%define Rversion %(echo %{version} | sed -e 's/\\./_/g' -e 's/^/R_/')
Name:           expat
Version:        2.2.9
Release:        5
Summary:        An XML parser library
License:        MIT
URL:            https://libexpat.github.io/
Source0:        https://github.com/libexpat/libexpat/releases/download/%{Rversion}/expat-%{version}.tar.gz

Patch0:         xmlparse.c-Fix-undefined-behavior-for-XML_UNICODE.patch
Patch1:         Don-t-add-to-NULL-in-iterator.patch

Patch2:         backport-Autotools-Give-test-suite-access-to-internal-symbols.patch
Patch3:         backport-xmlwf-Extract-macro-XMLWF_SHIFT_ARGUMENT.patch
Patch4:         backport-CVE-2013-0340-lib-Add-prefix-expat-to-EXPAT_ENTROPY_DEBUG-1-stderr.patch
Patch5:         backport-CVE-2013-0340-xmlwf-Add-support-for-custom-attack-protection-param.patch
Patch6:         backport-CVE-2013-0340-xmlwf-Include-expat_config.h-so-we-can-check-for-mac.patch
Patch7:         backport-CVE-2013-0340-Changes-Document-protection-against-billion-laughs-a.patch
Patch8:         backport-CVE-2013-0340-lib-Protect-against-billion-laughs-attacks-approach-.patch
Patch9:         backport-CVE-2013-0340-lib-Make-EXPAT_ENTROPY_DEBUG-consistent-with-other-E.patch
Patch10:        backport-CVE-2013-0340-lib-Allow-test-suite-to-access-raw-accounting-values.patch
Patch11:        backport-CVE-2013-0340-Autotools-CMake-Suppress-Wpedantic-ms-format-false-p.patch
Patch12:        backport-CVE-2013-0340-lib-Address-Cppcheck-2.4.1-warning-uninitvar.patch
Patch13:        backport-CVE-2013-0340-tests-Cover-accounting.patch
Patch14:        backport-CVE-2013-0340-xmlwf.1-Document-arguments-a-and-b.patch
Patch15:        backport-CVE-2013-0340-doc-reference.html-Document-billion-laughs-attack-pr.patch
Patch16:        backport-CVE-2013-0340-tests-Cover-billion-laughs-attack-protection-API.patch
Patch17:        backport-CVE-2013-0340-tests-Cover-helper-unsignedCharToPrintable.patch
Patch18:        backport-CVE-2013-0340-tests-Cover-accounting-of-CDATA-sections.patch
Patch19:        backport-CVE-2013-0340-lib-Fix-accounting-of-CDATA-sections-inside.patch
Patch20:        backport-xmlparse.c-Fix-reading-uninitialized-variable-404.patch
Patch21:        backport-CVE-2021-45960.patch
Patch22:        backport-CVE-2021-46143.patch
Patch23:        backport-CVE-2022-22822-CVE-2022-22823-CVE-2022-22824-CVE-2022-22825-CVE-2022-22826-CVE-2022-22827.patch
Patch24:        backport-CVE-2022-23852-lib-Detect-and-prevent-integer-overflow-in-XML_GetBu.patch
Patch25:        backport-CVE-2022-23852-tests-Cover-integer-overflow-in-XML_GetBuffer-CVE-20.patch
Patch26:        backport-CVE-2022-23990-lib-Prevent-integer-overflow-in-doProlog-CVE-2022-23.patch

BuildRequires:  sed,autoconf,automake,gcc-c++,libtool,xmlto

%description
expat is a stream-oriented XML parser library written in C.
expat excels with files too large to fit RAM, and where
performance and flexibility are crucial.

%package devel
Summary:        Development files
Requires:       %{name} = %{version}-%{release}
%description devel
This package provides with static libraries and  header files for developing with expat.

%package_help

%prep
%autosetup -p1

autoreconf -fiv
%build
%configure CFLAGS="$RPM_OPT_FLAGS -fPIC" DOCBOOK_TO_MAN="xmlto man --skip-validation"
%make_build

%install
%makeinstall
find %{buildroot} -type f -name changelog -delete

%check
make check

%ldconfig_scriptlets

%files
%defattr(-,root,root)
%license COPYING AUTHORS
%{_bindir}/*
%{_libdir}/libexpat.so.1*
%exclude %{_docdir}/%{name}/AUTHORS

%files devel
%defattr(-,root,root)
%{_includedir}/*
%{_libdir}/{libexpat.*a,libexpat.so}
%{_libdir}/pkgconfig/expat.pc

%files help
%defattr(-,root,root)
%doc README.md
%{_mandir}/man1/*

%changelog
* Mon Feb 7 2022 yangzhuangzhuang <yangzhuangzhuang1@h-partners.com> - 2.2.9-5
- Type:CVE
- ID:CVE-2022-23852 CVE-2022-23990
- SUG:NA
- DESC:Fix CVE-2022-23852CVE-2022-23990

* Mon Jan 17 2022 wangjie <wangjie375@huawei.com> - 2.2.9-4
- Type:CVE
- ID:CVE-2021-45960 CVE-2021-46143 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
- SUG:NA
- DESC:fix CVE-2021-45960 CVE-2021-46143
       CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827

* Fri Jul 2 2021 panxiaohe <panxiaohe@huawei.com> - 2.2.9-3
- fix CVE-2013-0340
- xmlparse.c: Fix reading uninitialized variable

* Sun Jun 28 2020 liuchenguang <liuchenguang4@huawei.com> - 2.2.9-2
- quality enhancement synchronization github patch

* Mon May 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.2.9-1
- Type:requirement
- ID:NA
- SUG:NA
- DESC:update to 2.2.9

* Mon Oct 21 2019 shenyangyang <shenyangyang4@huawei.com> - 2.2.6-5
- Type:NA
- ID:NA
- SUG:NA
- DESC:modify the directory of AUTHORS

* Mon Oct 21 2019 shenyangyang <shenyangyang4@huawei.com> - 2.2.6-4
- Type:NA
- ID:NA
- SUG:NA
- DESC:move AUTHORS to license directory

* Sat Sep 28 2019 shenyangyang<shenyangyang4@huawei.com> - 2.2.6-3
- Type:cves
- ID:CVE-2019-15903
- SUG:NA
- DESC:fix CVE-2019-15903

* Fri Aug 30 2019 gulining<gulining1@huawei.com> - 2.2.6-2
- Type:cves
- ID:CVE-2018-20843
- SUG:NA
- DESC:fix CVE-2018-20843

* Thu Aug 29 2019 openEuler Buildteam <buildteam@openeuler.org> - 2.2.6-1
- Package Init