[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#827299: marked as done (jessie-pu: package libxml2/2.9.1+dfsg1-5+deb8u3)

Your message dated Sat, 17 Sep 2016 13:08:06 +0100
with message-id <1474114086.2011.126.camel@adam-barratt.org.uk>
and subject line Closing p-u bugs for updates in 8.6
has caused the Debian Bug report #827299,
regarding jessie-pu: package libxml2/2.9.1+dfsg1-5+deb8u3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
827299: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827299
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian.org@packages.debian.org
Usertags: pu

Hi SRM,

It would be good to have libxml2 fixed as well in stable for #781232,
causing e.g. libsys-virt-perl FTBFS, or causing the problem for
libvirt as reported by Guido in #781232.

Attached is the proposed debdiff, by cherry-picking commit
beb7281055dbf0ed4d041022a67c6c5cfd126f25 from upstream.

Would that be accepted for the next jessie point release?

Regards,
Salvatore

diff -Nru libxml2-2.9.1+dfsg1/debian/changelog libxml2-2.9.1+dfsg1/debian/changelog
--- libxml2-2.9.1+dfsg1/debian/changelog	2016-05-28 06:58:09.000000000 +0200
+++ libxml2-2.9.1+dfsg1/debian/changelog	2016-06-14 20:21:16.000000000 +0200
@@ -1,3 +1,11 @@
+libxml2 (2.9.1+dfsg1-5+deb8u3) jessie; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix a problem unparsing URIs without a host part like qemu:///system.
+    This unbreaks libvirt, libsys-virt-perl and others (Closes: #781232)
+
+ -- Salvatore Bonaccorso <carnil@debian.org>  Tue, 14 Jun 2016 20:20:41 +0200
+
 libxml2 (2.9.1+dfsg1-5+deb8u2) jessie-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
diff -Nru libxml2-2.9.1+dfsg1/debian/patches/0086-Fix-a-problem-properly-saving-URIs.patch libxml2-2.9.1+dfsg1/debian/patches/0086-Fix-a-problem-properly-saving-URIs.patch
--- libxml2-2.9.1+dfsg1/debian/patches/0086-Fix-a-problem-properly-saving-URIs.patch	1970-01-01 01:00:00.000000000 +0100
+++ libxml2-2.9.1+dfsg1/debian/patches/0086-Fix-a-problem-properly-saving-URIs.patch	2016-06-14 20:21:16.000000000 +0200
@@ -0,0 +1,127 @@
+From beb7281055dbf0ed4d041022a67c6c5cfd126f25 Mon Sep 17 00:00:00 2001
+From: Daniel Veillard <veillard@redhat.com>
+Date: Fri, 3 Oct 2014 19:22:39 +0800
+Subject: [PATCH] Fix a problem properly saving URIs
+
+As written by Martin Kletzander <mkletzan@redhat.com>:
+Since commit 8eb55d782a2b9afacc7938694891cc6fad7b42a5, when you parse
+and save an URI that has no server (or similar) part, two slashes
+after the 'schema:' get lost.  It means 'uri:///noserver' is turned
+into 'uri:/noserver'.
+
+basically
+   foo:///only/path
+
+means a host of "" while
+
+   foo:/only/path
+
+means no host at all
+
+  So the best fix IMHO is to fix the URI parser to record the first
+case and an empty host string and the second case as a NULL host string
+
+ I would not revert the initial patch, we should not 'invent' those
+slash, but we should instead when parsing keep the information that
+it's a host based path and that foo:/// means the presence of a host
+but an empty one.
+
+Once applied the resulting patch below, all cases seems to be saved
+properly:
+
+thinkpad:~/XML -> ./testURI uri:/noserver
+uri:/noserver
+thinkpad:~/XML -> ./testURI uri:///noserver
+uri:///noserver
+thinkpad:~/XML -> ./testURI uri://server/foo
+uri://server/foo
+thinkpad:~/XML -> ./testURI uri:/noserver/foo
+uri:/noserver/foo
+thinkpad:~/XML -> ./testURI uri:///
