SourceForge.net | 3 Jun 12:48 2008
Picon
Picon

[ expat-Patches-1983348 ] xmlwf should return with a non-zero value on error

Patches item #1983348, was opened at 2008-06-03 12:48
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=310127&aid=1983348&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Daniel Leidert (dleidert)
Assigned to: Nobody/Anonymous (nobody)
Summary: xmlwf should return with a non-zero value on error

Initial Comment:
In http://bugs.debian.org/82763 it has been requested, that xmlwf returns with a non-zero exit value if
there is an issue (e.g. non-wellformed XML). The attached patch, applied for around 7 years to the Debian
package, would fulfill the request.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=310127&aid=1983348&group_id=10127
SourceForge.net | 3 Jun 12:59 2008
Picon
Picon

[ expat-Patches-1983364 ] xmlwf manpage wrong about XML standard and well-formdness

Patches item #1983364, was opened at 2008-06-03 12:59
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=310127&aid=1983364&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Daniel Leidert (dleidert)
Assigned to: Nobody/Anonymous (nobody)
Summary: xmlwf manpage wrong about XML standard and well-formdness

Initial Comment:
In http://bugs.debian.org/412786 a user reported an content bug in the xmlwf manpage. There it is
written, that the XML standard requires an XML declaration at the beginning to be the well-formed.
However this is IMO wrong. The XML declaration is AFAIK optional.

The attached patch fixes this for the SGML source. It further makes a small fix to not output a point at the
beginning of a line in the GROFF file - some tools do not escape the dot here with \& - so removing the
line-break will avoid issues with other tools)

----------------------------------------------------------------------

You can respond by visiting: 
(Continue reading)

SourceForge.net | 3 Jun 13:05 2008
Picon
Picon

[ expat-Patches-1983369 ] Sometimes expat_config.h seems to be required

Patches item #1983369, was opened at 2008-06-03 13:05
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=310127&aid=1983369&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Daniel Leidert (dleidert)
Assigned to: Nobody/Anonymous (nobody)
Summary: Sometimes expat_config.h seems to be required

Initial Comment:
A Debian user requested, that expat_config.h is installed along with the other header files. It looks
like, some software packages rely on this header file.

I'm not sure, if it's a bug in the packages relying on this header or if it's a valid user request. I'm therefor
simply forwarding this request to you. The Debian package ships the header for 3 years now and it seems to
have no disadvantages.

The patch is attached.

----------------------------------------------------------------------

(Continue reading)

SourceForge.net | 4 Jun 00:39 2008
Picon
Picon

[ expat-Bugs-1983953 ] outdated config.sub/config.guess

Bugs item #1983953, was opened at 2008-06-03 15:39
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1983953&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Build control
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Scott McCreary (scottmc)
Assigned to: Greg Stein (gstein)
Summary: outdated config.sub/config.guess

Initial Comment:
Seems to be time to update config.sub and config.guess again.  Haiku for one needs this to be updated:
http://tools.assembla.com/BePorts/wiki/dev-libs/expat

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1983953&group_id=10127
SourceForge.net | 11 Jun 06:45 2008
Picon
Picon

[ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences

Bugs item #1990430, was opened at 2008-06-10 22:45
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: www.libexpat.org
Group: None
Status: Open
Resolution: None
Priority: 5
Private: Yes
Submitted By: Peter Valchev (petervalchev)
Assigned to: Fred L. Drake, Jr. (fdrake)
Summary: Parser crash with specially formatted UTF-8 sequences

Initial Comment:
I have discovered a way to crash libexpat's xml parser with certain specially formatted UTF-8 sequences.
All applications that link w/ expat and use it to render user-provided XML files are affected. As far as I
see, the issue is not exploitable, just denial of service.

This is the patch that I have come up with, also attached to this email:

+++ lib/xmltok_impl.c 2007-12-21 11:11:42.054417000 -0800
 <at>  <at>  -1745,6 +1745,9  <at>  <at> 
 switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
 case BT_LEAD ## n: \
(Continue reading)

SourceForge.net | 11 Jun 16:46 2008
Picon
Picon

[ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences

Bugs item #1990430, was opened at 2008-06-11 00:45
Message generated for change (Comment added) made by kwaclaw
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: www.libexpat.org
Group: None
Status: Open
>Resolution: Fixed
Priority: 5
Private: Yes
Submitted By: Peter Valchev (petervalchev)
>Assigned to: Karl Waclawek (kwaclaw)
Summary: Parser crash with specially formatted UTF-8 sequences

Initial Comment:
I have discovered a way to crash libexpat's xml parser with certain specially formatted UTF-8 sequences.
All applications that link w/ expat and use it to render user-provided XML files are affected. As far as I
see, the issue is not exploitable, just denial of service.

