Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
python-libxml2.4858
libxml2-2.9.1-CVE-2016-4448.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-2.9.1-CVE-2016-4448.patch of Package python-libxml2.4858
From 4472c3a5a5b516aaf59b89be602fbce52756c3e9 Mon Sep 17 00:00:00 2001 From: David Kilzer <ddkilzer@webkit.org> Date: Fri, 13 May 2016 15:13:17 +0800 Subject: Fix some format string warnings with possible format string vulnerability For https://bugzilla.gnome.org/show_bug.cgi?id=761029 Decorate every method in libxml2 with the appropriate LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups following the reports. --- HTMLparser.c | 4 +-- SAX2.c | 12 ++++---- catalog.c | 2 +- configure.in | 4 +-- debugXML.c | 4 +-- encoding.c | 2 +- entities.c | 2 +- error.c | 2 +- include/libxml/parserInternals.h | 2 +- include/libxml/xmlerror.h | 2 +- include/libxml/xmlstring.h | 8 ++--- libxml.h | 2 +- parser.c | 37 +++++++++++----------- parserInternals.c | 4 +-- relaxng.c | 4 +-- schematron.c | 2 +- testModule.c | 2 +- valid.c | 8 ++--- xinclude.c | 4 +-- xmlIO.c | 14 ++++----- xmllint.c | 20 ++++++------ xmlreader.c | 16 +++++++--- xmlschemas.c | 66 ++++++++++++++++++++-------------------- xmlstring.c | 4 +-- xmlwriter.c | 4 +-- xpath.c | 2 +- xpointer.c | 2 +- 27 files changed, 121 insertions(+), 114 deletions(-) --- From 502f6a6d08b08c04b3ddfb1cd21b2f699c1b7f5b Mon Sep 17 00:00:00 2001 From: David Kilzer <ddkilzer@apple.com> Date: Mon, 23 May 2016 14:58:41 +0800 Subject: More format string warnings with possible format string vulnerability For https://bugzilla.gnome.org/show_bug.cgi?id=761029 adds a new xmlEscapeFormatString() function to escape composed format strings --- libxml.h | 3 +++ relaxng.c | 3 ++- xmlschemas.c | 39 ++++++++++++++++++++++++++------------- xmlstring.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 86 insertions(+), 14 deletions(-) Index: libxml2-2.9.1/HTMLparser.c =================================================================== --- libxml2-2.9.1.orig/HTMLparser.c +++ libxml2-2.9.1/HTMLparser.c @@ -105,7 +105,7 @@ htmlErrMemory(xmlParserCtxtPtr ctxt, con * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) htmlParseErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, const xmlChar *str2) { @@ -132,7 +132,7 @@ htmlParseErr(xmlParserCtxtPtr ctxt, xmlP * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) htmlParseErrInt(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, int val) { Index: libxml2-2.9.1/SAX2.c =================================================================== --- libxml2-2.9.1.orig/SAX2.c +++ libxml2-2.9.1/SAX2.c @@ -55,7 +55,7 @@ * @ctxt: an XML validation parser context * @msg: a string to accompany the error message */ -static void +static void LIBXML_ATTR_FORMAT(2,0) xmlSAX2ErrMemory(xmlParserCtxtPtr ctxt, const char *msg) { xmlStructuredErrorFunc schannel = NULL; const char *str1 = "out of memory\n"; @@ -93,7 +93,7 @@ xmlSAX2ErrMemory(xmlParserCtxtPtr ctxt, * * Handle a validation error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlErrValid(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const char *str1, const char *str2) { @@ -133,7 +133,7 @@ xmlErrValid(xmlParserCtxtPtr ctxt, xmlPa * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, const xmlChar *str2) { @@ -164,7 +164,7 @@ xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xm * * Handle a parser warning */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlWarnMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1) { @@ -189,7 +189,7 @@ xmlWarnMsg(xmlParserCtxtPtr ctxt, xmlPar * * Handle a namespace error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlNsErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, const xmlChar *str2) { @@ -213,7 +213,7 @@ xmlNsErrMsg(xmlParserCtxtPtr ctxt, xmlPa * * Handle a namespace warning */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlNsWarnMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, const xmlChar *str2) { Index: libxml2-2.9.1/catalog.c =================================================================== --- libxml2-2.9.1.orig/catalog.c +++ libxml2-2.9.1/catalog.c @@ -238,7 +238,7 @@ xmlCatalogErrMemory(const char *extra) * * Handle a catalog error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlCatalogErr(xmlCatalogEntryPtr catal, xmlNodePtr node, int error, const char *msg, const xmlChar *str1, const xmlChar *str2, const xmlChar *str3) Index: libxml2-2.9.1/configure.in =================================================================== --- libxml2-2.9.1.orig/configure.in +++ libxml2-2.9.1/configure.in @@ -705,7 +705,7 @@ else fi # warnings we'd like to see - CFLAGS="${CFLAGS} -pedantic -W -Wformat -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls" + CFLAGS="${CFLAGS} -pedantic -W -Wformat -Wno-format-extra-args -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls" # warnings we'd like to supress CFLAGS="${CFLAGS} -Wno-long-long" case "${host}" in @@ -920,7 +920,7 @@ if [[ "${LOGNAME}" = "veillard" -a "`pwd fi fi if test "${GCC}" = "yes" ; then - CFLAGS="-g -O -pedantic -W -Wformat -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wformat -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls -Wall" + CFLAGS="-g -O -pedantic -W -Wformat -Wno-format-extra-args -Wunused -Wimplicit -Wreturn-type -Wswitch -Wcomment -Wtrigraphs -Wchar-subscripts -Wuninitialized -Wparentheses -Wshadow -Wpointer-arith -Wcast-align -Wwrite-strings -Waggregate-return -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline -Wredundant-decls -Wall" fi STATIC_BINARIES="-static" dnl -Wcast-qual -ansi Index: libxml2-2.9.1/debugXML.c =================================================================== --- libxml2-2.9.1.orig/debugXML.c +++ libxml2-2.9.1/debugXML.c @@ -164,7 +164,7 @@ xmlDebugErr(xmlDebugCtxtPtr ctxt, int er NULL, NULL, NULL, 0, 0, "%s", msg); } -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlDebugErr2(xmlDebugCtxtPtr ctxt, int error, const char *msg, int extra) { ctxt->errors++; @@ -174,7 +174,7 @@ xmlDebugErr2(xmlDebugCtxtPtr ctxt, int e NULL, NULL, NULL, 0, 0, msg, extra); } -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlDebugErr3(xmlDebugCtxtPtr ctxt, int error, const char *msg, const char *extra) { ctxt->errors++; Index: libxml2-2.9.1/encoding.c =================================================================== --- libxml2-2.9.1.orig/encoding.c +++ libxml2-2.9.1/encoding.c @@ -93,7 +93,7 @@ xmlEncodingErrMemory(const char *extra) * * n encoding error */ -static void +static void LIBXML_ATTR_FORMAT(2,0) xmlEncodingErr(xmlParserErrors error, const char *msg, const char *val) { __xmlRaiseError(NULL, NULL, NULL, NULL, NULL, Index: libxml2-2.9.1/entities.c =================================================================== --- libxml2-2.9.1.orig/entities.c +++ libxml2-2.9.1/entities.c @@ -83,7 +83,7 @@ xmlEntitiesErrMemory(const char *extra) * * Handle an out of memory condition */ -static void +static void LIBXML_ATTR_FORMAT(2,0) xmlEntitiesErr(xmlParserErrors code, const char *msg) { __xmlSimpleError(XML_FROM_TREE, code, NULL, msg, NULL); Index: libxml2-2.9.1/error.c =================================================================== --- libxml2-2.9.1.orig/error.c +++ libxml2-2.9.1/error.c @@ -18,7 +18,7 @@ void XMLCDECL xmlGenericErrorDefaultFunc (void *ctx ATTRIBUTE_UNUSED, const char *msg, - ...); + ...) LIBXML_ATTR_FORMAT(2,3); #define XML_GET_VAR_STR(msg, str) { \ int size, prev_size = -1; \ Index: libxml2-2.9.1/include/libxml/parserInternals.h =================================================================== --- libxml2-2.9.1.orig/include/libxml/parserInternals.h +++ libxml2-2.9.1/include/libxml/parserInternals.h @@ -351,7 +351,7 @@ XMLPUBFUN void XMLCALL xmlParserErrors xmlerr, const char *msg, const xmlChar * str1, - const xmlChar * str2); + const xmlChar * str2) LIBXML_ATTR_FORMAT(3,0); #endif /** Index: libxml2-2.9.1/include/libxml/xmlerror.h =================================================================== --- libxml2-2.9.1.orig/include/libxml/xmlerror.h +++ libxml2-2.9.1/include/libxml/xmlerror.h @@ -937,7 +937,7 @@ XMLPUBFUN void XMLCALL int code, xmlNodePtr node, const char *msg, - const char *extra); + const char *extra) LIBXML_ATTR_FORMAT(4,0); #endif #ifdef __cplusplus } Index: libxml2-2.9.1/include/libxml/xmlstring.h =================================================================== --- libxml2-2.9.1.orig/include/libxml/xmlstring.h +++ libxml2-2.9.1/include/libxml/xmlstring.h @@ -97,13 +97,13 @@ XMLPUBFUN xmlChar * XMLCALL XMLPUBFUN int XMLCALL xmlStrPrintf (xmlChar *buf, int len, - const xmlChar *msg, - ...); + const char *msg, + ...) LIBXML_ATTR_FORMAT(3,4); XMLPUBFUN int XMLCALL xmlStrVPrintf (xmlChar *buf, int len, - const xmlChar *msg, - va_list ap); + const char *msg, + va_list ap) LIBXML_ATTR_FORMAT(3,0); XMLPUBFUN int XMLCALL xmlGetUTF8Char (const unsigned char *utf, Index: libxml2-2.9.1/libxml.h =================================================================== --- libxml2-2.9.1.orig/libxml.h +++ libxml2-2.9.1/libxml.h @@ -9,6 +9,8 @@ #ifndef __XML_LIBXML_H__ #define __XML_LIBXML_H__ +#include <libxml/xmlstring.h> + #ifndef NO_LARGEFILE_SOURCE #ifndef _LARGEFILE_SOURCE #define _LARGEFILE_SOURCE @@ -68,7 +70,7 @@ extern int __xmlRegisterCallbacks; * internal error reporting routines, shared but not partof the API. */ void __xmlIOErr(int domain, int code, const char *extra); -void __xmlLoaderErr(void *ctx, const char *msg, const char *filename); +void __xmlLoaderErr(void *ctx, const