git: vendor/EXPAT vendor/expat: upgrade from 2.1.0 to 2.5.0
Antonio Huete Jimenez
tuxillo at crater.dragonflybsd.org
Sat Nov 12 09:28:47 PST 2022
commit 0c65ac1dc98bdeacfd970251eb73ccf33a29b90b
Author: Antonio Huete Jimenez <tuxillo at quantumachine.net>
Date: Sat Nov 12 16:38:24 2022 +0100
vendor/expat: upgrade from 2.1.0 to 2.5.0
Summary of notable changes:
- Detect overflow from len=INT_MAX call to XML_Parse
- Fix a dangling pointer issue related to realloc
- Fix copying of partial characters for UTF-8 input
- Avoid doing arithmetic with NULL pointers in XML_GetBuffer
- Fix reading uninitialized variable during parsing
- CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer
- Fix potential null pointer dereference
- Following CVEs were handled (not a complete list)
CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2012-0876
CVE-2012-6702, CVE-2017-9233, CVE-2016-9063, CVE-2018-20843
CVE-2019-15903,CVE-2013-0340/CWE-776, CVE-2021-45960
CVE-2021-46143, CVE-2022-22822 to CVE-2022-22827
CVE-2022-23852, CVE-2022-23990, CVE-2022-43680
For detailed list of all changes, bugfixes and improvements, see Changes.
Summary of changes:
contrib/expat/COPYING | 5 +-
contrib/expat/Changes | 1087 ++++-
contrib/expat/expat_config.h | 140 +
contrib/expat/expat_config.h.in | 102 -
contrib/expat/lib/Makefile.MPW | 206 -
contrib/expat/lib/amigaconfig.h | 32 -
contrib/expat/lib/ascii.h | 35 +-
contrib/expat/lib/asciitab.h | 96 +-
contrib/expat/lib/expat.dsp | 185 -
contrib/expat/lib/expat.h | 395 +-
contrib/expat/lib/expat_external.h | 120 +-
contrib/expat/lib/expat_static.dsp | 162 -
contrib/expat/lib/expatw.dsp | 185 -
contrib/expat/lib/expatw_static.dsp | 162 -
contrib/expat/lib/iasciitab.h | 96 +-
contrib/expat/lib/internal.h | 120 +-
contrib/expat/lib/latin1tab.h | 96 +-
contrib/expat/lib/libexpat.def | 73 -
contrib/expat/lib/libexpatw.def | 73 -
contrib/expat/lib/macconfig.h | 53 -
contrib/expat/lib/nametab.h | 274 +-
contrib/expat/lib/siphash.h | 393 ++
contrib/expat/lib/utf8tab.h | 97 +-
contrib/expat/lib/winconfig.h | 49 +-
contrib/expat/lib/xmlparse.c | 7861 ++++++++++++++++++++++-------------
contrib/expat/lib/xmlrole.c | 827 ++--
contrib/expat/lib/xmlrole.h | 48 +-
contrib/expat/lib/xmltok.c | 1522 +++----
contrib/expat/lib/xmltok.h | 257 +-
contrib/expat/lib/xmltok_impl.c | 1300 +++---
contrib/expat/lib/xmltok_impl.h | 104 +-
contrib/expat/lib/xmltok_ns.c | 123 +-
32 files changed, 9504 insertions(+), 6774 deletions(-)
mode change 100755 => 100644 contrib/expat/COPYING
mode change 100755 => 100644 contrib/expat/Changes
create mode 100644 contrib/expat/expat_config.h
delete mode 100644 contrib/expat/expat_config.h.in
delete mode 100644 contrib/expat/lib/Makefile.MPW
delete mode 100644 contrib/expat/lib/amigaconfig.h
delete mode 100644 contrib/expat/lib/expat.dsp
delete mode 100644 contrib/expat/lib/expat_static.dsp
delete mode 100644 contrib/expat/lib/expatw.dsp
delete mode 100644 contrib/expat/lib/expatw_static.dsp
delete mode 100644 contrib/expat/lib/libexpat.def
delete mode 100644 contrib/expat/lib/libexpatw.def
delete mode 100644 contrib/expat/lib/macconfig.h
create mode 100644 contrib/expat/lib/siphash.h
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0c65ac1dc98bdeacfd970251eb73ccf33a29b90b
--
DragonFly BSD source repository
More information about the Commits
mailing list