This is the patch that I have come up with, also attached to this email:

+++ lib/xmltok_impl.c 2007-12-21 11:11:42.054417000 -0800
 <at>  <at>  -1745,6 +1745,9  <at>  <at> 
 switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
 case BT_LEAD ## n: \
(Continue reading)

SourceForge.net | 13 Jun 00:08 2008
Picon
Picon

[ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences

Bugs item #1990430, was opened at 2008-06-10 22:45
Message generated for change (Comment added) made by petervalchev
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: www.libexpat.org
Group: None
Status: Open
>Resolution: None
Priority: 5
Private: Yes
Submitted By: Peter Valchev (petervalchev)
>Assigned to: Fred L. Drake, Jr. (fdrake)
Summary: Parser crash with specially formatted UTF-8 sequences

Initial Comment:
I have discovered a way to crash libexpat's xml parser with certain specially formatted UTF-8 sequences.
All applications that link w/ expat and use it to render user-provided XML files are affected. As far as I
see, the issue is not exploitable, just denial of service.

This is the patch that I have come up with, also attached to this email:

+++ lib/xmltok_impl.c 2007-12-21 11:11:42.054417000 -0800
 <at>  <at>  -1745,6 +1745,9  <at>  <at> 
 switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
 case BT_LEAD ## n: \
(Continue reading)

SourceForge.net | 13 Jun 04:40 2008
Picon
Picon

[ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences

Bugs item #1990430, was opened at 2008-06-11 00:45
Message generated for change (Comment added) made by kwaclaw
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: www.libexpat.org
Group: None
Status: Open
Resolution: None
Priority: 5
Private: Yes
Submitted By: Peter Valchev (petervalchev)
>Assigned to: Karl Waclawek (kwaclaw)
Summary: Parser crash with specially formatted UTF-8 sequences

Initial Comment:
I have discovered a way to crash libexpat's xml parser with certain specially formatted UTF-8 sequences.
All applications that link w/ expat and use it to render user-provided XML files are affected. As far as I
see, the issue is not exploitable, just denial of service.

This is the patch that I have come up with, also attached to this email:

+++ lib/xmltok_impl.c 2007-12-21 11:11:42.054417000 -0800
 <at>  <at>  -1745,6 +1745,9  <at>  <at> 
 switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
 case BT_LEAD ## n: \
(Continue reading)

SourceForge.net | 13 Jun 07:15 2008
Picon
Picon

[ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences

Bugs item #1990430, was opened at 2008-06-10 22:45
Message generated for change (Comment added) made by petervalchev
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: www.libexpat.org
Group: None
Status: Open
Resolution: Fixed
Priority: 5
Private: Yes
Submitted By: Peter Valchev (petervalchev)
Assigned to: Karl Waclawek (kwaclaw)
Summary: Parser crash with specially formatted UTF-8 sequences

Initial Comment:
I have discovered a way to crash libexpat's xml parser with certain specially formatted UTF-8 sequences.
All applications that link w/ expat and use it to render user-provided XML files are affected. As far as I
see, the issue is not exploitable, just denial of service.

This is the patch that I have come up with, also attached to this email:

+++ lib/xmltok_impl.c 2007-12-21 11:11:42.054417000 -0800
 <at>  <at>  -1745,6 +1745,9  <at>  <at> 
 switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
 case BT_LEAD ## n: \
(Continue reading)

SourceForge.net | 13 Jun 07:14 2008
Picon
Picon

[ expat-Bugs-1990430 ] Parser crash with specially formatted UTF-8 sequences

Bugs item #1990430, was opened at 2008-06-10 22:45
Message generated for change (Comment added) made by petervalchev
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=1990430&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: www.libexpat.org
Group: None
Status: Open
>Resolution: Fixed
Priority: 5
Private: Yes
Submitted By: Peter Valchev (petervalchev)
Assigned to: Karl Waclawek (kwaclaw)
Summary: Parser crash with specially formatted UTF-8 sequences

Initial Comment:
I have discovered a way to crash libexpat's xml parser with certain specially formatted UTF-8 sequences.
All applications that link w/ expat and use it to render user-provided XML files are affected. As far as I
see, the issue is not exploitable, just denial of service.

This is the patch that I have come up with, also attached to this email:

+++ lib/xmltok_impl.c 2007-12-21 11:11:42.054417000 -0800
 <at>  <at>  -1745,6 +1745,9  <at>  <at> 
 switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
 case BT_LEAD ## n: \
(Continue reading)


Gmane