From 037387d4ba374f2c03cf26590ff143ba459e7cfc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Wed, 2 Jul 2025 10:30:49 +0200 Subject: [PATCH 01/11] libxml2: get rid of generic arguments --- pkgs/development/libraries/libxml2/default.nix | 11 +++++++++-- pkgs/top-level/all-packages.nix | 8 +------- pkgs/top-level/python-packages.nix | 2 +- 3 files changed, 11 insertions(+), 10 deletions(-) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 1a411f3b2130d..6b366fbd4e11c 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -1,11 +1,12 @@ { stdenv, + darwin, lib, fetchFromGitLab, pkg-config, autoreconfHook, libintl, - python, + python3, gettext, ncurses, findXMLCatalogs, @@ -31,7 +32,13 @@ enableHttp ? false, }: -stdenv.mkDerivation (finalAttrs: { +let + python = python3; + # libxml2 is a dependency of xcbuild. Avoid an infinite recursion by using a bootstrap stdenv + # that does not propagate xcrun. + stdenv' = if stdenv.hostPlatform.isDarwin then darwin.bootstrapStdenv else stdenv; +in +stdenv'.mkDerivation (finalAttrs: { pname = "libxml2"; version = "2.14.5"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b33f85874c218..d997a1b6824e3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8835,13 +8835,7 @@ with pkgs; libxcrypt-legacy = libxcrypt.override { enableHashes = "all"; }; libxkbcommon = libxkbcommon_8; - libxml2 = callPackage ../development/libraries/libxml2 { - python = python3; - stdenv = - # libxml2 is a dependency of xcbuild. Avoid an infinite recursion by using a bootstrap stdenv - # that does not propagate xcrun. - if stdenv.hostPlatform.isDarwin then darwin.bootstrapStdenv else stdenv; - }; + libxml2 = callPackage ../development/libraries/libxml2 { }; libxml2Python = let diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index d231cd21957da..9a82087429b62 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -8234,7 +8234,7 @@ self: super: with self; { (toPythonModule ( pkgs.libxml2.override { pythonSupport = true; - inherit python; + python3 = python; } )).py; From 8dc10e9c4fa72e74b8c2d0af5aa8c54ccd921dec Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 3 Jul 2025 00:59:00 +0200 Subject: [PATCH 02/11] libxml2: remove `with lib;` --- pkgs/development/libraries/libxml2/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 6b366fbd4e11c..431e08fa101bf 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -165,12 +165,14 @@ stdenv'.mkDerivation (finalAttrs: { }; }; - meta = with lib; { + meta = { homepage = "https://gitlab.gnome.org/GNOME/libxml2"; description = "XML parsing library for C"; - license = licenses.mit; - platforms = platforms.all; - maintainers = with maintainers; [ jtojnar ]; + license = lib.licenses.mit; + platforms = lib.platforms.all; + maintainers = with lib.maintainers; [ + jtojnar + ]; pkgConfigModules = [ "libxml-2.0" ]; }; }) From 2fc398994878e1de9e4fb02e0a19011503f3876d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Sun, 13 Jul 2025 21:14:10 +0200 Subject: [PATCH 03/11] libxml2: remove python2 support, don't check for python3 --- .../development/libraries/libxml2/default.nix | 21 +++++-------------- 1 file changed, 5 insertions(+), 16 deletions(-) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 431e08fa101bf..f222324778c08 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -5,9 +5,7 @@ fetchFromGitLab, pkg-config, autoreconfHook, - libintl, python3, - gettext, ncurses, findXMLCatalogs, libiconv, @@ -33,7 +31,6 @@ }: let - python = python3; # libxml2 is a dependency of xcbuild. Avoid an infinite recursion by using a bootstrap stdenv # that does not propagate xcrun. stdenv' = if stdenv.hostPlatform.isDarwin then darwin.bootstrapStdenv else stdenv; @@ -79,16 +76,8 @@ stdenv'.mkDerivation (finalAttrs: { buildInputs = lib.optionals pythonSupport [ - python - ] - ++ lib.optionals (pythonSupport && python ? isPy2 && python.isPy2) [ - gettext - ] - ++ lib.optionals (pythonSupport && python ? isPy3 && python.isPy3) [ ncurses - ] - ++ lib.optionals (stdenv.hostPlatform.isDarwin && pythonSupport && python ? isPy2 && python.isPy2) [ - libintl + python3 ] ++ lib.optionals zlibSupport [ zlib @@ -112,15 +101,15 @@ stdenv'.mkDerivation (finalAttrs: { (lib.enableFeature enableShared "shared") (lib.withFeature icuSupport "icu") (lib.withFeature pythonSupport "python") - (lib.optionalString pythonSupport "PYTHON=${python.pythonOnBuildForHost.interpreter}") + (lib.optionalString pythonSupport "PYTHON=${python3.pythonOnBuildForHost.interpreter}") ] # avoid rebuilds, can be merged into list in version bumps ++ lib.optional enableHttp "--with-http" ++ lib.optional zlibSupport "--with-zlib"; installFlags = lib.optionals pythonSupport [ - "pythondir=\"${placeholder "py"}/${python.sitePackages}\"" - "pyexecdir=\"${placeholder "py"}/${python.sitePackages}\"" + "pythondir=\"${placeholder "py"}/${python3.sitePackages}\"" + "pyexecdir=\"${placeholder "py"}/${python3.sitePackages}\"" ]; enableParallelBuilding = true; @@ -135,7 +124,7 @@ stdenv'.mkDerivation (finalAttrs: { ''; preInstall = lib.optionalString pythonSupport '' - substituteInPlace python/libxml2mod.la --replace-fail "$dev/${python.sitePackages}" "$py/${python.sitePackages}" + substituteInPlace python/libxml2mod.la --replace-fail "$dev/${python3.sitePackages}" "$py/${python3.sitePackages}" ''; postFixup = From e67ade88a3b65e00b61e9cabd7f29cf69c1f8f8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 3 Jul 2025 00:43:32 +0200 Subject: [PATCH 04/11] libxml2: rename default.nix to common.nix --- pkgs/development/libraries/libxml2/{default.nix => common.nix} | 0 pkgs/top-level/all-packages.nix | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename pkgs/development/libraries/libxml2/{default.nix => common.nix} (100%) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/common.nix similarity index 100% rename from pkgs/development/libraries/libxml2/default.nix rename to pkgs/development/libraries/libxml2/common.nix diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d997a1b6824e3..ae6fa6207985f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8835,7 +8835,7 @@ with pkgs; libxcrypt-legacy = libxcrypt.override { enableHashes = "all"; }; libxkbcommon = libxkbcommon_8; - libxml2 = callPackage ../development/libraries/libxml2 { }; + libxml2 = callPackage ../development/libraries/libxml2/common.nix { }; libxml2Python = let From febeabf314cce1f99612825fe14858a4bc682cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Sat, 19 Jul 2025 00:30:51 +0200 Subject: [PATCH 05/11] libxml2: prepare for multiple versions --- pkgs/development/libraries/libxml2/common.nix | 24 +++++++---------- .../development/libraries/libxml2/default.nix | 26 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 5 +++- 3 files changed, 40 insertions(+), 15 deletions(-) create mode 100644 pkgs/development/libraries/libxml2/default.nix diff --git a/pkgs/development/libraries/libxml2/common.nix b/pkgs/development/libraries/libxml2/common.nix index f222324778c08..bc10a31bcf6d4 100644 --- a/pkgs/development/libraries/libxml2/common.nix +++ b/pkgs/development/libraries/libxml2/common.nix @@ -2,7 +2,6 @@ stdenv, darwin, lib, - fetchFromGitLab, pkg-config, autoreconfHook, python3, @@ -28,6 +27,10 @@ gnome, testers, enableHttp ? false, + + version, + src, + extraMeta ? { }, }: let @@ -36,8 +39,12 @@ let stdenv' = if stdenv.hostPlatform.isDarwin then darwin.bootstrapStdenv else stdenv; in stdenv'.mkDerivation (finalAttrs: { + inherit + version + src + ; + pname = "libxml2"; - version = "2.14.5"; outputs = [ @@ -50,14 +57,6 @@ stdenv'.mkDerivation (finalAttrs: { ++ lib.optional (enableStatic && enableShared) "static"; outputMan = "bin"; - src = fetchFromGitLab { - domain = "gitlab.gnome.org"; - owner = "GNOME"; - repo = "libxml2"; - tag = "v${finalAttrs.version}"; - hash = "sha256-vxKlw8Kz+fgUP6bhWG2+4346WJVzqG0QvPG/BT7RftQ="; - }; - patches = [ # Unmerged ABI-breaking patch required to fix the following security issues: # - https://gitlab.gnome.org/GNOME/libxslt/-/issues/139 @@ -159,9 +158,6 @@ stdenv'.mkDerivation (finalAttrs: { description = "XML parsing library for C"; license = lib.licenses.mit; platforms = lib.platforms.all; - maintainers = with lib.maintainers; [ - jtojnar - ]; pkgConfigModules = [ "libxml-2.0" ]; - }; + } // extraMeta; }) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix new file mode 100644 index 0000000000000..9678d1124b023 --- /dev/null +++ b/pkgs/development/libraries/libxml2/default.nix @@ -0,0 +1,26 @@ +{ + lib, + callPackage, + fetchFromGitLab, +}: + +let + packages = { + libxml2 = callPackage ./common.nix { + version = "2.14.5"; + src = fetchFromGitLab { + domain = "gitlab.gnome.org"; + owner = "GNOME"; + repo = "libxml2"; + tag = "v${packages.libxml2.version}"; + hash = "sha256-vxKlw8Kz+fgUP6bhWG2+4346WJVzqG0QvPG/BT7RftQ="; + }; + extraMeta = { + maintainers = with lib.maintainers; [ + jtojnar + ]; + }; + }; + }; +in +packages diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index ae6fa6207985f..d191c2df337f1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8835,7 +8835,10 @@ with pkgs; libxcrypt-legacy = libxcrypt.override { enableHashes = "all"; }; libxkbcommon = libxkbcommon_8; - libxml2 = callPackage ../development/libraries/libxml2/common.nix { }; + + inherit (callPackage ../development/libraries/libxml2 { }) + libxml2 + ; libxml2Python = let From 4c5c6be10f4c5ecfb52e6b1d27b6c2f1f273f86f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 3 Jul 2025 01:28:36 +0200 Subject: [PATCH 06/11] libxml2_13: init --- pkgs/development/libraries/libxml2/default.nix | 18 ++++++++++++++++++ pkgs/top-level/all-packages.nix | 1 + 2 files changed, 19 insertions(+) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 9678d1124b023..71b433584a357 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -6,6 +6,24 @@ let packages = { + libxml2_13 = callPackage ./common.nix { + version = "2.13.8"; + src = fetchFromGitLab { + domain = "gitlab.gnome.org"; + owner = "GNOME"; + repo = "libxml2"; + tag = "v${packages.libxml2_13.version}"; + hash = "sha256-acemyYs1yRSTSLH7YCGxnQzrEDm8YPTK4HtisC36LsY="; + }; + extraMeta = { + knownVulnerabilities = [ + "CVE-2025-6021" + ]; + maintainers = with lib.maintainers; [ + gepbird + ]; + }; + }; libxml2 = callPackage ./common.nix { version = "2.14.5"; src = fetchFromGitLab { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d191c2df337f1..422c103ad83f1 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -8837,6 +8837,7 @@ with pkgs; libxkbcommon = libxkbcommon_8; inherit (callPackage ../development/libraries/libxml2 { }) + libxml2_13 libxml2 ; From dbdc8ca8f473fde09b3b908ce000a4b055aca228 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 3 Jul 2025 01:32:30 +0200 Subject: [PATCH 07/11] libxml2_13: freeze update script --- pkgs/development/libraries/libxml2/common.nix | 2 ++ pkgs/development/libraries/libxml2/default.nix | 1 + 2 files changed, 3 insertions(+) diff --git a/pkgs/development/libraries/libxml2/common.nix b/pkgs/development/libraries/libxml2/common.nix index bc10a31bcf6d4..3a2d6836fc11c 100644 --- a/pkgs/development/libraries/libxml2/common.nix +++ b/pkgs/development/libraries/libxml2/common.nix @@ -31,6 +31,7 @@ version, src, extraMeta ? { }, + freezeUpdateScript ? false, }: let @@ -141,6 +142,7 @@ stdenv'.mkDerivation (finalAttrs: { updateScript = gnome.updateScript { packageName = "libxml2"; versionPolicy = "none"; + freeze = freezeUpdateScript; }; tests = { pkg-config = testers.hasPkgConfigModules { diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 71b433584a357..940f007b97da5 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -15,6 +15,7 @@ let tag = "v${packages.libxml2_13.version}"; hash = "sha256-acemyYs1yRSTSLH7YCGxnQzrEDm8YPTK4HtisC36LsY="; }; + freezeUpdateScript = true; extraMeta = { knownVulnerabilities = [ "CVE-2025-6021" From 348be18ac4b40caa531048d977df7d54b4ea9d14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Mon, 14 Jul 2025 10:31:12 +0200 Subject: [PATCH 08/11] libxml2_13: add patch for CVE-2025-6021 --- .../libraries/libxml2/CVE-2025-6021.patch | 40 +++++++++++++++++++ pkgs/development/libraries/libxml2/common.nix | 3 +- .../development/libraries/libxml2/default.nix | 8 ++-- 3 files changed, 47 insertions(+), 4 deletions(-) create mode 100644 pkgs/development/libraries/libxml2/CVE-2025-6021.patch diff --git a/pkgs/development/libraries/libxml2/CVE-2025-6021.patch b/pkgs/development/libraries/libxml2/CVE-2025-6021.patch new file mode 100644 index 0000000000000..7d20a17c70381 --- /dev/null +++ b/pkgs/development/libraries/libxml2/CVE-2025-6021.patch @@ -0,0 +1,40 @@ +diff --git a/tree.c b/tree.c +index f097cf87..4d966ec9 100644 +--- a/tree.c ++++ b/tree.c +@@ -47,6 +47,10 @@ + #include "private/error.h" + #include "private/tree.h" + ++#ifndef SIZE_MAX ++ #define SIZE_MAX ((size_t) -1) ++#endif ++ + int __xmlRegisterCallbacks = 0; + + /************************************************************************ +@@ -167,10 +168,10 @@ xmlGetParameterEntityFromDtd(const xmlDtd *dtd, const xmlChar *name) { + xmlChar * + xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, + xmlChar *memory, int len) { +- int lenn, lenp; ++ size_t lenn, lenp; + xmlChar *ret; + +- if (ncname == NULL) return(NULL); ++ if ((ncname == NULL) || (len < 0)) return(NULL); + if (prefix == NULL) return((xmlChar *) ncname); + + #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION +@@ -181,8 +182,10 @@ xmlBuildQName(const xmlChar *ncname, const xmlChar *prefix, + + lenn = strlen((char *) ncname); + lenp = strlen((char *) prefix); ++ if (lenn >= SIZE_MAX - lenp - 1) ++ return(NULL); + +- if ((memory == NULL) || (len < lenn + lenp + 2)) { ++ if ((memory == NULL) || ((size_t) len < lenn + lenp + 2)) { + ret = (xmlChar *) xmlMallocAtomic(lenn + lenp + 2); + if (ret == NULL) + return(NULL); diff --git a/pkgs/development/libraries/libxml2/common.nix b/pkgs/development/libraries/libxml2/common.nix index 3a2d6836fc11c..7ab55b3f10bbd 100644 --- a/pkgs/development/libraries/libxml2/common.nix +++ b/pkgs/development/libraries/libxml2/common.nix @@ -29,6 +29,7 @@ enableHttp ? false, version, + extraPatches ? [ ], src, extraMeta ? { }, freezeUpdateScript ? false, @@ -65,7 +66,7 @@ stdenv'.mkDerivation (finalAttrs: { # See also https://gitlab.gnome.org/GNOME/libxml2/-/issues/906 # Source: https://github.com/chromium/chromium/blob/4fb4ae8ce3daa399c3d8ca67f2dfb9deffcc7007/third_party/libxml/chromium/xml-attr-extra.patch ./xml-attr-extra.patch - ]; + ] ++ extraPatches; strictDeps = true; diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 940f007b97da5..8bc4ddcdd079d 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -15,11 +15,13 @@ let tag = "v${packages.libxml2_13.version}"; hash = "sha256-acemyYs1yRSTSLH7YCGxnQzrEDm8YPTK4HtisC36LsY="; }; + extraPatches = [ + # same as upstream patch but fixed conflict and added required import: + # https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0.diff + ./CVE-2025-6021.patch + ]; freezeUpdateScript = true; extraMeta = { - knownVulnerabilities = [ - "CVE-2025-6021" - ]; maintainers = with lib.maintainers; [ gepbird ]; From 5b7873647225dbb427157933eb8e04485fb5144c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 17 Jul 2025 00:38:14 +0200 Subject: [PATCH 09/11] libxml2_13: add patch for CVE-2025-49794 and CVE-2025-49796 --- pkgs/development/libraries/libxml2/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 8bc4ddcdd079d..762f3c5542179 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -2,6 +2,7 @@ lib, callPackage, fetchFromGitLab, + fetchpatch2, }: let @@ -19,6 +20,11 @@ let # same as upstream patch but fixed conflict and added required import: # https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0.diff ./CVE-2025-6021.patch + (fetchpatch2 { + name = "CVE-2025-49794-49796.patch"; + url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/f7ebc65f05bffded58d1e1b2138eb124c2e44f21.patch"; + hash = "sha256-k+IGq6pbv9EA7o+uDocEAUqIammEjLj27Z+2RF5EMrs="; + }) ]; freezeUpdateScript = true; extraMeta = { From 5d3c18107abdac1354a12ec09a8e862c9c631553 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 17 Jul 2025 00:40:46 +0200 Subject: [PATCH 10/11] libxml2_13: add patch for CVE-2025-49795 --- pkgs/development/libraries/libxml2/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 762f3c5542179..17d4ea5e82222 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -25,6 +25,12 @@ let url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/f7ebc65f05bffded58d1e1b2138eb124c2e44f21.patch"; hash = "sha256-k+IGq6pbv9EA7o+uDocEAUqIammEjLj27Z+2RF5EMrs="; }) + (fetchpatch2 { + name = "CVE-2025-49795.patch"; + url = "https://gitlab.gnome.org/GNOME/libxml2/-/commit/c24909ba2601848825b49a60f988222da3019667.patch"; + hash = "sha256-r7PYKr5cDDNNMtM3ogNLsucPFTwP/uoC7McijyLl4kU="; + excludes = [ "runtest.c" ]; # tests were rewritten in C and are on schematron for 2.13.x, meaning this does not apply + }) ]; freezeUpdateScript = true; extraMeta = { From 2da008e2ee4eda08380f6341db237ec6fef950ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Thu, 17 Jul 2025 09:47:20 +0200 Subject: [PATCH 11/11] libxml2_13: add patch for CVE-2025-6170 --- .../libraries/libxml2/CVE-2025-6170.patch | 112 ++++++++++++++++++ .../development/libraries/libxml2/default.nix | 3 + 2 files changed, 115 insertions(+) create mode 100644 pkgs/development/libraries/libxml2/CVE-2025-6170.patch diff --git a/pkgs/development/libraries/libxml2/CVE-2025-6170.patch b/pkgs/development/libraries/libxml2/CVE-2025-6170.patch new file mode 100644 index 0000000000000..b66f24e305e0d --- /dev/null +++ b/pkgs/development/libraries/libxml2/CVE-2025-6170.patch @@ -0,0 +1,112 @@ +diff --git a/result/scripts/long_command b/result/scripts/long_command +new file mode 100644 +index 000000000..e6f00708b +--- /dev/null ++++ b/result/scripts/long_command +@@ -0,0 +1,8 @@ ++/ > b > b > Object is a Node Set : ++Set contains 1 nodes: ++1 ELEMENT a:c ++b > Unknown command This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_comm ++b > b > Unknown command ess_currents_of_time_and_existence ++b > ++Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_prof ++b > +\ No newline at end of file +diff --git a/debugXML.c b/debugXML.c +index ed56b0f8..aeeea3c0 100644 +--- a/debugXML.c ++++ b/debugXML.c +@@ -2780,6 +2780,10 @@ xmlShellPwd(xmlShellCtxtPtr ctxt ATTRIBUTE_UNUSED, char *buffer, + return (0); + } + ++#define MAX_PROMPT_SIZE 500 ++#define MAX_ARG_SIZE 400 ++#define MAX_COMMAND_SIZE 100 ++ + /** + * xmlShell: + * @doc: the initial document +@@ -2795,10 +2795,10 @@ void + xmlShell(xmlDocPtr doc, const char *filename, xmlShellReadlineFunc input, + FILE * output) + { +- char prompt[500] = "/ > "; ++ char prompt[MAX_PROMPT_SIZE] = "/ > "; + char *cmdline = NULL, *cur; +- char command[100]; +- char arg[400]; ++ char command[MAX_COMMAND_SIZE]; ++ char arg[MAX_ARG_SIZE]; + int i; + xmlShellCtxtPtr ctxt; + xmlXPathObjectPtr list; +@@ -2856,7 +2856,8 @@ xmlShell(xmlDocPtr doc, const char *filename, xmlShellReadlineFunc input, + cur++; + i = 0; + while ((*cur != ' ') && (*cur != '\t') && +- (*cur != '\n') && (*cur != '\r')) { ++ (*cur != '\n') && (*cur != '\r') && ++ (i < (MAX_COMMAND_SIZE - 1))) { + if (*cur == 0) + break; + command[i++] = *cur++; +@@ -2871,7 +2872,7 @@ xmlShell(xmlDocPtr doc, const char *filename, xmlShellReadlineFunc input, + while ((*cur == ' ') || (*cur == '\t')) + cur++; + i = 0; +- while ((*cur != '\n') && (*cur != '\r') && (*cur != 0)) { ++ while ((*cur != '\n') && (*cur != '\r') && (*cur != 0) && (i < (MAX_ARG_SIZE-1))) { + if (*cur == 0) + break; + arg[i++] = *cur++; +diff --git a/xmllint.c b/xmllint.c +index c6273477..3d90272c 100644 +--- a/xmllint.c ++++ b/xmllint.c +@@ -724,6 +724,9 @@ xmlHTMLValidityWarning(void *ctx, const char *msg, ...) + ************************************************************************/ + #ifdef LIBXML_DEBUG_ENABLED + #ifdef LIBXML_XPATH_ENABLED ++ ++#define MAX_PROMPT_SIZE 500 ++ + /** + * xmlShellReadline: + * @prompt: the prompt value +@@ -754,9 +754,9 @@ xmlShellReadline(char *prompt) { + if (prompt != NULL) + fprintf(stdout, "%s", prompt); + fflush(stdout); +- if (!fgets(line_read, 500, stdin)) ++ if (!fgets(line_read, MAX_PROMPT_SIZE, stdin)) + return(NULL); +- line_read[500] = 0; ++ line_read[MAX_PROMPT_SIZE] = 0; + len = strlen(line_read); + ret = (char *) malloc(len + 1); + if (ret != NULL) { +-- +diff --git a/test/scripts/long_command.script b/test/scripts/long_command.script +new file mode 100644 +index 000000000..00f6df09f +--- /dev/null ++++ b/test/scripts/long_command.script +@@ -0,0 +1,6 @@ ++cd a/b ++set ++xpath //*[namespace-uri()="foo"] ++This_is_a_really_long_command_string_designed_to_test_the_limits_of_the_memory_that_stores_the_command_please_dont_crash foo ++set Navigating_the_labyrinthine_corridors_of_human_cognition_one_often_encounters_the_perplexing_paradox_that_the_more_we_delve_into_the_intricate_dance_of_neural_pathways_and_synaptic_firings_the_further_we_seem_to_stray_from_a_truly_holistic_understanding_of_consciousness_a_phenomenon_that_remains_as_elusive_as_a_moonbeam_caught_in_a_spiderweb_yet_undeniably_shapes_every_fleeting_thought_every_profound_emotion_and_every_grand_aspiration_that_propels_our_species_ever_onward_through_the_relentless_currents_of_time_and_existence ++save - +diff --git a/test/scripts/long_command.xml b/test/scripts/long_command.xml +new file mode 100644 +index 000000000..1ba44016e +--- /dev/null ++++ b/test/scripts/long_command.xml +@@ -0,0 +1 @@ ++ +-- +GitLab + diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 17d4ea5e82222..52889102febc9 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -31,6 +31,9 @@ let hash = "sha256-r7PYKr5cDDNNMtM3ogNLsucPFTwP/uoC7McijyLl4kU="; excludes = [ "runtest.c" ]; # tests were rewritten in C and are on schematron for 2.13.x, meaning this does not apply }) + # same as upstream, fixed conflicts + # https://gitlab.gnome.org/GNOME/libxml2/-/commit/c340e419505cf4bf1d9ed7019a87cc00ec200434 + ./CVE-2025-6170.patch ]; freezeUpdateScript = true; extraMeta = {