char *msg, const char *filename) LIBXML_ATTR_FORMAT(2,0); #ifdef LIBXML_HTML_ENABLED /* * internal function of HTML parser needed for xmlParseInNodeContext @@ -93,6 +95,7 @@ int __xmlInitializeDict(void); int __xmlRandom(void); #endif +XMLPUBFUN xmlChar * XMLCALL xmlEscapeFormatString(xmlChar **msg); int xmlNop(void); #ifdef IN_LIBXML Index: libxml2-2.9.1/parser.c =================================================================== --- libxml2-2.9.1.orig/parser.c +++ libxml2-2.9.1/parser.c @@ -346,7 +346,6 @@ static void xmlFatalErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *info) { const char *errmsg; - char errstr[129] = ""; if ((ctxt != NULL) && (ctxt->disableSAX != 0) && (ctxt->instate == XML_PARSER_EOF)) @@ -533,15 +532,17 @@ xmlFatalErr(xmlParserCtxtPtr ctxt, xmlPa default: errmsg = "Unregistered error message"; } - if (info == NULL) - snprintf(errstr, 128, "%s\n", errmsg); - else - snprintf(errstr, 128, "%s: %%s\n", errmsg); if (ctxt != NULL) ctxt->errNo = error; - __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_PARSER, error, - XML_ERR_FATAL, NULL, 0, info, NULL, NULL, 0, 0, &errstr[0], - info); + if (info == NULL) { + __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_PARSER, error, + XML_ERR_FATAL, NULL, 0, info, NULL, NULL, 0, 0, "%s\n", + errmsg); + } else { + __xmlRaiseError(NULL, NULL, NULL, ctxt, NULL, XML_FROM_PARSER, error, + XML_ERR_FATAL, NULL, 0, info, NULL, NULL, 0, 0, "%s: %s\n", + errmsg, info); + } if (ctxt != NULL) { ctxt->wellFormed = 0; if (ctxt->recovery == 0) @@ -557,7 +558,7 @@ xmlFatalErr(xmlParserCtxtPtr ctxt, xmlPa * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg) { @@ -585,7 +586,7 @@ xmlFatalErrMsg(xmlParserCtxtPtr ctxt, xm * * Handle a warning. */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlWarningMsg(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, const xmlChar *str2) { @@ -623,7 +624,7 @@ xmlWarningMsg(xmlParserCtxtPtr ctxt, xml * * Handle a validity error. */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlValidityError(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, const xmlChar *str2) { @@ -663,7 +664,7 @@ xmlValidityError(xmlParserCtxtPtr ctxt, * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlFatalErrMsgInt(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, int val) { @@ -693,7 +694,7 @@ xmlFatalErrMsgInt(xmlParserCtxtPtr ctxt, * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlFatalErrMsgStrIntStr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar *str1, int val, const xmlChar *str2) @@ -723,7 +724,7 @@ xmlFatalErrMsgStrIntStr(xmlParserCtxtPtr * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlFatalErrMsgStr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar * val) { @@ -752,7 +753,7 @@ xmlFatalErrMsgStr(xmlParserCtxtPtr ctxt, * * Handle a non fatal parser error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlErrMsgStr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar * val) { @@ -777,7 +778,7 @@ xmlErrMsgStr(xmlParserCtxtPtr ctxt, xmlP * * Handle a fatal parser error, i.e. violating Well-Formedness constraints */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlNsErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar * info1, const xmlChar * info2, @@ -806,7 +807,7 @@ xmlNsErr(xmlParserCtxtPtr ctxt, xmlParse * * Handle a namespace warning error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlNsWarn(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, const xmlChar * info1, const xmlChar * info2, @@ -5470,7 +5471,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt skipped = SKIP_BLANKS; if (skipped == 0) { xmlFatalErrMsg(ctxt, XML_ERR_SPACE_REQUIRED, - "Space required after '%'\n"); + "Space required after '%%'\n"); } isParameter = 1; } Index: libxml2-2.9.1/parserInternals.c =================================================================== --- libxml2-2.9.1.orig/parserInternals.c +++ libxml2-2.9.1/parserInternals.c @@ -169,7 +169,7 @@ __xmlErrEncoding(xmlParserCtxtPtr ctxt, * * Handle an internal error */ -static void +static void LIBXML_ATTR_FORMAT(2,0) xmlErrInternal(xmlParserCtxtPtr ctxt, const char *msg, const xmlChar * str) { if ((ctxt != NULL) && (ctxt->disableSAX != 0) && @@ -197,7 +197,7 @@ xmlErrInternal(xmlParserCtxtPtr ctxt, co * * n encoding error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlErrEncodingInt(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *msg, int val) { Index: libxml2-2.9.1/relaxng.c =================================================================== --- libxml2-2.9.1.orig/relaxng.c +++ libxml2-2.9.1/relaxng.c @@ -507,7 +507,7 @@ xmlRngVErrMemory(xmlRelaxNGValidCtxtPtr * * Handle a Relax NG Parsing error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlRngPErr(xmlRelaxNGParserCtxtPtr ctxt, xmlNodePtr node, int error, const char *msg, const xmlChar * str1, const xmlChar * str2) { @@ -541,7 +541,7 @@ xmlRngPErr(xmlRelaxNGParserCtxtPtr ctxt, * * Handle a Relax NG Validation error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlRngVErr(xmlRelaxNGValidCtxtPtr ctxt, xmlNodePtr node, int error, const char *msg, const xmlChar * str1, const xmlChar * str2) { @@ -2215,7 +2215,8 @@ xmlRelaxNGGetErrorString(xmlRelaxNGValid snprintf(msg, 1000, "Unknown error code %d\n", err); } msg[1000 - 1] = 0; - return (xmlStrdup((xmlChar *) msg)); + xmlChar *result = xmlCharStrdup(msg); + return (xmlEscapeFormatString(&result)); } /** Index: libxml2-2.9.1/schematron.c =================================================================== --- libxml2-2.9.1.orig/schematron.c +++ libxml2-2.9.1/schematron.c @@ -243,7 +243,7 @@ xmlSchematronPErrMemory(xmlSchematronPar * * Handle a parser error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlSchematronPErr(xmlSchematronParserCtxtPtr ctxt, xmlNodePtr node, int error, const char *msg, const xmlChar * str1, const xmlChar * str2) { Index: libxml2-2.9.1/testModule.c =================================================================== --- libxml2-2.9.1.orig/testModule.c +++ libxml2-2.9.1/testModule.c @@ -47,7 +47,7 @@ int main(int argc ATTRIBUTE_UNUSED, char /* build the module filename, and confirm the module exists */ xmlStrPrintf(filename, sizeof(filename), - (const xmlChar*) "%s/testdso%s", + "%s/testdso%s", (const xmlChar*)MODULE_PATH, (const xmlChar*)LIBXML_MODULE_EXTENSION); Index: libxml2-2.9.1/valid.c =================================================================== --- libxml2-2.9.1.orig/valid.c +++ libxml2-2.9.1/valid.c @@ -93,7 +93,7 @@ xmlVErrMemory(xmlValidCtxtPtr ctxt, cons * * Handle a validation error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlErrValid(xmlValidCtxtPtr ctxt, xmlParserErrors error, const char *msg, const char *extra) { @@ -137,7 +137,7 @@ xmlErrValid(xmlValidCtxtPtr ctxt, xmlPar * * Handle a validation error, provide contextual informations */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlErrValidNode(xmlValidCtxtPtr ctxt, xmlNodePtr node, xmlParserErrors error, const char *msg, const xmlChar * str1, @@ -180,7 +180,7 @@ xmlErrValidNode(xmlValidCtxtPtr ctxt, * * Handle a validation error, provide contextual informations */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlErrValidNodeNr(xmlValidCtxtPtr ctxt, xmlNodePtr node, xmlParserErrors error, const char *msg, const xmlChar * str1, @@ -221,7 +221,7 @@ xmlErrValidNodeNr(xmlValidCtxtPtr ctxt, * * Handle a validation error, provide contextual information */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlErrValidWarning(xmlValidCtxtPtr ctxt, xmlNodePtr node, xmlParserErrors error, const char *msg, const xmlChar * str1, Index: libxml2-2.9.1/xinclude.c =================================================================== --- libxml2-2.9.1.orig/xinclude.c +++ libxml2-2.9.1/xinclude.c @@ -124,7 +124,7 @@ xmlXIncludeErrMemory(xmlXIncludeCtxtPtr * * Handle an XInclude error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlXIncludeErr(xmlXIncludeCtxtPtr ctxt, xmlNodePtr node, int error, const char *msg, const xmlChar *extra) { @@ -146,7 +146,7 @@ xmlXIncludeErr(xmlXIncludeCtxtPtr ctxt, * * Emit an XInclude warning. */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlXIncludeWarn(xmlXIncludeCtxtPtr ctxt, xmlNodePtr node, int error, const char *msg, const xmlChar *extra) { Index: libxml2-2.9.1/xmlIO.c =================================================================== --- libxml2-2.9.1.orig/xmlIO.c +++ libxml2-2.9.1/xmlIO.c @@ -1590,7 +1590,7 @@ xmlCreateZMemBuff( int compression ) { xmlFreeZMemBuff( buff ); buff = NULL; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlCreateZMemBuff: %s %d\n", + "xmlCreateZMemBuff: %s %d\n", "Error initializing compression context. ZLIB error:", z_err ); xmlIOErr(XML_IO_WRITE, (const char *) msg); @@ -1658,7 +1658,7 @@ xmlZMemBuffExtend( xmlZMemBuffPtr buff, else { xmlChar msg[500]; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlZMemBuffExtend: %s %lu bytes.\n", + "xmlZMemBuffExtend: %s %lu bytes.\n", "Allocation failure extending output buffer to", new_size ); xmlIOErr(XML_IO_WRITE, (const char *) msg); @@ -1704,7 +1704,7 @@ xmlZMemBuffAppend( xmlZMemBuffPtr buff, if ( z_err != Z_OK ) { xmlChar msg[500]; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlZMemBuffAppend: %s %d %s - %d", + "xmlZMemBuffAppend: %s %d %s - %d", "Compression error while appending", len, "bytes to buffer. ZLIB error", z_err ); xmlIOErr(XML_IO_WRITE, (const char *) msg); @@ -1777,7 +1777,7 @@ xmlZMemBuffGetContent( xmlZMemBuffPtr bu else { xmlChar msg[500]; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlZMemBuffGetContent: %s - %d\n", + "xmlZMemBuffGetContent: %s - %d\n", "Error flushing zlib buffers. Error code", z_err ); xmlIOErr(XML_IO_WRITE, (const char *) msg); } @@ -1982,7 +1982,7 @@ xmlIOHTTPWrite( void * context, const ch if ( len < 0 ) { xmlChar msg[500]; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlIOHTTPWrite: %s\n%s '%s'.\n", + "xmlIOHTTPWrite: %s\n%s '%s'.\n", "Error appending to internal buffer.", "Error sending document to URI", ctxt->uri ); @@ -2054,7 +2054,7 @@ xmlIOHTTPCloseWrite( void * context, con if ( http_content == NULL ) { xmlChar msg[500]; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlIOHTTPCloseWrite: %s '%s' %s '%s'.\n", + "xmlIOHTTPCloseWrite: %s '%s' %s '%s'.\n", "Error retrieving content.\nUnable to", http_mthd, "data to URI", ctxt->uri ); xmlIOErr(XML_IO_WRITE, (const char *) msg); @@ -2126,7 +2126,7 @@ xmlIOHTTPCloseWrite( void * context, con else { xmlChar msg[500]; xmlStrPrintf(msg, 500, - (const xmlChar *) "xmlIOHTTPCloseWrite: HTTP '%s' of %d %s\n'%s' %s %d\n", + "xmlIOHTTPCloseWrite: HTTP '%s' of %d %s\n'%s' %s %d\n", http_mthd, content_lgth, "bytes to URI", ctxt->uri, "failed. HTTP return code:", http_rtn ); Index: libxml2-2.9.1/xmllint.c =================================================================== --- libxml2-2.9.1.orig/xmllint.c +++ libxml2-2.9.1/xmllint.c @@ -449,7 +449,7 @@ startTimer(void) * message about the timing performed; format is a printf * type argument */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(1,2) endTimer(const char *fmt, ...) { long msec; @@ -485,7 +485,7 @@ startTimer(void) { begin = clock(); } -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(1,2) endTimer(const char *fmt, ...) { long msec; @@ -514,7 +514,7 @@ startTimer(void) * Do nothing */ } -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(1,2) endTimer(char *format, ...) { /* @@ -634,7 +634,7 @@ xmlHTMLPrintFileContext(xmlParserInputPt * Display and format an error messages, gives file, line, position and * extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) xmlHTMLError(void *ctx, const char *msg, ...) { xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; @@ -671,7 +671,7 @@ xmlHTMLError(void *ctx, const char *msg, * Display and format a warning messages, gives file, line, position and * extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) xmlHTMLWarning(void *ctx, const char *msg, ...) { xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; @@ -709,7 +709,7 @@ xmlHTMLWarning(void *ctx, const char *ms * Display and format an validity error messages, gives file, * line, position and extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) xmlHTMLValidityError(void *ctx, const char *msg, ...) { xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; @@ -746,7 +746,7 @@ xmlHTMLValidityError(void *ctx, const ch * Display and format a validity warning messages, gives file, line, * position and extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) xmlHTMLValidityWarning(void *ctx, const char *msg, ...) { xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) ctx; @@ -1410,7 +1410,7 @@ commentDebug(void *ctx ATTRIBUTE_UNUSED, * Display and format a warning messages, gives file, line, position and * extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) warningDebug(void *ctx ATTRIBUTE_UNUSED, const char *msg, ...) { va_list args; @@ -1433,7 +1433,7 @@ warningDebug(void *ctx ATTRIBUTE_UNUSED, * Display and format a error messages, gives file, line, position and * extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) errorDebug(void *ctx ATTRIBUTE_UNUSED, const char *msg, ...) { va_list args; @@ -1456,7 +1456,7 @@ errorDebug(void *ctx ATTRIBUTE_UNUSED, c * Display and format a fatalError messages, gives file, line, position and * extra parameters. */ -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) fatalErrorDebug(void *ctx ATTRIBUTE_UNUSED, const char *msg, ...) { va_list args; Index: libxml2-2.9.1/xmlreader.c =================================================================== --- libxml2-2.9.1.orig/xmlreader.c +++ libxml2-2.9.1/xmlreader.c @@ -4036,13 +4036,19 @@ xmlTextReaderCurrentDoc(xmlTextReaderPtr } #ifdef LIBXML_SCHEMAS_ENABLED -static char *xmlTextReaderBuildMessage(const char *msg, va_list ap); +static char *xmlTextReaderBuildMessage(const char *msg, va_list ap) LIBXML_ATTR_FORMAT(1,0); static void XMLCDECL -xmlTextReaderValidityError(void *ctxt, const char *msg, ...); +xmlTextReaderValidityError(void *ctxt, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); static void XMLCDECL -xmlTextReaderValidityWarning(void *ctxt, const char *msg, ...); +xmlTextReaderValidityWarning(void *ctxt, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); + +static void XMLCDECL +xmlTextReaderValidityErrorRelay(void *ctx, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); + +static void XMLCDECL +xmlTextReaderValidityWarningRelay(void *ctx, const char *msg, ...) LIBXML_ATTR_FORMAT(2,3); static void XMLCDECL xmlTextReaderValidityErrorRelay(void *ctx, const char *msg, ...) @@ -4836,7 +4842,7 @@ xmlTextReaderStructuredError(void *ctxt, } } -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) xmlTextReaderError(void *ctxt, const char *msg, ...) { va_list ap; @@ -4849,7 +4855,7 @@ xmlTextReaderError(void *ctxt, const cha } -static void XMLCDECL +static void XMLCDECL LIBXML_ATTR_FORMAT(2,3) xmlTextReaderWarning(void *ctxt, const char *msg, ...) { va_list ap; Index: libxml2-2.9.1/xmlschemas.c =================================================================== --- libxml2-2.9.1.orig/xmlschemas.c +++ libxml2-2.9.1/xmlschemas.c @@ -1085,7 +1085,7 @@ xmlSchemaGetUnionSimpleTypeMemberTypes(x static void xmlSchemaInternalErr(xmlSchemaAbstractCtxtPtr actxt, const char *funcName, - const char *message); + const char *message) LIBXML_ATTR_FORMAT(3,0); static int xmlSchemaCheckCOSSTDerivedOK(xmlSchemaAbstractCtxtPtr ctxt, xmlSchemaTypePtr type, @@ -1769,7 +1769,7 @@ xmlSchemaFormatItemForReport(xmlChar **b } FREE_AND_NULL(str) - return (*buf); + return (xmlEscapeFormatString(buf)); } /** @@ -1889,7 +1889,7 @@ xmlSchemaPErrMemory(xmlSchemaParserCtxtP * * Handle a parser error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlSchemaPErr(xmlSchemaParserCtxtPtr ctxt, xmlNodePtr node, int error, const char *msg, const xmlChar * str1, const xmlChar * str2) { @@ -1922,7 +1922,7 @@ xmlSchemaPErr(xmlSchemaParserCtxtPtr ctx * * Handle a parser error */ -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaPErr2(xmlSchemaParserCtxtPtr ctxt, xmlNodePtr node, xmlNodePtr child, int error, const char *msg, const xmlChar * str1, const xmlChar * str2) @@ -1951,7 +1951,7 @@ xmlSchemaPErr2(xmlSchemaParserCtxtPtr ct * * Handle a parser error */ -static void +static void LIBXML_ATTR_FORMAT(7,0) xmlSchemaPErrExt(xmlSchemaParserCtxtPtr ctxt, xmlNodePtr node, int error, const xmlChar * strData1, const xmlChar * strData2, const xmlChar * strData3, const char *msg, const xmlChar * str1, @@ -2002,7 +2002,7 @@ xmlSchemaVErrMemory(xmlSchemaValidCtxtPt extra); } -static void +static void LIBXML_ATTR_FORMAT(2,0) xmlSchemaPSimpleInternalErr(xmlNodePtr node, const char *msg, const xmlChar *str) { @@ -2013,18 +2013,21 @@ xmlSchemaPSimpleInternalErr(xmlNodePtr n #define WXS_ERROR_TYPE_ERROR 1 #define WXS_ERROR_TYPE_WARNING 2 /** - * xmlSchemaErr3: + * xmlSchemaErr4Line: * @ctxt: the validation context - * @node: the context node + * @errorLevel: the error level * @error: the error code + * @node: the context node + * @line: the line number * @msg: the error message * @str1: extra data * @str2: extra data * @str3: extra data + * @str4: extra data * * Handle a validation error */ -static void +static void LIBXML_ATTR_FORMAT(6,0) xmlSchemaErr4Line(xmlSchemaAbstractCtxtPtr ctxt, xmlErrorLevel errorLevel, int error, xmlNodePtr node, int line, const char *msg, @@ -2137,7 +2140,7 @@ xmlSchemaErr4Line(xmlSchemaAbstractCtxtP * * Handle a validation error */ -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlSchemaErr3(xmlSchemaAbstractCtxtPtr actxt, int error, xmlNodePtr node, const char *msg, const xmlChar *str1, const xmlChar *str2, const xmlChar *str3) @@ -2146,7 +2149,7 @@ xmlSchemaErr3(xmlSchemaAbstractCtxtPtr a msg, str1, str2, str3, NULL); } -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlSchemaErr4(xmlSchemaAbstractCtxtPtr actxt, int error, xmlNodePtr node, const char *msg, const xmlChar *str1, const xmlChar *str2, @@ -2156,7 +2159,7 @@ xmlSchemaErr4(xmlSchemaAbstractCtxtPtr a msg, str1, str2, str3, str4); } -static void +static void LIBXML_ATTR_FORMAT(4,0) xmlSchemaErr(xmlSchemaAbstractCtxtPtr actxt, int error, xmlNodePtr node, const char *msg, const xmlChar *str1, const xmlChar *str2) @@ -2179,7 +2182,7 @@ xmlSchemaFormatNodeForError(xmlChar ** m /* * Don't try to format other nodes than element and * attribute nodes. - * Play save and return an empty string. + * Play safe and return an empty string. */ *msg = xmlStrdup(BAD_CAST ""); return(*msg); @@ -2244,6 +2247,13 @@ xmlSchemaFormatNodeForError(xmlChar ** m TODO return (NULL); } + + /* + * xmlSchemaFormatItemForReport() also returns an escaped format + * string, so do this before calling it below (in the future). + */ + xmlEscapeFormatString(msg); + /* * VAL TODO: The output of the given schema component is currently * disabled. @@ -2260,7 +2270,7 @@ xmlSchemaFormatNodeForError(xmlChar ** m return (*msg); } -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlSchemaInternalErr2(xmlSchemaAbstractCtxtPtr actxt, const char *funcName, const char *message, @@ -2271,24 +2281,21 @@ xmlSchemaInternalErr2(xmlSchemaAbstractC if (actxt == NULL) return; - msg = xmlStrdup(BAD_CAST "Internal error: "); - msg = xmlStrcat(msg, BAD_CAST funcName); - msg = xmlStrcat(msg, BAD_CAST ", "); + msg = xmlStrdup(BAD_CAST "Internal error: %s, "); msg = xmlStrcat(msg, BAD_CAST message); msg = xmlStrcat(msg, BAD_CAST ".