+uri:///
+thinkpad:~/XML -> ./testURI uri://
+uri://
+thinkpad:~/XML -> ./testURI uri:/
+uri:/
+thinkpad:~/XML ->
+
+  If you revert the initial patch that last case fails
+
+The problem is that I don't want to change the xmlURI structure to
+minimize ABI breakage, so I could not extend the field. The natural
+solution is to denote that uri:/// has an empty host by making
+the uri server field an empty string which works very well but breaks
+applications (like libvirt ;-) who blindly look at uri->server
+not being NULL to try to reach it !
+Simplest was to stick the port to -1 in that case, instead of 0
+application don't bother looking at the port of there is no server
+string, this makes the patch more complex than a 1 liner, but
+is better for ABI.
+---
+ uri.c | 34 +++++++++++++++++++---------------
+ 1 file changed, 19 insertions(+), 15 deletions(-)
+
+diff --git a/uri.c b/uri.c
+index d4dcd2f..ff47abb 100644
+--- a/uri.c
++++ b/uri.c
+@@ -759,6 +759,8 @@ xmlParse3986HierPart(xmlURIPtr uri, const char **str)
+         cur += 2;
+ 	ret = xmlParse3986Authority(uri, &cur);
+ 	if (ret != 0) return(ret);
++	if (uri->server == NULL)
++	    uri->port = -1;
+ 	ret = xmlParse3986PathAbEmpty(uri, &cur);
+ 	if (ret != 0) return(ret);
+ 	*str = cur;
+@@ -1106,7 +1108,7 @@ xmlSaveUri(xmlURIPtr uri) {
+ 	    }
+ 	}
+     } else {
+-	if (uri->server != NULL) {
++	if ((uri->server != NULL) || (uri->port == -1)) {
+ 	    if (len + 3 >= max) {
+                 temp = xmlSaveUriRealloc(ret, &max);
+                 if (temp == NULL) goto mem_error;
+@@ -1143,22 +1145,24 @@ xmlSaveUri(xmlURIPtr uri) {
+ 		}
+ 		ret[len++] = '@';
+ 	    }
+-	    p = uri->server;
+-	    while (*p != 0) {
+-		if (len >= max) {
+-                    temp = xmlSaveUriRealloc(ret, &max);
+-                    if (temp == NULL) goto mem_error;
+-                    ret = temp;
++	    if (uri->server != NULL) {
++		p = uri->server;
++		while (*p != 0) {
++		    if (len >= max) {
++			temp = xmlSaveUriRealloc(ret, &max);
++			if (temp == NULL) goto mem_error;
++			ret = temp;
++		    }
++		    ret[len++] = *p++;
+ 		}
+-		ret[len++] = *p++;
+-	    }
+-	    if (uri->port > 0) {
+-		if (len + 10 >= max) {
+-                    temp = xmlSaveUriRealloc(ret, &max);
+-                    if (temp == NULL) goto mem_error;
+-                    ret = temp;
++		if (uri->port > 0) {
++		    if (len + 10 >= max) {
++			temp = xmlSaveUriRealloc(ret, &max);
++			if (temp == NULL) goto mem_error;
++			ret = temp;
++		    }
++		    len += snprintf((char *) &ret[len], max - len, ":%d", uri->port);
+ 		}
+-		len += snprintf((char *) &ret[len], max - len, ":%d", uri->port);
+ 	    }
+ 	} else if (uri->authority != NULL) {
+ 	    if (len + 3 >= max) {
+-- 
+2.1.4
+
diff -Nru libxml2-2.9.1+dfsg1/debian/patches/series libxml2-2.9.1+dfsg1/debian/patches/series
--- libxml2-2.9.1+dfsg1/debian/patches/series	2016-05-28 06:58:09.000000000 +0200
+++ libxml2-2.9.1+dfsg1/debian/patches/series	2016-06-14 20:21:16.000000000 +0200
@@ -83,3 +83,4 @@
 0083-Heap-based-buffer-underreads-due-to-xmlParseName.patch
 0084-Heap-based-buffer-overread-in-htmlCurrentChar.patch
 0085-Avoid-building-recursive-entities.patch
+0086-Fix-a-problem-properly-saving-URIs.patch

--- End Message ---
--- Begin Message --- 
Version: 8.6

The updates referred to in each of these bugs were included in today's
stable point release.

Regards,

Adam

--- End Message ---
Reply to: