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180272
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 2b50dc0e4482ac0ad27d69147b4175e05af4fba4)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/181060
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoff...@gmail.com>
Reviewed-by: Andras Timar <andras.ti...@collabora.com>
diff --git a/external/redland/ExternalProject_raptor.mk
b/external/redland/ExternalProject_raptor.mk
index 8b800f76eea0..944f7e0b40d4 100644
--- a/external/redland/ExternalProject_raptor.mk
+++ b/external/redland/ExternalProject_raptor.mk
@@ -36,7 +36,7 @@ $(call gb_ExternalProject_get_state_target,raptor,build):
$(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl)))' \
CPPFLAGS="$(if $(SYSBASE),-I$(SYSBASE)/usr/include)
$(gb_EMSCRIPTEN_CPPFLAGS)" \
$(gb_RUN_CONFIGURE) ./configure --disable-gtk-doc \
- --enable-parsers="rdfxml ntriples turtle trig guess
rss-tag-soup" \
+ --enable-parsers="rdfxml" \
--without-www \
--without-xslt-config \
$(gb_CONFIGURE_PLATFORMS) \
diff --git a/external/redland/UnpackedTarball_raptor.mk
b/external/redland/UnpackedTarball_raptor.mk
index 6dc6491132df..dddfb4ba7923 100644
--- a/external/redland/UnpackedTarball_raptor.mk
+++ b/external/redland/UnpackedTarball_raptor.mk
@@ -30,6 +30,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,raptor,\
external/redland/raptor/xml2-config.patch \
external/redland/raptor/raptor-libxml2-11.patch.1 \
$(if $(SYSTEM_ICU),,external/redland/raptor/raptor-icu.patch) \
+ external/redland/raptor/CVE-2024-57823.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/redland/raptor/CVE-2024-57823.patch.1
b/external/redland/raptor/CVE-2024-57823.patch.1
new file mode 100644
index 000000000000..b06689304b0a
--- /dev/null
+++ b/external/redland/raptor/CVE-2024-57823.patch.1
@@ -0,0 +1,35 @@
+--- raptor2-2.0.15/src/raptor_rfc2396.c.CVE-2024-57823 2014-07-26
23:07:37.000000000 +0200
++++ raptor2-2.0.15/src/raptor_rfc2396.c 2025-01-13 12:59:22.175568228
+0100
+@@ -289,10 +289,8 @@ raptor_uri_normalize_path(unsigned char*
+ }
+
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL4("Path '%s' length %ld does not match calculated %ld.",
(const char*)path_buffer, (long)strlen((const char*)path_buffer),
(long)path_len);
+-#endif
+
+ /* Remove all "<component>/../" path components */
+
+@@ -327,10 +325,8 @@ raptor_uri_normalize_path(unsigned char*
+ if(!prev || !cur)
+ continue;
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL3("Path length %ld does not match calculated %ld.",
(long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+
+ /* If the current one is '..' */
+ if(s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
+@@ -393,10 +389,8 @@ raptor_uri_normalize_path(unsigned char*
+ }
+
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL3("Path length %ld does not match calculated %ld.",
(long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+
+ /* RFC3986 Appendix C.2 / 5.4.2 Abnormal Examples
+ * Remove leading /../ and /./
