New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 705938 link

Starred by 1 user
Status: Fixed
Owner:
dominicc@chromium.org
Last visit > 30 days ago
Closed: Mar 2017
Cc:
scottmg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug-Security



Sign in to add a comment

Roll libxml to e905f08123e4a6e7731549e6f09dadff4cab65bd

Project Member Reported by dominicc@chromium.org, Mar 28 2017 
Chrome Version       : ToT r460043
OS Version: Linux/all.

Upstream libxml has rolled over some of our local patches. We can roll libxml and simplify our diff a bit.

Comment 1 by ta...@google.com, Mar 29 2017

Labels: Security_Severity-Low Security_Impact-Head
Project Member

Comment 2 by bugdroid1@chromium.org, Mar 29 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/aa1586759de407c9631115b3de0ea85acb5b622f

commit aa1586759de407c9631115b3de0ea85acb5b622f
Author: dominicc <dominicc@chromium.org>
Date: Wed Mar 29 12:46:13 2017

Roll libxml to e905f08123e4a6e7731549e6f09dadff4cab65bd

In this patch I'm disabling LIBXML_VALID_ENABLED which should shrink the attack surface fuzzers find.

Local patches we're no longer applying now:

 Issue 623378  Comment 7 has been fixed upstream:
https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e

d31995076e55f1aac2f935c53b585a90ece27a11 / timsort.h:
https://git.gnome.org/browse/libxml2/commit/?id=c2545cbb6d9a87e3e0bce167eabcb8f3c9153edc

 Issue 624011  was fixed upstream:
https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b

BUG= 705938 , 692731 

Review-Url: https://codereview.chromium.org/2781843002
Cr-Commit-Position: refs/heads/master@{#460360}

[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/README.chromium
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/linux/include/libxml/xmlversion.h
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/libxml2.spec
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/runtest.c
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/testlimits.c
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/timsort.h
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/xmlIO.c
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/xpath.c
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/src/xpointer.c
[modify] https://crrev.com/aa1586759de407c9631115b3de0ea85acb5b622f/third_party/libxml/win32/xmlversion.h
Project Member

Comment 3 by sheriffbot@chromium.org, Mar 29 2017

Labels: -Pri-3 Pri-2

Comment 4 by dominicc@chromium.org, Mar 30 2017

Status: Fixed (was: Started)
I note that I missed disabling LIBXML_VALID_ENABLED in mac/include/libxml/xmlconfig.h, so I've posted a follow-up in https://codereview.chromium.org/2789473002
Project Member

Comment 5 by sheriffbot@chromium.org, Mar 30 2017

Labels: Restrict-View-SecurityNotify
Project Member

Comment 6 by bugdroid1@chromium.org, Apr 3 2017

Labels: merge-merged-3029
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0026287ba46f964b29a39c2171177da22ba33834

commit 0026287ba46f964b29a39c2171177da22ba33834
Author: Dominic Cooney <dominicc@chromium.org>
Date: Mon Apr 03 01:46:16 2017

Roll libxml to e905f08123e4a6e7731549e6f09dadff4cab65bd

In this patch I'm disabling LIBXML_VALID_ENABLED which should shrink the attack surface fuzzers find.

Local patches we're no longer applying now:

 Issue 623378  Comment 7 has been fixed upstream:
https://git.gnome.org/browse/libxml2/commit/?id=9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e

d31995076e55f1aac2f935c53b585a90ece27a11 / timsort.h:
https://git.gnome.org/browse/libxml2/commit/?id=c2545cbb6d9a87e3e0bce167eabcb8f3c9153edc

 Issue 624011  was fixed upstream:
https://git.gnome.org/browse/libxml2/commit/?id=c1d1f7121194036608bf555f08d3062a36fd344b

BUG= 705938 , 692731 

Review-Url: https://codereview.chromium.org/2781843002
Cr-Commit-Position: refs/heads/master@{#460360}
(cherry picked from commit aa1586759de407c9631115b3de0ea85acb5b622f)

Review-Url: https://codereview.chromium.org/2792873002 .
Cr-Commit-Position: refs/branch-heads/3029@{#535}
Cr-Branched-From: 939b32ee5ba05c396eef3fd992822fcca9a2e262-refs/heads/master@{#454471}

[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/README.chromium
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/linux/include/libxml/xmlversion.h
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/libxml2.spec
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/runtest.c
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/testlimits.c
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/timsort.h
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/xmlIO.c
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/xpath.c
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/src/xpointer.c
[modify] https://crrev.com/0026287ba46f964b29a39c2171177da22ba33834/third_party/libxml/win32/xmlversion.h
Project Member

Comment 7 by sheriffbot@chromium.org, Jul 6 2017

Labels: -Restrict-View-SecurityNotify allpublic
This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment