diff mbox series

[meta-oe,kirkstone,1/5] raptor2: patch CVE-2017-18926

Message ID 20260112112016.515266-1-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,kirkstone,1/5] raptor2: patch CVE-2017-18926 | expand

Commit Message

Gyorgy Sarvari Jan. 12, 2026, 11:20 a.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2017-18926

NVD advisory mentions the original announcement on oss-security
mailing list[1]. This mentions a bug link[2] related to this
vulnerability. The bug mentions the revision of the fix - pick
that patch from the project's git repository.

[1]: https://www.openwall.com/lists/oss-security/2017/06/07/1
[2]: https://bugs.librdf.org/mantis/view.php?id=617

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../raptor2/files/CVE-2017-18926.patch        | 44 +++++++++++++++++++
 .../recipes-support/raptor2/raptor2_2.0.15.bb |  8 ++--
 2 files changed, 48 insertions(+), 4 deletions(-)
 create mode 100644 meta-oe/recipes-support/raptor2/files/CVE-2017-18926.patch
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/raptor2/files/CVE-2017-18926.patch b/meta-oe/recipes-support/raptor2/files/CVE-2017-18926.patch
new file mode 100644
index 0000000000..f3211c899b
--- /dev/null
+++ b/meta-oe/recipes-support/raptor2/files/CVE-2017-18926.patch
@@ -0,0 +1,44 @@ 
+From 686fc0608480f4b2d2f8c60717141ad8e3c5a849 Mon Sep 17 00:00:00 2001
+From: Dave Beckett <dave@dajobe.org>
+Date: Sun, 16 Apr 2017 23:15:12 +0100
+Subject: [PATCH] Calcualte max nspace declarations correctly for XML writer
+
+(raptor_xml_writer_start_element_common): Calculate max including for
+each attribute a potential name and value.
+
+Fixes Issues #0000617 http://bugs.librdf.org/mantis/view.php?id=617
+and #0000618 http://bugs.librdf.org/mantis/view.php?id=618
+
+CVE: CVE-2017-18926
+Upstream-Status: Backport [https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/raptor_xml_writer.c | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
+index 693b946..0d3a36a 100644
+--- a/src/raptor_xml_writer.c
++++ b/src/raptor_xml_writer.c
+@@ -181,9 +181,10 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+   size_t nspace_declarations_count = 0;  
+   unsigned int i;
+ 
+-  /* max is 1 per element and 1 for each attribute + size of declared */
+   if(nstack) {
+-    int nspace_max_count = element->attribute_count+1;
++    int nspace_max_count = element->attribute_count * 2; /* attr and value */
++    if(element->name->nspace)
++      nspace_max_count++;
+     if(element->declared_nspaces)
+       nspace_max_count += raptor_sequence_size(element->declared_nspaces);
+     if(element->xml_language)
+@@ -237,7 +238,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+         }
+       }
+ 
+-      /* Add the attribute + value */
++      /* Add the attribute's value */
+       nspace_declarations[nspace_declarations_count].declaration=
+         raptor_qname_format_as_xml(element->attributes[i],
+                                    &nspace_declarations[nspace_declarations_count].length);
diff --git a/meta-oe/recipes-support/raptor2/raptor2_2.0.15.bb b/meta-oe/recipes-support/raptor2/raptor2_2.0.15.bb
index 577c6ee00a..193cf13b21 100644
--- a/meta-oe/recipes-support/raptor2/raptor2_2.0.15.bb
+++ b/meta-oe/recipes-support/raptor2/raptor2_2.0.15.bb
@@ -9,10 +9,10 @@  LIC_FILES_CHKSUM = " \
 
 DEPENDS = "libxml2 libxslt curl yajl"
 
-SRC_URI = " \
-    http://download.librdf.org/source/${BPN}-${PV}.tar.gz \
-    file://0001-configure.ac-do-additional-checks-on-libxml2-also-wh.patch \
-"
+SRC_URI = "http://download.librdf.org/source/${BPN}-${PV}.tar.gz \
+           file://0001-configure.ac-do-additional-checks-on-libxml2-also-wh.patch \
+           file://CVE-2017-18926.patch \
+           "
 SRC_URI[md5sum] = "a39f6c07ddb20d7dd2ff1f95fa21e2cd"
 SRC_URI[sha256sum] = "ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed"