← Back to branch summary

~ubuntu-branches/ubuntu/wily/libxml2/wily-proposed

~ubuntu-branches/ubuntu/wily/libxml2/wily-proposed

« back to all changes in this revision

Viewing changes to HTMLtree.c

Committer: Package Import Robot
Author(s): Aron Xu
Date: 2014-10-26 07:04:50 UTC
mfrom: (43.2.7 sid)
Revision ID: package-import@ubuntu.com-20141026070450-rmcqvcqn8peeuebs

Tags: 2.9.2+dfsg1-1

http://bugs.debian.org/765722

* New upstream release (Closes: #765722, CVE-2014-3660)
* Remove no-longer-needed upstream patches
* Update distro patch
* Std-ver: 3.9.5 -> 3.9.6, no change.

files added:
.pc/0001-modify-xml2-config-and-pkgconfig-behaviour.patch/configure.ac

configure.ac

libxml2-config.cmake.in

os400

os400/README400

os400/dlfcn

os400/dlfcn/dlfcn.c

os400/dlfcn/dlfcn.h

os400/iconv

os400/iconv/README.iconv

os400/iconv/bldcsndfa

os400/iconv/bldcsndfa/bldcsndfa.c

os400/iconv/bldcsndfa/ccsid_mibenum.dtd

os400/iconv/bldcsndfa/ccsid_mibenum.xml

os400/iconv/bldcsndfa/character-sets.xhtml

os400/iconv/ianatables.c

os400/iconv/iconv.c

os400/iconv/iconv.h

os400/initscript.sh

os400/libxmlrpg

os400/libxmlrpg/DOCBparser.rpgle

os400/libxmlrpg/HTMLparser.rpgle

os400/libxmlrpg/HTMLtree.rpgle

os400/libxmlrpg/SAX.rpgle

os400/libxmlrpg/SAX2.rpgle

os400/libxmlrpg/c14n.rpgle

os400/libxmlrpg/catalog.rpgle

os400/libxmlrpg/chvalid.rpgle

os400/libxmlrpg/debugXML.rpgle

os400/libxmlrpg/dict.rpgle

os400/libxmlrpg/encoding.rpgle

os400/libxmlrpg/entities.rpgle

os400/libxmlrpg/globals.rpgle

os400/libxmlrpg/hash.rpgle

os400/libxmlrpg/list.rpgle

os400/libxmlrpg/nanoftp.rpgle

os400/libxmlrpg/nanohttp.rpgle

os400/libxmlrpg/parser.rpgle

os400/libxmlrpg/parserInternals.rpgle

os400/libxmlrpg/pattern.rpgle

os400/libxmlrpg/relaxng.rpgle

os400/libxmlrpg/schemasInternals.rpgle

os400/libxmlrpg/schematron.rpgle

os400/libxmlrpg/threads.rpgle

os400/libxmlrpg/transcode.rpgle

os400/libxmlrpg/tree.rpgle

os400/libxmlrpg/uri.rpgle

os400/libxmlrpg/valid.rpgle

os400/libxmlrpg/xinclude.rpgle

os400/libxmlrpg/xlink.rpgle

os400/libxmlrpg/xmlIO.rpgle

os400/libxmlrpg/xmlautomata.rpgle

os400/libxmlrpg/xmlerror.rpgle

os400/libxmlrpg/xmlexports.rpgle

os400/libxmlrpg/xmlmemory.rpgle

os400/libxmlrpg/xmlmodule.rpgle

os400/libxmlrpg/xmlreader.rpgle

os400/libxmlrpg/xmlregexp.rpgle

os400/libxmlrpg/xmlsave.rpgle

os400/libxmlrpg/xmlschemas.rpgle

os400/libxmlrpg/xmlschemastypes.rpgle

os400/libxmlrpg/xmlstdarg.rpgle

os400/libxmlrpg/xmlstring.rpgle

os400/libxmlrpg/xmlunicode.rpgle

os400/libxmlrpg/xmlversion.rpgle.in

os400/libxmlrpg/xmlwriter.rpgle

os400/libxmlrpg/xpath.rpgle

os400/libxmlrpg/xpathInternals.rpgle

os400/libxmlrpg/xpointer.rpgle

os400/make-bldcsndfa.sh

os400/make-include.sh

os400/make-rpg.sh

os400/make-src.sh

os400/make.sh

os400/os400config.h.in

os400/rpgsupport.c

os400/rpgsupport.h

os400/transcode.c

os400/transcode.h

os400/wrappers.c

os400/wrappers.h

files removed:
.pc/0001-modify-xml2-config-and-pkgconfig-behaviour.patch/configure.in

.pc/0001-modify-xml2-config-and-pkgconfig-behaviour.patch/libxml-2.0.pc.in

.pc/0003-Fix-an-error-in-xmlCleanupParser.patch

.pc/0003-Fix-an-error-in-xmlCleanupParser.patch/parser.c

.pc/0004-Fix-missing-break-on-last-function-for-attributes.patch

.pc/0004-Fix-missing-break-on-last-function-for-attributes.patch/python

.pc/0004-Fix-missing-break-on-last-function-for-attributes.patch/python/libxml.c

.pc/0005-xmllint-memory-should-fail-on-empty-files.patch

.pc/0005-xmllint-memory-should-fail-on-empty-files.patch/xmllint.c

.pc/0006-properly-quote-the-namespace-uris-written-out-during.patch

.pc/0006-properly-quote-the-namespace-uris-written-out-during.patch/c14n.c

.pc/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch

.pc/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch/parser.c

.pc/0008-missing-else-in-xlink.c.patch

.pc/0008-missing-else-in-xlink.c.patch/xlink.c

.pc/0009-Catch-malloc-error-and-exit-accordingly.patch

.pc/0009-Catch-malloc-error-and-exit-accordingly.patch/xmllint.c

.pc/0010-Fix-handling-of-mmap-errors.patch

.pc/0010-Fix-handling-of-mmap-errors.patch/xmllint.c

.pc/0011-Avoid-crash-if-allocation-fails.patch

.pc/0011-Avoid-crash-if-allocation-fails.patch/xmlschemastypes.c

.pc/0012-Fix-a-possible-NULL-dereference.patch

.pc/0012-Fix-a-possible-NULL-dereference.patch/SAX2.c

.pc/0013-Clear-up-a-potential-NULL-dereference.patch

.pc/0013-Clear-up-a-potential-NULL-dereference.patch/parserInternals.c

.pc/0014-Fix-XPath-optimization-with-predicates.patch

.pc/0014-Fix-XPath-optimization-with-predicates.patch/xpath.c

.pc/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch

.pc/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch/xmllint.c

.pc/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch

.pc/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch/xmlregexp.c

.pc/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch

.pc/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch/tree.c

.pc/0018-Fix-pointer-dereferenced-before-null-check.patch

.pc/0018-Fix-pointer-dereferenced-before-null-check.patch/valid.c

.pc/0019-Fix-a-bug-loading-some-compressed-files.patch

.pc/0019-Fix-a-bug-loading-some-compressed-files.patch/xzlib.c

.pc/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch

.pc/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch/encoding.c

.pc/0021-Fix-a-couple-of-missing-NULL-checks.patch

.pc/0021-Fix-a-couple-of-missing-NULL-checks.patch/tree.c

.pc/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch

.pc/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch/HTMLparser.c

.pc/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch/parser.c

.pc/0023-Handling-of-XPath-function-arguments-in-error-case.patch

.pc/0023-Handling-of-XPath-function-arguments-in-error-case.patch/xpath.c

.pc/0024-Missing-initialization-for-the-catalog-module.patch

.pc/0024-Missing-initialization-for-the-catalog-module.patch/parser.c

.pc/0025-Fix-an-fd-leak-in-an-error-case.patch

.pc/0025-Fix-an-fd-leak-in-an-error-case.patch/catalog.c

.pc/0026-fixing-a-ptotential-uninitialized-access.patch