\n"); if (actxt->type == XML_SCHEMA_CTXT_VALIDATOR) - xmlSchemaErr(actxt, XML_SCHEMAV_INTERNAL, NULL, - (const char *) msg, str1, str2); - + xmlSchemaErr3(actxt, XML_SCHEMAV_INTERNAL, NULL, + (const char *) msg, (const xmlChar *) funcName, str1, str2); else if (actxt->type == XML_SCHEMA_CTXT_PARSER) - xmlSchemaErr(actxt, XML_SCHEMAP_INTERNAL, NULL, - (const char *) msg, str1, str2); + xmlSchemaErr3(actxt, XML_SCHEMAP_INTERNAL, NULL, + (const char *) msg, (const xmlChar *) funcName, str1, str2); FREE_AND_NULL(msg) } -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlSchemaInternalErr(xmlSchemaAbstractCtxtPtr actxt, const char *funcName, const char *message) @@ -2297,7 +2304,7 @@ xmlSchemaInternalErr(xmlSchemaAbstractCt } #if 0 -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlSchemaPInternalErr(xmlSchemaParserCtxtPtr pctxt, const char *funcName, const char *message, @@ -2309,7 +2316,7 @@ xmlSchemaPInternalErr(xmlSchemaParserCtx } #endif -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaCustomErr4(xmlSchemaAbstractCtxtPtr actxt, xmlParserErrors error, xmlNodePtr node, @@ -2334,7 +2341,7 @@ xmlSchemaCustomErr4(xmlSchemaAbstractCtx FREE_AND_NULL(msg) } -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaCustomErr(xmlSchemaAbstractCtxtPtr actxt, xmlParserErrors error, xmlNodePtr node, @@ -2349,7 +2356,7 @@ xmlSchemaCustomErr(xmlSchemaAbstractCtxt -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaCustomWarning(xmlSchemaAbstractCtxtPtr actxt, xmlParserErrors error, xmlNodePtr node, @@ -2374,7 +2381,7 @@ xmlSchemaCustomWarning(xmlSchemaAbstract -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaKeyrefErr(xmlSchemaValidCtxtPtr vctxt, xmlParserErrors error, xmlSchemaPSVIIDCNodePtr idcNode, @@ -2474,11 +2481,13 @@ xmlSchemaSimpleTypeErr(xmlSchemaAbstract msg = xmlStrcat(msg, BAD_CAST " '"); if (type->builtInType != 0) { msg = xmlStrcat(msg, BAD_CAST "xs:"); - msg = xmlStrcat(msg, type->name); - } else - msg = xmlStrcat(msg, - xmlSchemaFormatQName(&str, - type->targetNamespace, type->name)); + str = xmlStrdup(type->name); + } else { + const xmlChar *qName = xmlSchemaFormatQName(&str, type->targetNamespace, type->name); + if (!str) + str = xmlStrdup(qName); + } + msg = xmlStrcat(msg, xmlEscapeFormatString(&str)); msg = xmlStrcat(msg, BAD_CAST "'"); FREE_AND_NULL(str); } @@ -2523,7 +2532,7 @@ xmlSchemaIllegalAttrErr(xmlSchemaAbstrac FREE_AND_NULL(msg) } -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaComplexTypeErr(xmlSchemaAbstractCtxtPtr actxt, xmlParserErrors error, xmlNodePtr node, @@ -2615,7 +2624,7 @@ xmlSchemaComplexTypeErr(xmlSchemaAbstrac str = xmlStrcat(str, BAD_CAST ", "); } str = xmlStrcat(str, BAD_CAST " ).\n"); - msg = xmlStrcat(msg, BAD_CAST str); + msg = xmlStrcat(msg, xmlEscapeFormatString(&str)); FREE_AND_NULL(str) } else msg = xmlStrcat(msg, BAD_CAST "\n"); @@ -2623,7 +2632,7 @@ xmlSchemaComplexTypeErr(xmlSchemaAbstrac xmlFree(msg); } -static void +static void LIBXML_ATTR_FORMAT(8,0) xmlSchemaFacetErr(xmlSchemaAbstractCtxtPtr actxt, xmlParserErrors error, xmlNodePtr node, @@ -2914,7 +2923,7 @@ xmlSchemaPIllegalAttrErr(xmlSchemaParser * * Reports an error during parsing. */ -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaPCustomErrExt(xmlSchemaParserCtxtPtr ctxt, xmlParserErrors error, xmlSchemaBasicItemPtr item, @@ -2950,7 +2959,7 @@ xmlSchemaPCustomErrExt(xmlSchemaParserCt * * Reports an error during parsing. */ -static void +static void LIBXML_ATTR_FORMAT(5,0) xmlSchemaPCustomErr(xmlSchemaParserCtxtPtr ctxt, xmlParserErrors error, xmlSchemaBasicItemPtr item, @@ -2975,7 +2984,7 @@ xmlSchemaPCustomErr(xmlSchemaParserCtxtP * * Reports an attribute use error during parsing. */ -static void +static void LIBXML_ATTR_FORMAT(6,0) xmlSchemaPAttrUseErr4(xmlSchemaParserCtxtPtr ctxt, xmlParserErrors error, xmlNodePtr node, @@ -3097,7 +3106,7 @@ xmlSchemaPMutualExclAttrErr(xmlSchemaPar * Reports a simple type validation error. * TODO: Should this report the value of an element as well? */ -static void +static void LIBXML_ATTR_FORMAT(8,0) xmlSchemaPSimpleTypeErr(xmlSchemaParserCtxtPtr ctxt, xmlParserErrors error, xmlSchemaBasicItemPtr ownerItem ATTRIBUTE_UNUSED, @@ -3139,11 +3148,13 @@ xmlSchemaPSimpleTypeErr(xmlSchemaParserC msg = xmlStrcat(msg, BAD_CAST " '"); if (type->builtInType != 0) { msg = xmlStrcat(msg, BAD_CAST "xs:"); - msg = xmlStrcat(msg, type->name); - } else - msg = xmlStrcat(msg, - xmlSchemaFormatQName(&str, - type->targetNamespace, type->name)); + str = xmlStrdup(type->name); + } else { + const xmlChar *qName = xmlSchemaFormatQName(&str, type->targetNamespace, type->name); + if (!str) + str = xmlStrdup(qName); + } + msg = xmlStrcat(msg, xmlEscapeFormatString(&str)); msg = xmlStrcat(msg, BAD_CAST "'."); FREE_AND_NULL(str); } @@ -3156,7 +3167,9 @@ xmlSchemaPSimpleTypeErr(xmlSchemaParserC } if (expected) { msg = xmlStrcat(msg, BAD_CAST " Expected is '"); - msg = xmlStrcat(msg, BAD_CAST expected); + xmlChar *expectedEscaped = xmlCharStrdup(expected); + msg = xmlStrcat(msg, xmlEscapeFormatString(&expectedEscaped)); + FREE_AND_NULL(expectedEscaped); msg = xmlStrcat(msg, BAD_CAST "'.\n"); } else msg = xmlStrcat(msg, BAD_CAST "\n"); Index: libxml2-2.9.1/xmlstring.c =================================================================== --- libxml2-2.9.1.orig/xmlstring.c +++ libxml2-2.9.1/xmlstring.c @@ -545,7 +545,7 @@ xmlStrcat(xmlChar *cur, const xmlChar *a * Returns the number of characters written to @buf or -1 if an error occurs. */ int XMLCDECL -xmlStrPrintf(xmlChar *buf, int len, const xmlChar *msg, ...) { +xmlStrPrintf(xmlChar *buf, int len, const char *msg, ...) { va_list args; int ret; @@ -573,7 +573,7 @@ xmlStrPrintf(xmlChar *buf, int len, cons * Returns the number of characters written to @buf or -1 if an error occurs. */ int -xmlStrVPrintf(xmlChar *buf, int len, const xmlChar *msg, va_list ap) { +xmlStrVPrintf(xmlChar *buf, int len, const char *msg, va_list ap) { int ret; if((buf == NULL) || (msg == NULL)) { @@ -987,5 +987,60 @@ xmlUTF8Strsub(const xmlChar *utf, int st return(xmlUTF8Strndup(utf, len)); } +/** + * xmlEscapeFormatString: + * @msg: a pointer to the string in which to escape '%' characters. + * Must be a heap-allocated buffer created by libxml2 that may be + * returned, or that may be freed and replaced. + * + * Replaces the string pointed to by 'msg' with an escaped string. + * Returns the same string with all '%' characters escaped. + */ +xmlChar * +xmlEscapeFormatString(xmlChar **msg) +{ + xmlChar *msgPtr = NULL; + xmlChar *result = NULL; + xmlChar *resultPtr = NULL; + size_t count = 0; + size_t msgLen = 0; + size_t resultLen = 0; + + if (!msg || !*msg) + return(NULL); + + for (msgPtr = *msg; *msgPtr != '\0'; ++msgPtr) { + ++msgLen; + if (*msgPtr == '%') + ++count; + } + + if (count == 0) + return(*msg); + + resultLen = msgLen + count + 1; + result = (xmlChar *) xmlMallocAtomic(resultLen * sizeof(xmlChar)); + if (result == NULL) { + /* Clear *msg to prevent format string vulnerabilities in + out-of-memory situations. */ + xmlFree(*msg); + *msg = NULL; + xmlErrMemory(NULL, NULL); + return(NULL); + } + + for (msgPtr = *msg, resultPtr = result; *msgPtr != '\0'; ++msgPtr, ++resultPtr) { + *resultPtr = *msgPtr; + if (*msgPtr == '%') + *(++resultPtr) = '%'; + } + result[resultLen - 1] = '\0'; + + xmlFree(*msg); + *msg = result; + + return *msg; +} + #define bottom_xmlstring #include "elfgcchack.h" Index: libxml2-2.9.1/xmlwriter.c =================================================================== --- libxml2-2.9.1.orig/xmlwriter.c +++ libxml2-2.9.1/xmlwriter.c @@ -109,7 +109,7 @@ static int xmlTextWriterWriteDocCallback const xmlChar * str, int len); static int xmlTextWriterCloseDocCallback(void *context); -static xmlChar *xmlTextWriterVSprintf(const char *format, va_list argptr); +static xmlChar *xmlTextWriterVSprintf(const char *format, va_list argptr) LIBXML_ATTR_FORMAT(1,0); static int xmlOutputBufferWriteBase64(xmlOutputBufferPtr out, int len, const unsigned char *data); static void xmlTextWriterStartDocumentCallback(void *ctx); @@ -149,7 +149,7 @@ xmlWriterErrMsg(xmlTextWriterPtr ctxt, x * * Handle a writer error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlWriterErrMsgInt(xmlTextWriterPtr ctxt, xmlParserErrors error, const char *msg, int val) { Index: libxml2-2.9.1/xpath.c =================================================================== --- libxml2-2.9.1.orig/xpath.c +++ libxml2-2.9.1/xpath.c @@ -348,7 +348,7 @@ xmlXPathErrMemory(xmlXPathContextPtr ctx xmlChar buf[200]; xmlStrPrintf(buf, 200, - BAD_CAST "Memory allocation failed : %s\n", + "Memory allocation failed : %s\n", extra); ctxt->lastError.message = (char *) xmlStrdup(buf); } else { Index: libxml2-2.9.1/xpointer.c =================================================================== --- libxml2-2.9.1.orig/xpointer.c +++ libxml2-2.9.1/xpointer.c @@ -85,7 +85,7 @@ xmlXPtrErrMemory(const char *extra) * * Handle a redefinition of attribute error */ -static void +static void LIBXML_ATTR_FORMAT(3,0) xmlXPtrErr(xmlXPathParserContextPtr ctxt, int error, const char * msg, const xmlChar *extra) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor