* [PATCH 0/1] Fix libxml2 unsafe memory access
@ 2015-10-28 5:22 kai.kang
2015-10-28 5:22 ` [PATCH 1/1] libxml2: fix " kai.kang
0 siblings, 1 reply; 7+ messages in thread
From: kai.kang @ 2015-10-28 5:22 UTC (permalink / raw)
To: openembedded-core
From: Kai Kang <kai.kang@windriver.com>
The patch is from:
https://bugzilla.gnome.org/show_bug.cgi?id=746048
Build image with packagegroup-core-buildessential, boot the image and compile following c code:
==================================================
#include "string.h"
#include <libxml/HTMLparser.h>
#include <libxml/HTMLtree.h>
int main(int argc, char** argv)
{
// Nokogiri::HTML::fragment("<!-- ")
htmlDocPtr doc ;
int options = HTML_PARSE_RECOVER | HTML_PARSE_NOERROR | HTML_PARSE_NOWARNING | HTML_PARSE_NONET ;
char* HTMLFRAG_GOOD = "<html><body><!-- x" ;
char* HTMLFRAG_BAD = "<html><body><!--" ;
char* HTMLFRAG = HTMLFRAG_BAD ;
xmlInitParser();
doc = htmlReadMemory(HTMLFRAG, strlen(HTMLFRAG),
NULL,
"UTF-8",
options);
xmlFreeDoc(doc);
}
==================================================
Run with valgrind, there is no warning.
The following changes since commit 8a0d8eee432924433c3e70198aaeab3161476c5f:
toaster manual: Updated the set up and use chapter (2015-10-27 07:28:22 +0000)
are available in the git repository at:
git://git.yoctoproject.org/poky-contrib kangkai/libxml2
http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=kangkai/libxml2
Kai Kang (1):
libxml2: fix unsafe memory access
.../libxml2/libxml2-fix-unsafe-memory-access.patch | 97 ++++++++++++++++++++++
meta/recipes-core/libxml/libxml2_2.9.2.bb | 3 +-
2 files changed, 99 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch
--
2.6.1
^ permalink raw reply [flat|nested] 7+ messages in thread* [PATCH 1/1] libxml2: fix unsafe memory access 2015-10-28 5:22 [PATCH 0/1] Fix libxml2 unsafe memory access kai.kang @ 2015-10-28 5:22 ` kai.kang 2015-10-28 9:41 ` Jussi Kukkonen 0 siblings, 1 reply; 7+ messages in thread From: kai.kang @ 2015-10-28 5:22 UTC (permalink / raw) To: openembedded-core From: Kai Kang <kai.kang@windriver.com> Backport patch from: https://bugzilla.gnome.org/show_bug.cgi?id=746048 to fix valgrind errors and unsafe memory access. Fix the indentation by the way. Signed-off-by: Kai Kang <kai.kang@windriver.com> --- .../libxml2/libxml2-fix-unsafe-memory-access.patch | 97 ++++++++++++++++++++++ meta/recipes-core/libxml/libxml2_2.9.2.bb | 3 +- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch diff --git a/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch b/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch new file mode 100644 index 0000000..b583032 --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch @@ -0,0 +1,97 @@ +Upstream-Status: Backport + +Backport from + +https://bugzilla.gnome.org/show_bug.cgi?id=746048 + +to fix unsafe memory access. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- +diff --git a/HTMLparser.c b/HTMLparser.c +index d329d3b..6f81424 100644 +--- a/HTMLparser.c ++++ b/HTMLparser.c +@@ -3245,13 +3245,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { + ctxt->instate = state; + return; + } ++ if ((ctxt->input->end - ctxt->input->cur) < 3) { ++ ctxt->instate = XML_PARSER_EOF; ++ htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, ++ "Comment not terminated\n", NULL, NULL); ++ xmlFree(buf); ++ return; ++ } + q = CUR_CHAR(ql); + NEXTL(ql); + r = CUR_CHAR(rl); + NEXTL(rl); + cur = CUR_CHAR(l); + len = 0; +- while (IS_CHAR(cur) && ++ while (((ctxt->input->end - ctxt->input->cur) > 0) && IS_CHAR(cur) && + ((cur != '>') || + (r != '-') || (q != '-'))) { + if (len + 5 >= size) { +@@ -3281,7 +3288,7 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { + } + } + buf[len] = 0; +- if (!IS_CHAR(cur)) { ++ if (!(ctxt->input->end - ctxt->input->cur) || !IS_CHAR(cur)) { + htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, + "Comment not terminated \n<!--%.50s\n", buf, NULL); + xmlFree(buf); +@@ -4465,6 +4472,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { + depth = ctxt->nameNr; + while (1) { + long cons = ctxt->nbChars; ++ long rem = ctxt->input->end - ctxt->input->cur; + + GROW; + +@@ -4540,7 +4548,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { + /* + * Sometimes DOCTYPE arrives in the middle of the document + */ +- if ((CUR == '<') && (NXT(1) == '!') && ++ if ((rem >= 9) && (CUR == '<') && (NXT(1) == '!') && + (UPP(2) == 'D') && (UPP(3) == 'O') && + (UPP(4) == 'C') && (UPP(5) == 'T') && + (UPP(6) == 'Y') && (UPP(7) == 'P') && +@@ -4554,7 +4562,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { + /* + * First case : a comment + */ +- if ((CUR == '<') && (NXT(1) == '!') && ++ if ((rem >= 4) && (CUR == '<') && (NXT(1) == '!') && + (NXT(2) == '-') && (NXT(3) == '-')) { + htmlParseComment(ctxt); + } +@@ -4562,14 +4570,14 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { + /* + * Second case : a Processing Instruction. + */ +- else if ((CUR == '<') && (NXT(1) == '?')) { ++ else if ((rem >= 2) && (CUR == '<') && (NXT(1) == '?')) { + htmlParsePI(ctxt); + } + + /* + * Third case : a sub-element. + */ +- else if (CUR == '<') { ++ else if ((rem >= 1) && (CUR == '<')) { + htmlParseElementInternal(ctxt); + if (currentNode != NULL) xmlFree(currentNode); + +@@ -4581,7 +4589,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { + * Fourth case : a reference. If if has not been resolved, + * parsing returns it's Name, create the node + */ +- else if (CUR == '&') { ++ else if ((rem >= 1) && (CUR == '&')) { + htmlParseReference(ctxt); + } + diff --git a/meta/recipes-core/libxml/libxml2_2.9.2.bb b/meta/recipes-core/libxml/libxml2_2.9.2.bb index 79a395c..4cafc87 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.2.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.2.bb @@ -2,7 +2,8 @@ require libxml2.inc SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \ file://72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch \ - file://0001-threads-Define-pthread-definitions-for-glibc-complia.patch \ + file://0001-threads-Define-pthread-definitions-for-glibc-complia.patch \ + file://libxml2-fix-unsafe-memory-access.patch \ " SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788" -- 2.6.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] libxml2: fix unsafe memory access 2015-10-28 5:22 ` [PATCH 1/1] libxml2: fix " kai.kang @ 2015-10-28 9:41 ` Jussi Kukkonen 2015-10-28 10:12 ` Kang Kai 0 siblings, 1 reply; 7+ messages in thread From: Jussi Kukkonen @ 2015-10-28 9:41 UTC (permalink / raw) To: Kai Kang; +Cc: Patches and discussions about the oe-core layer [-- Attachment #1: Type: text/plain, Size: 5796 bytes --] On 28 October 2015 at 07:22, <kai.kang@windriver.com> wrote: > From: Kai Kang <kai.kang@windriver.com> > > Backport patch from: > > https://bugzilla.gnome.org/show_bug.cgi?id=746048 > > to fix valgrind errors and unsafe memory access. > > Fix the indentation by the way. > > Signed-off-by: Kai Kang <kai.kang@windriver.com> > --- > .../libxml2/libxml2-fix-unsafe-memory-access.patch | 97 > ++++++++++++++++++++++ > meta/recipes-core/libxml/libxml2_2.9.2.bb | 3 +- > 2 files changed, 99 insertions(+), 1 deletion(-) > create mode 100644 > meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > > diff --git > a/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > b/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > new file mode 100644 > index 0000000..b583032 > --- /dev/null > +++ > b/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > @@ -0,0 +1,97 @@ > +Upstream-Status: Backport > This may be a nitpick but I don't think DV has taken this patch in the six months it's been available so it's not a backport. - Jussi + > +Backport from > + > +https://bugzilla.gnome.org/show_bug.cgi?id=746048 > + > +to fix unsafe memory access. > + > +Signed-off-by: Kai Kang <kai.kang@windriver.com> > +--- > +diff --git a/HTMLparser.c b/HTMLparser.c > +index d329d3b..6f81424 100644 > +--- a/HTMLparser.c > ++++ b/HTMLparser.c > +@@ -3245,13 +3245,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { > + ctxt->instate = state; > + return; > + } > ++ if ((ctxt->input->end - ctxt->input->cur) < 3) { > ++ ctxt->instate = XML_PARSER_EOF; > ++ htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, > ++ "Comment not terminated\n", NULL, NULL); > ++ xmlFree(buf); > ++ return; > ++ } > + q = CUR_CHAR(ql); > + NEXTL(ql); > + r = CUR_CHAR(rl); > + NEXTL(rl); > + cur = CUR_CHAR(l); > + len = 0; > +- while (IS_CHAR(cur) && > ++ while (((ctxt->input->end - ctxt->input->cur) > 0) && IS_CHAR(cur) && > + ((cur != '>') || > + (r != '-') || (q != '-'))) { > + if (len + 5 >= size) { > +@@ -3281,7 +3288,7 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { > + } > + } > + buf[len] = 0; > +- if (!IS_CHAR(cur)) { > ++ if (!(ctxt->input->end - ctxt->input->cur) || !IS_CHAR(cur)) { > + htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, > + "Comment not terminated \n<!--%.50s\n", buf, NULL); > + xmlFree(buf); > +@@ -4465,6 +4472,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { > + depth = ctxt->nameNr; > + while (1) { > + long cons = ctxt->nbChars; > ++ long rem = ctxt->input->end - ctxt->input->cur; > + > + GROW; > + > +@@ -4540,7 +4548,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { > + /* > + * Sometimes DOCTYPE arrives in the middle of the document > + */ > +- if ((CUR == '<') && (NXT(1) == '!') && > ++ if ((rem >= 9) && (CUR == '<') && (NXT(1) == '!') && > + (UPP(2) == 'D') && (UPP(3) == 'O') && > + (UPP(4) == 'C') && (UPP(5) == 'T') && > + (UPP(6) == 'Y') && (UPP(7) == 'P') && > +@@ -4554,7 +4562,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { > + /* > + * First case : a comment > + */ > +- if ((CUR == '<') && (NXT(1) == '!') && > ++ if ((rem >= 4) && (CUR == '<') && (NXT(1) == '!') && > + (NXT(2) == '-') && (NXT(3) == '-')) { > + htmlParseComment(ctxt); > + } > +@@ -4562,14 +4570,14 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { > + /* > + * Second case : a Processing Instruction. > + */ > +- else if ((CUR == '<') && (NXT(1) == '?')) { > ++ else if ((rem >= 2) && (CUR == '<') && (NXT(1) == '?')) { > + htmlParsePI(ctxt); > + } > + > + /* > + * Third case : a sub-element. > + */ > +- else if (CUR == '<') { > ++ else if ((rem >= 1) && (CUR == '<')) { > + htmlParseElementInternal(ctxt); > + if (currentNode != NULL) xmlFree(currentNode); > + > +@@ -4581,7 +4589,7 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) { > + * Fourth case : a reference. If if has not been resolved, > + * parsing returns it's Name, create the node > + */ > +- else if (CUR == '&') { > ++ else if ((rem >= 1) && (CUR == '&')) { > + htmlParseReference(ctxt); > + } > + > diff --git a/meta/recipes-core/libxml/libxml2_2.9.2.bb > b/meta/recipes-core/libxml/libxml2_2.9.2.bb > index 79a395c..4cafc87 100644 > --- a/meta/recipes-core/libxml/libxml2_2.9.2.bb > +++ b/meta/recipes-core/libxml/libxml2_2.9.2.bb > @@ -2,7 +2,8 @@ require libxml2.inc > > SRC_URI += "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar > \ > file://72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch \ > - > file://0001-threads-Define-pthread-definitions-for-glibc-complia.patch \ > + > file://0001-threads-Define-pthread-definitions-for-glibc-complia.patch \ > + file://libxml2-fix-unsafe-memory-access.patch \ > " > > SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788" > -- > 2.6.1 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > [-- Attachment #2: Type: text/html, Size: 8592 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] libxml2: fix unsafe memory access 2015-10-28 9:41 ` Jussi Kukkonen @ 2015-10-28 10:12 ` Kang Kai 2015-10-28 10:55 ` Alexander Kanavin 0 siblings, 1 reply; 7+ messages in thread From: Kang Kai @ 2015-10-28 10:12 UTC (permalink / raw) To: Jussi Kukkonen; +Cc: Patches and discussions about the oe-core layer [-- Attachment #1: Type: text/plain, Size: 7135 bytes --] On 2015年10月28日 17:41, Jussi Kukkonen wrote: > > > On 28 October 2015 at 07:22, <kai.kang@windriver.com > <mailto:kai.kang@windriver.com>> wrote: > > From: Kai Kang <kai.kang@windriver.com > <mailto:kai.kang@windriver.com>> > > Backport patch from: > > https://bugzilla.gnome.org/show_bug.cgi?id=746048 > > to fix valgrind errors and unsafe memory access. > > Fix the indentation by the way. > > Signed-off-by: Kai Kang <kai.kang@windriver.com > <mailto:kai.kang@windriver.com>> > --- > .../libxml2/libxml2-fix-unsafe-memory-access.patch | 97 > ++++++++++++++++++++++ > meta/recipes-core/libxml/libxml2_2.9.2.bb > <http://libxml2_2.9.2.bb> | 3 +- > 2 files changed, 99 insertions(+), 1 deletion(-) > create mode 100644 > meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > > diff --git > a/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > b/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > new file mode 100644 > index 0000000..b583032 > --- /dev/null > +++ > b/meta/recipes-core/libxml/libxml2/libxml2-fix-unsafe-memory-access.patch > @@ -0,0 +1,97 @@ > +Upstream-Status: Backport > > > This may be a nitpick but I don't think DV has taken this patch in the > six months it's been available so it's not a backport. I suppose Backport is the best choice in upstream status [ Pending Submitted Accepted Backport Denied Inappropriate ]. Though it is not from official upstream, it is from somewhere else as listed in the patch. Thanks. --Kai > > - Jussi > > + > +Backport from > + > +https://bugzilla.gnome.org/show_bug.cgi?id=746048 > + > +to fix unsafe memory access. > + > +Signed-off-by: Kai Kang <kai.kang@windriver.com > <mailto:kai.kang@windriver.com>> > +--- > +diff --git a/HTMLparser.c b/HTMLparser.c > +index d329d3b..6f81424 100644 > +--- a/HTMLparser.c > ++++ b/HTMLparser.c > +@@ -3245,13 +3245,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { > + ctxt->instate = state; > + return; > + } > ++ if ((ctxt->input->end - ctxt->input->cur) < 3) { > ++ ctxt->instate = XML_PARSER_EOF; > ++ htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, > ++ "Comment not terminated\n", NULL, NULL); > ++ xmlFree(buf); > ++ return; > ++ } > + q = CUR_CHAR(ql); > + NEXTL(ql); > + r = CUR_CHAR(rl); > + NEXTL(rl); > + cur = CUR_CHAR(l); > + len = 0; > +- while (IS_CHAR(cur) && > ++ while (((ctxt->input->end - ctxt->input->cur) > 0) && > IS_CHAR(cur) && > + ((cur != '>') || > + (r != '-') || (q != '-'))) { > + if (len + 5 >= size) { > +@@ -3281,7 +3288,7 @@ htmlParseComment(htmlParserCtxtPtr ctxt) { > + } > + } > + buf[len] = 0; > +- if (!IS_CHAR(cur)) { > ++ if (!(ctxt->input->end - ctxt->input->cur) || !IS_CHAR(cur)) { > + htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED, > + "Comment not terminated \n<!--%.50s\n", buf, > NULL); > + xmlFree(buf); > +@@ -4465,6 +4472,7 @@ htmlParseContentInternal(htmlParserCtxtPtr > ctxt) { > + depth = ctxt->nameNr; > + while (1) { > + long cons = ctxt->nbChars; > ++ long rem = ctxt->input->end - ctxt->input->cur; > + > + GROW; > + > +@@ -4540,7 +4548,7 @@ htmlParseContentInternal(htmlParserCtxtPtr > ctxt) { > + /* > + * Sometimes DOCTYPE arrives in the middle of the document > + */ > +- if ((CUR == '<') && (NXT(1) == '!') && > ++ if ((rem >= 9) && (CUR == '<') && (NXT(1) == '!') && > + (UPP(2) == 'D') && (UPP(3) == 'O') && > + (UPP(4) == 'C') && (UPP(5) == 'T') && > + (UPP(6) == 'Y') && (UPP(7) == 'P') && > +@@ -4554,7 +4562,7 @@ htmlParseContentInternal(htmlParserCtxtPtr > ctxt) { > + /* > + * First case : a comment > + */ > +- if ((CUR == '<') && (NXT(1) == '!') && > ++ if ((rem >= 4) && (CUR == '<') && (NXT(1) == '!') && > + (NXT(2) == '-') && (NXT(3) == '-')) { > + htmlParseComment(ctxt); > + } > +@@ -4562,14 +4570,14 @@ > htmlParseContentInternal(htmlParserCtxtPtr ctxt) { > + /* > + * Second case : a Processing Instruction. > + */ > +- else if ((CUR == '<') && (NXT(1) == '?')) { > ++ else if ((rem >= 2) && (CUR == '<') && (NXT(1) == '?')) { > + htmlParsePI(ctxt); > + } > + > + /* > + * Third case : a sub-element. > + */ > +- else if (CUR == '<') { > ++ else if ((rem >= 1) && (CUR == '<')) { > + htmlParseElementInternal(ctxt); > + if (currentNode != NULL) xmlFree(currentNode); > + > +@@ -4581,7 +4589,7 @@ htmlParseContentInternal(htmlParserCtxtPtr > ctxt) { > + * Fourth case : a reference. If if has not been resolved, > + * parsing returns it's Name, create the node > + */ > +- else if (CUR == '&') { > ++ else if ((rem >= 1) && (CUR == '&')) { > + htmlParseReference(ctxt); > + } > + > diff --git a/meta/recipes-core/libxml/libxml2_2.9.2.bb > <http://libxml2_2.9.2.bb> > b/meta/recipes-core/libxml/libxml2_2.9.2.bb <http://libxml2_2.9.2.bb> > index 79a395c..4cafc87 100644 > --- a/meta/recipes-core/libxml/libxml2_2.9.2.bb > <http://libxml2_2.9.2.bb> > +++ b/meta/recipes-core/libxml/libxml2_2.9.2.bb > <http://libxml2_2.9.2.bb> > @@ -2,7 +2,8 @@ require libxml2.inc > > SRC_URI += > "http://www.w3.org/XML/Test/xmlts20080827.tar.gz;name=testtar \ > file://72a46a519ce7326d9a00f0b6a7f2a8e958cd1675.patch \ > - > file://0001-threads-Define-pthread-definitions-for-glibc-complia.patch > \ > + > file://0001-threads-Define-pthread-definitions-for-glibc-complia.patch > \ > + file://libxml2-fix-unsafe-memory-access.patch \ > " > > SRC_URI[libtar.md5sum] = "9e6a9aca9d155737868b3dc5fd82f788" > -- > 2.6.1 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > <mailto:Openembedded-core@lists.openembedded.org> > http://lists.openembedded.org/mailman/listinfo/openembedded-core > > -- Regards, Neil | Kai Kang [-- Attachment #2: Type: text/html, Size: 13588 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] libxml2: fix unsafe memory access 2015-10-28 10:12 ` Kang Kai @ 2015-10-28 10:55 ` Alexander Kanavin 2015-10-28 11:15 ` Burton, Ross 0 siblings, 1 reply; 7+ messages in thread From: Alexander Kanavin @ 2015-10-28 10:55 UTC (permalink / raw) To: openembedded-core On 10/28/2015 12:12 PM, Kang Kai wrote: >> This may be a nitpick but I don't think DV has taken this patch in the >> six months it's been available so it's not a backport. > > I suppose Backport is the best choice in upstream status [ Pending > Submitted Accepted Backport Denied Inappropriate ]. Though it is not > from official upstream, it is from somewhere else as listed in the patch. 'Submitted [where]' is the right choice here, I think. Alex ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] libxml2: fix unsafe memory access 2015-10-28 10:55 ` Alexander Kanavin @ 2015-10-28 11:15 ` Burton, Ross 2015-10-29 1:43 ` Kang Kai 0 siblings, 1 reply; 7+ messages in thread From: Burton, Ross @ 2015-10-28 11:15 UTC (permalink / raw) To: Alexander Kanavin; +Cc: OE-core [-- Attachment #1: Type: text/plain, Size: 439 bytes --] On 28 October 2015 at 10:55, Alexander Kanavin < alexander.kanavin@linux.intel.com> wrote: > I suppose Backport is the best choice in upstream status [ Pending >> Submitted Accepted Backport Denied Inappropriate ]. Though it is not >> from official upstream, it is from somewhere else as listed in the patch. >> > > 'Submitted [where]' is the right choice here, I think. > Yes, this is exactly what Submitted is for. Ross [-- Attachment #2: Type: text/html, Size: 950 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/1] libxml2: fix unsafe memory access 2015-10-28 11:15 ` Burton, Ross @ 2015-10-29 1:43 ` Kang Kai 0 siblings, 0 replies; 7+ messages in thread From: Kang Kai @ 2015-10-29 1:43 UTC (permalink / raw) To: Burton, Ross, Alexander Kanavin; +Cc: OE-core [-- Attachment #1: Type: text/plain, Size: 679 bytes --] On 2015年10月28日 19:15, Burton, Ross wrote: > > On 28 October 2015 at 10:55, Alexander Kanavin > <alexander.kanavin@linux.intel.com > <mailto:alexander.kanavin@linux.intel.com>> wrote: > > I suppose Backport is the best choice in upstream status [ Pending > Submitted Accepted Backport Denied Inappropriate ]. Though it > is not > from official upstream, it is from somewhere else as listed in > the patch. > > > 'Submitted [where]' is the right choice here, I think. > > > Yes, this is exactly what Submitted is for. OK. I'll send V2. Thanks, Kai > > Ross > > -- Regards, Neil | Kai Kang [-- Attachment #2: Type: text/html, Size: 2423 bytes --] ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2015-10-29 1:43 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2015-10-28 5:22 [PATCH 0/1] Fix libxml2 unsafe memory access kai.kang 2015-10-28 5:22 ` [PATCH 1/1] libxml2: fix " kai.kang 2015-10-28 9:41 ` Jussi Kukkonen 2015-10-28 10:12 ` Kang Kai 2015-10-28 10:55 ` Alexander Kanavin 2015-10-28 11:15 ` Burton, Ross 2015-10-29 1:43 ` Kang Kai
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.