.pc/0026-fixing-a-ptotential-uninitialized-access.patch/valid.c

.pc/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch

.pc/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch/xmlwriter.c

.pc/0028-Avoid-a-possible-NULL-pointer-dereference.patch

.pc/0028-Avoid-a-possible-NULL-pointer-dereference.patch/xmlmodule.c

.pc/0029-Do-not-fetch-external-parameter-entities.patch

.pc/0029-Do-not-fetch-external-parameter-entities.patch/parser.c

.pc/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch

.pc/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch/xmlmemory.c

.pc/0031-xmllint-was-not-parsing-the-c14n11-flag.patch

.pc/0031-xmllint-was-not-parsing-the-c14n11-flag.patch/xmllint.c

.pc/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch

.pc/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch/parser.c

.pc/CVE-2014-3660.patch

.pc/CVE-2014-3660.patch/parser.c

configure.in

debian/patches/0003-Fix-an-error-in-xmlCleanupParser.patch

debian/patches/0004-Fix-missing-break-on-last-function-for-attributes.patch

debian/patches/0005-xmllint-memory-should-fail-on-empty-files.patch

debian/patches/0006-properly-quote-the-namespace-uris-written-out-during.patch

debian/patches/0007-Fix-a-parsing-bug-on-non-ascii-element-and-CR-LF-usa.patch

debian/patches/0008-missing-else-in-xlink.c.patch

debian/patches/0009-Catch-malloc-error-and-exit-accordingly.patch

debian/patches/0010-Fix-handling-of-mmap-errors.patch

debian/patches/0011-Avoid-crash-if-allocation-fails.patch

debian/patches/0012-Fix-a-possible-NULL-dereference.patch

debian/patches/0013-Clear-up-a-potential-NULL-dereference.patch

debian/patches/0014-Fix-XPath-optimization-with-predicates.patch

debian/patches/0015-xmllint-pretty-crashed-without-following-numeric-arg.patch

debian/patches/0016-Fix-potential-NULL-pointer-dereferences-in-regexp-co.patch

debian/patches/0017-Fix-a-potential-NULL-dereference-in-tree-code.patch

debian/patches/0018-Fix-pointer-dereferenced-before-null-check.patch

debian/patches/0019-Fix-a-bug-loading-some-compressed-files.patch

debian/patches/0020-Avoid-a-possibility-of-dangling-encoding-handler.patch

debian/patches/0021-Fix-a-couple-of-missing-NULL-checks.patch

debian/patches/0022-adding-init-calls-to-xml-and-html-Read-parsing-entry.patch

debian/patches/0023-Handling-of-XPath-function-arguments-in-error-case.patch

debian/patches/0024-Missing-initialization-for-the-catalog-module.patch

debian/patches/0025-Fix-an-fd-leak-in-an-error-case.patch

debian/patches/0026-fixing-a-ptotential-uninitialized-access.patch

debian/patches/0027-Fix-xmlTextWriterWriteElement-when-a-null-content-is.patch

debian/patches/0028-Avoid-a-possible-NULL-pointer-dereference.patch

debian/patches/0029-Do-not-fetch-external-parameter-entities.patch

debian/patches/0030-Avoid-Possible-null-pointer-dereference-in-memory-de.patch

debian/patches/0031-xmllint-was-not-parsing-the-c14n11-flag.patch

debian/patches/0032-Fix-regressions-introduced-by-CVE-2014-0191-patch.patch

debian/patches/CVE-2014-3660.patch

files modified:
.pc/0001-modify-xml2-config-and-pkgconfig-behaviour.patch/libxml-2.0-uninstalled.pc.in

.pc/0002-fix-python-multiarch-includes.patch/python/Makefile.in

.pc/applied-patches

ChangeLog

HTMLparser.c

HTMLtree.c

INSTALL

Makefile.am

Makefile.in

NEWS

SAX2.c

aclocal.m4

buf.c

buf.h

catalog.c

config.guess

config.h.in

config.sub

configure

debian/changelog

debian/control

debian/libxml2.symbols

debian/patches/0001-modify-xml2-config-and-pkgconfig-behaviour.patch

debian/patches/0002-fix-python-multiarch-includes.patch

debian/patches/series

debian/rules

debugXML.c

depcomp

doc/APIchunk11.html

doc/APIchunk12.html

doc/APIchunk14.html

doc/APIchunk26.html

doc/APIfunctions.html

doc/FAQ.html

doc/Makefile.in

doc/architecture.html

doc/bugs.html

doc/catalog.html

doc/contribs.html

doc/devhelp/Makefile.in

doc/devhelp/libxml2-entities.html

doc/devhelp/libxml2-tree.html

doc/devhelp/libxml2-xmlerror.html

doc/devhelp/libxml2-xmlschemastypes.html

doc/docs.html

doc/downloads.html

doc/encoding.html

doc/example.html

doc/examples/Makefile.in

doc/help.html

doc/html/libxml-entities.html

doc/html/libxml-tree.html

doc/html/libxml-xmlerror.html

doc/html/libxml-xmlschemastypes.html

doc/index.html

doc/interface.html

doc/intro.html

doc/library.html

doc/libxml2-api.xml

doc/libxml2.xsa

doc/news.html

doc/python.html

doc/threads.html

doc/upgrade.html

doc/xml.html

doc/xmldtd.html

doc/xmlio.html

doc/xmllint.1

doc/xmllint.xml

doc/xmlmem.html

elfgcchack.h

encoding.c

entities.c

example/Makefile.in

hash.c

include/Makefile.in

include/libxml/Makefile.in

include/libxml/SAX2.h

include/libxml/entities.h

include/libxml/globals.h

include/libxml/relaxng.h

include/libxml/tree.h

include/libxml/xmlIO.h

include/libxml/xmlerror.h

include/libxml/xmlversion.h

include/win32config.h

install-sh

legacy.c

libxml-2.0-uninstalled.pc.in

libxml-2.0.pc.in

libxml.spec.in

libxml2.spec

m4/libtool.m4

missing

nanoftp.c

nanohttp.c

parser.c

parserInternals.c

python/Makefile.in

python/drv_libxml2.py

python/generator.py

python/libxml.c

python/libxml.py

python/libxml2-export.c

python/libxml2-py.c

python/libxml2-py.h

python/libxml2.py

python/libxml2class.py

python/libxml_wrap.h

python/setup.py

python/setup.py.in

python/tests/Makefile.in

python/tests/sync.py

python/types.c

relaxng.c

runtest.c

schematron.c

testapi.c

testlimits.c

threads.c

timsort.h

tree.c

trio.c

trio.h

triodef.h

triostr.c

uri.c

valid.c

vms/build_libxml.com

vms/config.vms

win32/Makefile.msvc

win32/libxml2.def.src

xinclude.c

xmlIO.c

xmlcatalog.c

xmllint.c

xmlmemory.c

xmlreader.c

xmlregexp.c

xmlschemas.c

xmlschemastypes.c

xmlwriter.c

xpath.c

xpointer.c

xstc/Makefile.in

xzlib.c

xzlib.h

Show diffs side-by-side

added added

removed removed

716

716

(!xmlStrcasecmp(cur->name, BAD_CAST "src")) ||

717

717

((!xmlStrcasecmp(cur->name, BAD_CAST "name")) &&

718

718

(!xmlStrcasecmp(cur->parent->name, BAD_CAST "a"))))) {

719

xmlChar *escaped;

720

719

xmlChar *tmp = value;

720

/* xmlURIEscapeStr() escapes '"' so it can be safely used. */

721

xmlBufCCat(buf->buffer, "\"");

721

722

722

723

while (IS_BLANK_CH(*tmp)) tmp++;

723

724

724

/*

725

* the < and > have already been escaped at the entity level

726

* And doing so here breaks server side includes

727

*/

728

escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+<>");

729

if (escaped != NULL) {

730

xmlBufWriteQuotedString(buf->buffer, escaped);

731

xmlFree(escaped);

732

} else {

733

xmlBufWriteQuotedString(buf->buffer, value);

725

/* URI Escape everything, except server side includes. */

726

for ( ; ; ) {

727

xmlChar *escaped;

728

xmlChar endChar;

729

xmlChar *end = NULL;

730

xmlChar *start = (xmlChar *)xmlStrstr(tmp, BAD_CAST "<!--");

731

if (start != NULL) {

732

end = (xmlChar *)xmlStrstr(tmp, BAD_CAST "-->");

733

if (end != NULL) {

734

*start = '\0';

735

}

736

}

737

738

/* Escape the whole string, or until start (set to '\0'). */

739

escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+");

740

if (escaped != NULL) {

741

xmlBufCat(buf->buffer, escaped);

742

xmlFree(escaped);

743

} else {

744

xmlBufCat(buf->buffer, tmp);

745

}

746

747

if (end == NULL) { /* Everything has been written. */

748

break;

749

}

750

751

/* Do not escape anything within server side includes. */

752

*start = '<'; /* Restore the first character of "<!--". */

753

end += 3; /* strlen("-->") */

754

endChar = *end;

755

*end = '\0';

756

xmlBufCat(buf->buffer, start);

757

*end = endChar;

758

tmp = end;

734

759

}

760

761

xmlBufCCat(buf->buffer, "\"");

735

762

} else {

736

763

xmlBufWriteQuotedString(buf->buffer, value);

737

764

}

Older »