slackware-current/patches/source/libxml2/libxml2-2.12.0-python3-unicode-errors.patch
Patrick J Volkerding e20d844068 Sun Dec 10 01:12:17 UTC 2023
patches/packages/libxml2-2.12.2-x86_64-1_slack15.0.txz:  Upgraded.
  Add --sysconfdir=/etc option so that this can find the xml catalog.
  Thanks to SpiderTux.
  Fix the following security issues:
  Fix integer overflows with XML_PARSE_HUGE.
  Fix dict corruption caused by entity reference cycles.
  Hashing of empty dict strings isn't deterministic.
  Fix null deref in xmlSchemaFixupComplexType.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-40303
    https://www.cve.org/CVERecord?id=CVE-2022-40304
    https://www.cve.org/CVERecord?id=CVE-2023-29469
    https://www.cve.org/CVERecord?id=CVE-2023-28484
  (* Security fix *)
2023-12-10 13:30:41 +01:00

34 lines
1.2 KiB
Diff

diff --git a/python/libxml.c b/python/libxml.c
index bf048006..5f42e5b7 100644
--- a/python/libxml.c
+++ b/python/libxml.c
@@ -1505,6 +1505,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNUSED void *ctx, const char *msg,
PyObject *message;
PyObject *result;
char str[1000];
+ unsigned char *ptr = (unsigned char *)str;
if (libxml_xmlPythonErrorFuncHandler == NULL) {
va_start(ap, msg);
@@ -1516,12 +1517,20 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNUSED void *ctx, const char *msg,
str[999] = 0;
va_end(ap);
+#if PY_MAJOR_VERSION >= 3
+ /* Ensure the error string doesn't start at UTF8 continuation. */
+ while (*ptr && (*ptr & 0xc0) == 0x80)
+ ptr++;
+#endif
+
list = PyTuple_New(2);
PyTuple_SetItem(list, 0, libxml_xmlPythonErrorFuncCtxt);
Py_XINCREF(libxml_xmlPythonErrorFuncCtxt);
- message = libxml_charPtrConstWrap(str);
+ message = libxml_charPtrConstWrap(ptr);
PyTuple_SetItem(list, 1, message);
result = PyObject_CallObject(libxml_xmlPythonErrorFuncHandler, list);
+ /* Forget any errors caused in the error handler. */
+ PyErr_Clear();
Py_XDECREF(list);
Py_XDECREF(result);
}