Bug#689818: marked as done (unblock: xml-light/2.2-15)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Mon, 08 Oct 2012 11:35:09 +0200
with message-id <50729E4D.8010009@thykier.net>
and subject line Re: Bug#689818: unblock: xml-light/2.2-15
has caused the Debian Bug report #689818,
regarding unblock: xml-light/2.2-15
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
689818: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689818
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: xml-light/2.2-15
• From: Mehdi Dogguy <mehdi@debian.org>
• Date: Sat, 06 Oct 2012 18:50:54 +0200
• Message-id: <[🔎] 20121006165054.5120.52879.reportbug@potassium>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package xml-light.

xml-light/2.2-15 fixes a security issue (namely CVE-2012-3514). It
changed an internal datastructure from a Hash table to a Map to avoid
hash collision attacks.

This upload required the rebuild of its reverse dependencies because
ABI changed. AFAIK, all r-deps were rebuilt sucessfully.

Debdiff between -14 and -15 is attached for your convenience.

unblock xml-light/2.2-15

Regards,

-- 
Mehdi

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_GB.UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru xml-light-2.2/debian/changelog xml-light-2.2/debian/changelog
--- xml-light-2.2/debian/changelog	2012-06-07 13:55:42.000000000 +0200
+++ xml-light-2.2/debian/changelog	2012-10-05 15:31:52.000000000 +0200
@@ -1,3 +1,14 @@
+xml-light (2.2-15) unstable; urgency=low
+
+  [ Sylvain Le Gall ]
+  * Remove Sylvain Le Gall from uploaders
+
+  [ Mehdi Dogguy ]
+  * Fix CVE-2012-3514 (Closes: #685584).
+    - add 06_CVE-2012-3514.diff
+
+ -- Mehdi Dogguy <mehdi@debian.org>  Fri, 05 Oct 2012 15:31:52 +0200
+
 xml-light (2.2-14) unstable; urgency=low
 
   * Do not try to install the .cmxs plugin on architectures where
diff -Nru xml-light-2.2/debian/control xml-light-2.2/debian/control
--- xml-light-2.2/debian/control	2012-06-05 16:38:56.000000000 +0200
+++ xml-light-2.2/debian/control	2012-10-01 14:40:35.000000000 +0200
@@ -3,7 +3,6 @@
 Priority: optional
 Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
 Uploaders:
- Sylvain Le Gall <gildor@debian.org>,
  Mehdi Dogguy <mehdi@debian.org>
 Build-Depends:
  cdbs (>= 0.4.23-1.1),
diff -Nru xml-light-2.2/debian/patches/06_CVE-2012-3514.diff xml-light-2.2/debian/patches/06_CVE-2012-3514.diff
--- xml-light-2.2/debian/patches/06_CVE-2012-3514.diff	1970-01-01 01:00:00.000000000 +0100
+++ xml-light-2.2/debian/patches/06_CVE-2012-3514.diff	2012-10-01 15:40:17.000000000 +0200
@@ -0,0 +1,153 @@
+--- a/dtd.ml
++++ b/dtd.ml
+@@ -93,16 +93,18 @@
+ 
+ type dtd = dtd_item list
+ 
+-type ('a,'b) hash = ('a,'b) Hashtbl.t
++module StringMap = Map.Make(String)
++
++type 'a map = 'a StringMap.t ref
+ 
+ type checked = {
+-	c_elements : (string,dtd_element_type) hash;
+-	c_attribs : (string,(string,(dtd_attr_type * dtd_attr_default)) hash) hash;
++	c_elements : dtd_element_type map;
++	c_attribs : (dtd_attr_type * dtd_attr_default) map map;
+ }
+ 
+ type dtd_state = {
+-	elements : (string,dtd_element_type) hash;
+-	attribs : (string,(string,(dtd_attr_type * dtd_attr_default)) hash) hash;
++	elements : dtd_element_type map;
++	attribs : (dtd_attr_type * dtd_attr_default) map map;
+ 	mutable current : dtd_element_type;
+ 	mutable curtag : string;
+ 	state : (string * dtd_element_type) Stack.t;
+@@ -113,7 +115,21 @@
+ let _raises e =
+ 	file_not_found := e
+ 
+-let empty_hash = Hashtbl.create 0
++let create_map() = ref StringMap.empty
++
++let empty_map = create_map()
++
++let find_map m k = StringMap.find k (!m)
++
++let set_map m k v = m := StringMap.add k v (!m)
++
++let unset_map m k = m := StringMap.remove k (!m)
++
++let iter_map f m = StringMap.iter f (!m)
++
++let fold_map f m = StringMap.fold f (!m)
++
++let mem_map m k = StringMap.mem k (!m)
+ 
+ let pos source =
+ 	let line, lstart, min, max = Xml_lexer.pos source in
+@@ -158,45 +174,45 @@
+ 			raise e
+ 
+ let check dtd =
+-	let attribs = Hashtbl.create 0 in
+-	let hdone = Hashtbl.create 0 in
+-	let htodo = Hashtbl.create 0 in
++	let attribs = create_map () in
++	let hdone = create_map () in
++	let htodo = create_map () in
+ 	let ftodo tag from =
+ 		try
+-			ignore(Hashtbl.find hdone tag);
++			ignore(find_map hdone tag);
+ 		with
+ 			Not_found ->
+ 				try
+-					match Hashtbl.find htodo tag with
+-					| None -> Hashtbl.replace htodo tag from
++					match find_map htodo tag with
++					| None -> set_map htodo tag from
+ 					| Some _ -> ()
+ 				with
+ 					Not_found ->
+-						Hashtbl.add htodo tag from
++						set_map htodo tag from
+ 	in
+ 	let fdone tag edata =
+ 		try 
+-			ignore(Hashtbl.find hdone tag);
++			ignore(find_map hdone tag);
+ 			raise (Check_error (ElementDefinedTwice tag));
+ 		with
+ 			Not_found ->
+-				Hashtbl.remove htodo tag;
+-				Hashtbl.add hdone tag edata
++				unset_map htodo tag;
++				set_map hdone tag edata
+ 	in
+ 	let fattrib tag aname adata =
+ 		let h = (try
+-				Hashtbl.find attribs tag
++				find_map attribs tag
+ 			with
+ 				Not_found ->
+-					let h = Hashtbl.create 1 in
+-					Hashtbl.add attribs tag h;
++					let h = create_map () in
++					set_map attribs tag h;
+ 					h) in
+ 		try
+-			ignore(Hashtbl.find h aname);
++			ignore(find_map h aname);
+ 			raise (Check_error (AttributeDefinedTwice (tag,aname)));
+ 		with
+ 			Not_found ->
+-				Hashtbl.add h aname adata
++				set_map h aname adata
+ 	in
+ 	let check_item = function
+ 		| DTDAttribute (tag,aname,atype,adef) ->
+@@ -229,7 +245,7 @@
+ 			check_type etype
+ 	in
+ 	List.iter check_item dtd;
+-	Hashtbl.iter (fun t from ->
++	iter_map (fun t from ->
+ 		match from with
+ 		| None -> raise (Check_error (ElementNotDeclared t))
+ 		| Some tag -> raise (Check_error (ElementReferenced (t,tag)))
+@@ -248,7 +264,7 @@
+ 		curtag = "_root";
+ 	} in
+ 	try
+-		ignore(Hashtbl.find d.elements (String.uppercase root));
++		ignore(find_map d.elements (String.uppercase root));
+ 		d
+ 	with
+ 		Not_found -> raise (Check_error (ElementNotDeclared root))
+@@ -365,7 +381,7 @@
+ 
+ let check_attrib ahash (aname,_) =
+ 	try
+-		ignore(Hashtbl.find ahash aname);
++		ignore(find_map ahash aname);
+ 	with
+ 		Not_found -> raise (Prove_error (UnexpectedAttribute aname))
+ 
+@@ -378,12 +394,12 @@
+ 		let uattr = List.map (fun (aname,aval) -> String.uppercase aname , aval) attr in
+ 		prove_child dtd (Some utag);
+ 		Stack.push (dtd.curtag,dtd.current) dtd.state;
+-		let elt = (try Hashtbl.find dtd.elements utag with Not_found -> raise (Prove_error (UnexpectedTag tag))) in
+-		let ahash = (try Hashtbl.find dtd.attribs utag with Not_found -> empty_hash) in
++		let elt = (try find_map dtd.elements utag with Not_found -> raise (Prove_error (UnexpectedTag tag))) in
++		let ahash = (try find_map dtd.attribs utag with Not_found -> empty_map) in
+ 		dtd.curtag <- tag;
+ 		dtd.current <- elt;
+ 		List.iter (check_attrib ahash) uattr;
+-		let attr = Hashtbl.fold (prove_attrib dtd uattr) ahash [] in
++		let attr = fold_map (prove_attrib dtd uattr) ahash [] in
+ 		let childs = ref (List.map (do_prove dtd) childs) in
+ 		(match dtd.current with
+ 		| DTDAny
diff -Nru xml-light-2.2/debian/patches/series xml-light-2.2/debian/patches/series
--- xml-light-2.2/debian/patches/series	2012-06-05 16:38:56.000000000 +0200
+++ xml-light-2.2/debian/patches/series	2012-10-01 14:41:10.000000000 +0200
@@ -3,3 +3,4 @@
 03_cflags.diff
 04_dtd_trace.diff
 05_cmxs_plugin.diff
+06_CVE-2012-3514.diff

--- End Message ---

--- Begin Message ---

• To: Mehdi Dogguy <mehdi@debian.org>, 689818-done@bugs.debian.org
• Subject: Re: Bug#689818: unblock: xml-light/2.2-15
• From: Niels Thykier <niels@thykier.net>
• Date: Mon, 08 Oct 2012 11:35:09 +0200
• Message-id: <50729E4D.8010009@thykier.net>
• In-reply-to: <[🔎] 20121006165054.5120.52879.reportbug@potassium>
• References: <[🔎] 20121006165054.5120.52879.reportbug@potassium>

On 2012-10-06 18:50, Mehdi Dogguy wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package xml-light.
> 
> xml-light/2.2-15 fixes a security issue (namely CVE-2012-3514). It
> changed an internal datastructure from a Hash table to a Map to avoid
> hash collision attacks.
> 
> This upload required the rebuild of its reverse dependencies because
> ABI changed. AFAIK, all r-deps were rebuilt sucessfully.
> 
> Debdiff between -14 and -15 is attached for your convenience.
> 
> unblock xml-light/2.2-15
> 
> Regards,
> 

Unblocked, thanks.

~Niels

--- End Message ---