From f7b941d3f5ea067fd1066127fbbc10a7796a7c64 Mon Sep 17 00:00:00 2001 From: Baruch Siach Date: Mon, 26 Mar 2018 23:23:02 +0300 Subject: [PATCH] xerces: add upstream security fix CVE-2017-12627: dereference of a NULL pointer while processing the path to the DTD. xerces 3.2.1 includes this patch. But this version also added AC_RUN_IFELSE to its configure script, making cross compilation harder. Switching to cmake is also problematic since the minimum required cmake version is 3.2.0. The host dependencies check currently allows minimum cmake version 3.1. Signed-off-by: Baruch Siach Signed-off-by: Peter Korsgaard (cherry picked from commit 142c8cc8d525f687ce199cc0163d48892e8a81f7) Signed-off-by: Peter Korsgaard --- package/xerces/0001-fix-CVE-2017-12627.patch | 22 ++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 package/xerces/0001-fix-CVE-2017-12627.patch diff --git a/package/xerces/0001-fix-CVE-2017-12627.patch b/package/xerces/0001-fix-CVE-2017-12627.patch new file mode 100644 index 0000000000..010be7e3d5 --- /dev/null +++ b/package/xerces/0001-fix-CVE-2017-12627.patch @@ -0,0 +1,22 @@ +XMLString: Don't call catString if relativePath is null + +https://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt + +Upstream status: svn revision 1819998 + +Signed-off-by: Baruch Siach + +--- trunk/src/xercesc/util/PlatformUtils.cpp 2018/01/03 18:58:30 1819997 ++++ trunk/src/xercesc/util/PlatformUtils.cpp 2018/01/03 18:59:30 1819998 +@@ -920,7 +920,10 @@ + + XMLString::subString(tmpBuf, basePath, 0, (basePtr - basePath + 1), manager); + tmpBuf[basePtr - basePath + 1] = 0; +- XMLString::catString(tmpBuf, relativePath); ++ if (relativePath) ++ { ++ XMLString::catString(tmpBuf, relativePath); ++ } + + removeDotSlash(tmpBuf, manager); + -- 2.39.2