!13 【LTS升级】update libical to 3.0.8
Merge pull request !13 from yu_boyun/openEuler-20.03-LTS
This commit is contained in:
openeuler-ci-bot
Gitee
commit
f2242bf2ee
Binary file not shown.
BIN
libical-3.0.8.tar.gz
Normal file
BIN
libical-3.0.8.tar.gz
Normal file
Binary file not shown.
@ -1,70 +0,0 @@
|
|||||||
From 97abaada05f20973a710e194ce7c91c80bf39fe6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: orange-snn <songnannan2@huawei.com>
|
|
||||||
Date: Tue, 10 Mar 2020 16:44:19 +0800
|
|
||||||
Subject: [PATCH] Cap the number of parameters and properties to prevent
|
|
||||||
unbounded memory usage or hanging Alternate fix to #381.
|
|
||||||
|
|
||||||
---
|
|
||||||
src/libical/icalparser.c | 11 ++++++++---
|
|
||||||
1 file changed, 8 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libical/icalparser.c b/src/libical/icalparser.c
|
|
||||||
index 5715036..416080d 100644
|
|
||||||
--- a/src/libical/icalparser.c
|
|
||||||
+++ b/src/libical/icalparser.c
|
|
||||||
@@ -46,6 +46,9 @@
|
|
||||||
|
|
||||||
#define TMP_BUF_SIZE 80
|
|
||||||
|
|
||||||
+#define MAXIMUM_ALLOWED_PARAMETERS 100
|
|
||||||
+#define MAXIMUM_ALLOWED_MULTIPLE_VALUES 500
|
|
||||||
+
|
|
||||||
struct icalparser_impl
|
|
||||||
{
|
|
||||||
int buffer_full; /* flag indicates that temp is smaller that
|
|
||||||
@@ -689,6 +692,7 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
{
|
|
||||||
char *str;
|
|
||||||
char *end;
|
|
||||||
+ int pcount = 0;
|
|
||||||
int vcount = 0;
|
|
||||||
icalproperty *prop;
|
|
||||||
icalproperty_kind prop_kind;
|
|
||||||
@@ -864,7 +868,7 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
|
|
||||||
/* Now, add any parameters to the last property */
|
|
||||||
|
|
||||||
- while (1) {
|
|
||||||
+ while (pcount < MAXIMUM_ALLOWED_PARAMETERS) {
|
|
||||||
if (*(end - 1) == ':') {
|
|
||||||
/* if the last separator was a ":" and the value is a
|
|
||||||
URL, icalparser_get_next_parameter will find the
|
|
||||||
@@ -1083,6 +1087,7 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
|
|
||||||
icalmemory_free_buffer(str);
|
|
||||||
str = NULL;
|
|
||||||
+ pcount++;
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1092,7 +1097,7 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
tail = 0;
|
|
||||||
icalmemory_free_buffer(str);
|
|
||||||
str = NULL;
|
|
||||||
-
|
|
||||||
+ pcount++;
|
|
||||||
} else {
|
|
||||||
/* str is NULL */
|
|
||||||
break;
|
|
||||||
@@ -1109,7 +1114,7 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
parameter and add one part of the value to each clone */
|
|
||||||
|
|
||||||
vcount = 0;
|
|
||||||
- while (1) {
|
|
||||||
+ while (vcount < MAXIMUM_ALLOWED_MULTIPLE_VALUES) {
|
|
||||||
/* Only some properties can have multiple values. This list was taken
|
|
||||||
from rfc5545. Also added the x-properties, because the spec actually
|
|
||||||
says that commas should be escaped. For x-properties, other apps may
|
|
||||||
--
|
|
||||||
1.8.3.1
|
|
||||||
|
|
||||||
@ -1,36 +0,0 @@
|
|||||||
From fdeb2c05160969a3251eda1b3dbd7f855656fd12 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kent Sutherland <git@ksuther.com>
|
|
||||||
Date: Sat, 11 May 2019 19:59:03 +0000
|
|
||||||
Subject: [PATCH] Reset the parser level to 0 when encountering a line with END
|
|
||||||
before BEGIN Fixes memory leaks caused by the parser behaving incorrectly
|
|
||||||
when the level is negative. oss-fuzz issue 14480, 14151, 14152, 14153, 14155.
|
|
||||||
|
|
||||||
---
|
|
||||||
src/libical/icalparser.c | 11 +++++++++--
|
|
||||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/src/libical/icalparser.c b/src/libical/icalparser.c
|
|
||||||
index 0530a4b..6d54a7c 100644
|
|
||||||
--- a/src/libical/icalparser.c
|
|
||||||
+++ b/src/libical/icalparser.c
|
|
||||||
@@ -795,8 +795,15 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
icalmemory_free_buffer(str);
|
|
||||||
str = NULL;
|
|
||||||
|
|
||||||
- /* Return the component if we are back to the 0th level */
|
|
||||||
- if (parser->level == 0) {
|
|
||||||
+ if (parser->level < 0) {
|
|
||||||
+ // Encountered an END before any BEGIN, this must be invalid data
|
|
||||||
+ icalerror_warn("Encountered END before BEGIN");
|
|
||||||
+
|
|
||||||
+ parser->state = ICALPARSER_ERROR;
|
|
||||||
+ parser->level = 0;
|
|
||||||
+ return 0;
|
|
||||||
+ } else if (parser->level == 0) {
|
|
||||||
+ /* Return the component if we are back to the 0th level */
|
|
||||||
icalcomponent *rtrn;
|
|
||||||
|
|
||||||
if (pvl_count(parser->components) != 0) {
|
|
||||||
--
|
|
||||||
2.19.1
|
|
||||||
|
|
||||||
@ -1,31 +0,0 @@
|
|||||||
From 5048c2e6084bc0df1a80416bf9760f03e243bb09 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Allen Winter <allen.winter@kdab.com>
|
|
||||||
Date: Sun, 12 May 2019 16:55:44 -0400
|
|
||||||
Subject: [PATCH] another attempt to make Coverity happy
|
|
||||||
|
|
||||||
---
|
|
||||||
src/libical/icalparser.c | 8 +++++++-
|
|
||||||
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/src/libical/icalparser.c b/src/libical/icalparser.c
|
|
||||||
index 6d54a7c..de7a2a4 100644
|
|
||||||
--- a/src/libical/icalparser.c
|
|
||||||
+++ b/src/libical/icalparser.c
|
|
||||||
@@ -1004,7 +1004,13 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
|
|
||||||
/* Reparse the parameter name and value with the new segment */
|
|
||||||
if (!parser_get_param_name_stack(str, name_stack, sizeof(name_stack),
|
|
||||||
pvalue_stack, sizeof(pvalue_stack))) {
|
|
||||||
- if (name_heap) {
|
|
||||||
+
|
|
||||||
+ if (pvalue_heap) {
|
|
||||||
+ icalmemory_free_buffer(pvalue_heap);
|
|
||||||
+ pvalue_heap = 0;
|
|
||||||
+ pvalue = 0;
|
|
||||||
+ }
|
|
||||||
+ if (name_heap) {
|
|
||||||
icalmemory_free_buffer(name_heap);
|
|
||||||
name = 0;
|
|
||||||
}
|
|
||||||
--
|
|
||||||
2.19.1
|
|
||||||
|
|
||||||
15
libical.spec
15
libical.spec
@ -1,6 +1,6 @@
|
|||||||
Name: libical
|
Name: libical
|
||||||
Version: 3.0.4
|
Version: 3.0.8
|
||||||
Release: 2
|
Release: 1
|
||||||
Summary: An Open Source implementation of the iCalendar protocols and protocol data formats.
|
Summary: An Open Source implementation of the iCalendar protocols and protocol data formats.
|
||||||
License: LGPLv2 or MPLv2.0
|
License: LGPLv2 or MPLv2.0
|
||||||
URL: https://libical.github.io/libical/
|
URL: https://libical.github.io/libical/
|
||||||
@ -13,10 +13,7 @@ Requires: tzdata
|
|||||||
Provides: libical-glib = %{version}-%{release}
|
Provides: libical-glib = %{version}-%{release}
|
||||||
Obsoletes: libical-glib < %{version}-%{release}
|
Obsoletes: libical-glib < %{version}-%{release}
|
||||||
|
|
||||||
Patch6001: libical-bugfix-Cap-the-number-of-parameters.patch
|
Patch0: libical-bugfix-timeout-found-by-fuzzer.patch
|
||||||
Patch6002: libical-bugfix-timeout-found-by-fuzzer.patch
|
|
||||||
Patch6003: libical-bugfix-Reset-the-parser-level-to-0.patch
|
|
||||||
Patch6004: libical-bugfix-attempt-to-make-Coverity-happy.patch
|
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Libical is an open source implementation of the IETF's iCalendar calendaring
|
Libical is an open source implementation of the IETF's iCalendar calendaring
|
||||||
@ -79,6 +76,12 @@ make test ARGS="-V" -C %{_target_platform}
|
|||||||
%{_datadir}/gtk-doc/html/%{name}-glib
|
%{_datadir}/gtk-doc/html/%{name}-glib
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Aug 19 2020 yuboyun <yuboyun@huawei.com> - 3.0.8-1
|
||||||
|
- Type:update
|
||||||
|
- Id:NA
|
||||||
|
- SUG:NA
|
||||||
|
- DESC:update to 3.0.8
|
||||||
|
|
||||||
* Tue Mar 10 2020 songnannan <songnannan2@huawei.com> - 3.0.4-2
|
* Tue Mar 10 2020 songnannan <songnannan2@huawei.com> - 3.0.4-2
|
||||||
- bugfix in oss-fuzz
|
- bugfix in oss-fuzz
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user