desktop/source/app/cmdlineargs.cxx | 2 -
external/redland/ExternalProject_raptor.mk | 4 +-
external/redland/UnpackedTarball_raptor.mk | 1
external/redland/raptor/CVE-2024-57823.patch.1 | 35 +++++++++++++++++++++++++
4 files changed, 39 insertions(+), 3 deletions(-)
New commits:
commit 441c2470a4756b7210d4a9cdb89595a75b8624ee
Author: Michael Stahl <michael.st...@allotropia.de>
AuthorDate: Wed Jan 15 10:55:05 2025 +0100
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Feb 12 00:13:46 2025 +0100
redland: disable all raptor parsers except for "rdfxml"
It's the only one the unordf component invokes.
CVE-2024-57823 CVE-2024-57822 affect the "ntriples" and "turtle"
parsers.
However it appears that the function raptor_uri_normalize_path() could
also be called from raptor_libxml_* functions? Somewhat unclear, let's
add the patch just in case.
Change-Id: Idd7ebbc29c63e84ca2434b06c26f7aca34bdcaa5
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180272
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.st...@allotropia.de>
(cherry picked from commit 2b50dc0e4482ac0ad27d69147b4175e05af4fba4)
(cherry picked from commit 1ac4aa8db84ee647b471edbdd9a702e66fe52e78)
diff --git a/external/redland/ExternalProject_raptor.mk
b/external/redland/ExternalProject_raptor.mk
index 70e28edf99b8..52511ea822ac 100644
--- a/external/redland/ExternalProject_raptor.mk
+++ b/external/redland/ExternalProject_raptor.mk
@@ -25,8 +25,8 @@ $(call gb_ExternalProject_get_state_target,raptor,build):
$(if $(SYSBASE),$(if $(filter LINUX
SOLARIS,$(OS)),-L$(SYSBASE)/lib -L$(SYSBASE)/usr/lib -lpthread -ldl))" \
CPPFLAGS="$(if $(SYSBASE),-I$(SYSBASE)/usr/include)" \
./configure --disable-gtk-doc \
- --enable-parsers="rdfxml ntriples turtle trig guess
rss-tag-soup" \
- --with-www=xml \
+ --enable-parsers="rdfxml" \
+ --without-www \
--without-xslt-config \
$(if $(CROSS_COMPILING),--build=$(BUILD_PLATFORM)
--host=$(HOST_PLATFORM) \
$(if $(filter INTEL
ARM,$(CPUNAME)),ac_cv_c_bigendian=no)) \
diff --git a/external/redland/UnpackedTarball_raptor.mk
b/external/redland/UnpackedTarball_raptor.mk
index 961047e16d3a..b69ca71de59a 100644
--- a/external/redland/UnpackedTarball_raptor.mk
+++ b/external/redland/UnpackedTarball_raptor.mk
@@ -30,6 +30,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,raptor,\
external/redland/raptor/libtool.patch \
external/redland/raptor/Wint-conversion.patch \
external/redland/raptor/raptor-libxml2-11.patch.1 \
+ external/redland/raptor/CVE-2024-57823.patch.1 \
))
# vim: set noet sw=4 ts=4:
diff --git a/external/redland/raptor/CVE-2024-57823.patch.1
b/external/redland/raptor/CVE-2024-57823.patch.1
new file mode 100644
index 000000000000..b06689304b0a
--- /dev/null
+++ b/external/redland/raptor/CVE-2024-57823.patch.1
@@ -0,0 +1,35 @@
+--- raptor2-2.0.15/src/raptor_rfc2396.c.CVE-2024-57823 2014-07-26
23:07:37.000000000 +0200
++++ raptor2-2.0.15/src/raptor_rfc2396.c 2025-01-13 12:59:22.175568228
+0100
+@@ -289,10 +289,8 @@ raptor_uri_normalize_path(unsigned char*
+ }
+
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL4("Path '%s' length %ld does not match calculated %ld.",
(const char*)path_buffer, (long)strlen((const char*)path_buffer),
(long)path_len);
+-#endif
+
+ /* Remove all "<component>/../" path components */
+
+@@ -327,10 +325,8 @@ raptor_uri_normalize_path(unsigned char*
+ if(!prev || !cur)
+ continue;
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL3("Path length %ld does not match calculated %ld.",
(long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+
+ /* If the current one is '..' */
+ if(s == (cur+2) && cur[0] == '.' && cur[1] == '.') {
+@@ -393,10 +389,8 @@ raptor_uri_normalize_path(unsigned char*
+ }
+
+
+-#if defined(RAPTOR_DEBUG)
+ if(path_len != strlen((const char*)path_buffer))
+ RAPTOR_FATAL3("Path length %ld does not match calculated %ld.",
(long)strlen((const char*)path_buffer), (long)path_len);
+-#endif
+
+ /* RFC3986 Appendix C.2 / 5.4.2 Abnormal Examples
+ * Remove leading /../ and /./
commit 977c5f78f62de259843116691a8f18efe9f0ec4a
Author: Caolán McNamara <caolan.mcnam...@collabora.com>
AuthorDate: Thu Jan 30 20:37:38 2025 +0000
Commit: Thorsten Behrens <thorsten.behr...@allotropia.de>
CommitDate: Wed Feb 12 00:11:30 2025 +0100
Filter out more unwanted command URIs
Change-Id: I24c95d73b4fee89bdf044d5dd6efc9cd89627c54
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/180970
Tested-by: Jenkins
Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
diff --git a/desktop/source/app/cmdlineargs.cxx
b/desktop/source/app/cmdlineargs.cxx
index 48336da1b71d..d58029019dee 100644
--- a/desktop/source/app/cmdlineargs.cxx
+++ b/desktop/source/app/cmdlineargs.cxx
@@ -165,7 +165,7 @@ CommandLineEvent CheckOfficeURI(/* in,out */ OUString& arg,
CommandLineEvent cur
if (nURIlen < 0)
nURIlen = rest2.getLength();
auto const uri = rest2.copy(0, nURIlen);
- if (INetURLObject(uri).GetProtocol() == INetProtocol::Macro) {
+ if (INetURLObject(uri).IsExoticProtocol()) {
// Let the "Open" machinery process the full command URI (leading to
failure, by intention,
// as the "Open" machinery does not know about those command URI
schemes):
curEvt = CommandLineEvent::Open;
