!2 fix CVE-2018-1311

From: @wang_yue111 Reviewed-by: @small_leek Signed-off-by: @small_leek
2021-03-23 18:09:12 +08:00 · 2021-03-23 18:09:12 +08:00 · 5ba8fc19d9
commit 5ba8fc19d9
parent f14987f4a4 88ea30334c
2 changed files with 57 additions and 1 deletions
--- a/CVE-2018-1311.patch
+++ b/CVE-2018-1311.patch
@ -0,0 +1,52 @@
+
+https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1311
+
+--- a/src/xercesc/internal/IGXMLScanner.cpp
+++ b/src/xercesc/internal/IGXMLScanner.cpp
+@@ -1532,7 +1532,6 @@ void IGXMLScanner::scanDocTypeDecl()
+             DTDEntityDecl* declDTD = new (fMemoryManager) DTDEntityDecl(gDTDStr, false, fMemoryManager);
+             declDTD->setSystemId(sysId);
+             declDTD->setIsExternal(true);
+-            Janitor<DTDEntityDecl> janDecl(declDTD);
+ 
+             // Mark this one as a throw at end
+             reader->setThrowAtEnd(true);
+@@ -3095,7 +3094,6 @@ Grammar* IGXMLScanner::loadDTDGrammar(co
+     DTDEntityDecl* declDTD = new (fMemoryManager) DTDEntityDecl(gDTDStr, false, fMemoryManager);
+     declDTD->setSystemId(src.getSystemId());
+     declDTD->setIsExternal(true);
+-    Janitor<DTDEntityDecl> janDecl(declDTD);
+ 
+     // Mark this one as a throw at end
+     newReader->setThrowAtEnd(true);
+--- a/tests/expected/MemHandlerTest1.log
+++ b/tests/expected/MemHandlerTest1.log
+@@ -1,4 +1,4 @@
+-At destruction, domBuilderMemMonitor has 0 bytes.
+-At destruction, sax2MemMonitor has 0 bytes.
+-At destruction, sax1MemMonitor has 0 bytes.
+At destruction, domBuilderMemMonitor has 276 bytes.
+At destruction, sax2MemMonitor has 276 bytes.
+At destruction, sax1MemMonitor has 276 bytes.
+ At destruction, staticMemMonitor has 0 bytes.
+--- /dev/null
+++ b/tests/expected/MemHandlerTest1_32.log
+@@ -0,0 +1,4 @@
+At destruction, domBuilderMemMonitor has 180 bytes.
+At destruction, sax2MemMonitor has 180 bytes.
+At destruction, sax1MemMonitor has 180 bytes.
+At destruction, staticMemMonitor has 0 bytes.
+--- a/scripts/run-test.in
+++ b/scripts/run-test.in
+@@ -46,6 +46,11 @@ run_test() {
+     sed -i -e 's;\( *[0-9][0-9]* *ms *\);{timing removed};' "$output"
+ 
+     exp=$(cat "${srcdir}/expected/${name}.log")
+
+    if [ "${name}" = "MemHandlerTest1" ] && [ "$(dpkg-architecture -q DEB_HOST_ARCH_BITS)" -eq 32 ]; then
+        exp=$(cat "${srcdir}/expected/${name}_32.log")
+    fi
+
+     obs=$(cat "$output")
+ 
+     echo "------"
--- a/xerces-c.spec
+++ b/xerces-c.spec
@ -1,10 +1,11 @@
 Name:	        xerces-c
 Version:        3.2.2
-Release:        2
+Release:        3
 Summary:        A Validating XML Parser
 License:        ASL 2.0
 URL:	        http://xml.apache.org/xerces-c/
 Source0:        http://archive.apache.org/dist/xerces/c/3/sources/xerces-c-%{version}.tar.gz
+Patch1:         CVE-2018-1311.patch

 BuildRequires:	dos2unix

@ -65,5 +66,8 @@ rm -rf $RPM_BUILD_ROOT%{_bindir}
 %doc README NOTICE CREDITS doc _docs/*

 %changelog
+* Tue Mar 23 2021 wangyue <wangyue92@huawei.com> - 3.2.2-3
+- fix CVE-2018-1311
+
 * Thu Mar 05 2020 daiqianwen <daiqianwen@huawei.com> - 3.2.2-2
 - Package init