Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 790218 - dev-libs/libxslt-1.1.34-r1 fails tests
Summary: dev-libs/libxslt-1.1.34-r1 fails tests
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Sam James
URL: https://gitlab.gnome.org/GNOME/libxsl...
Whiteboard: Broken by new libxml2-1.11/1.12
Keywords:
: 811594 (view as bug list)
Depends on:
Blocks: CVE-2021-3516, CVE-2021-3517, CVE-2021-3518, CVE-2021-3537, CVE-2021-3541
  Show dependency tree
 
Reported: 2021-05-14 14:53 UTC by Agostino Sarubbo
Modified: 2021-10-29 15:28 UTC (History)
6 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
build.log (build.log,111.22 KB, text/plain)
2021-05-14 14:53 UTC, Agostino Sarubbo
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2021-05-14 14:53:51 UTC
https://blogs.gentoo.org/ago/2020/07/04/gentoo-tinderbox/

Issue: dev-libs/libxslt-1.1.34-r1 fails tests.
Discovered on: amd64 (internal ref: ci)

NOTE:
This machine uses GCC-11: https://gcc.gnu.org/gcc-11/porting_to.html
If you think this is a GCC-11 related issue, please block bug 732706.
Comment 1 Agostino Sarubbo gentoo-dev 2021-05-14 14:53:54 UTC
Created attachment 708549 [details]
build.log

build log and emerge --info
Comment 2 Agostino Sarubbo gentoo-dev 2021-05-14 14:53:55 UTC
Possible context of error(s):

compilation error: file /var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/doc/xsltproc.xml line 10 element refentry
Comment 3 tka 2021-05-15 08:48:30 UTC
make[3]: Entering directory '/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34-abi_x86_64.amd64/tests/fuzz'
x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz -I../..  -I/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34  -I/usr/include/libxml2 -march=native -mtune=native -O2 -pipe -Wall -Wextra -Wformat=2 -Wmissing-format-attribute -c -o testTargets.o /var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/testTargets.c
x86_64-pc-linux-gnu-gcc -DHAVE_CONFIG_H -I. -I/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz -I../..  -I/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34  -I/usr/include/libxml2 -march=native -mtune=native -O2 -pipe -Wall -Wextra -Wformat=2 -Wmissing-format-attribute -c -o fuzz.o /var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c
/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c: In function 'xsltFuzzXPathInit':
/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c:171:11: error: 'xmlXPathContext' {aka 'struct _xmlXPathContext'} has no member named 'maxParserDepth'
  171 |     xpctxt->maxParserDepth = 15;
      |           ^~
/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c:172:11: error: 'xmlXPathContext' {aka 'struct _xmlXPathContext'} has no member named 'maxDepth'
  172 |     xpctxt->maxDepth = 100;
      |           ^~
/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c: In function 'xsltSetXPathResourceLimits':
/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c:305:9: error: 'xmlXPathContext' {aka 'struct _xmlXPathContext'} has no member named 'maxParserDepth'
  305 |     ctxt->maxParserDepth = 15;
      |         ^~
/var/tmp/portage/dev-libs/libxslt-1.1.34-r1/work/libxslt-1.1.34/tests/fuzz/fuzz.c:306:9: error: 'xmlXPathContext' {aka 'struct _xmlXPathContext'} has no member named 'maxDepth'
  306 |     ctxt->maxDepth = 100;
      |         ^~
make[3]: *** [Makefile:466: fuzz.o] Error 1
Comment 4 Sam James archtester gentoo-dev Security 2021-05-16 13:51:06 UTC
FWIW, I’m aware of this but undecided as to what to do next given that clearly we need a new release upstream.

Will likely do a snapshot given there could be other incompatibilities.
Comment 5 Toralf Förster gentoo-dev 2021-09-04 16:36:41 UTC
*** Bug 811594 has been marked as a duplicate of this bug. ***
Comment 6 Larry the Git Cow gentoo-dev 2021-10-29 15:28:36 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=76c0287bfb98ed25b63c9ad892fa6a1ee1c87dc0

commit 76c0287bfb98ed25b63c9ad892fa6a1ee1c87dc0
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2021-10-29 15:26:36 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2021-10-29 15:28:24 +0000

    dev-libs/libxslt: fix tests with newer libxml2; patch CVE-2021-30560
    
    Note that we're now depending on >= .11 of libxml2 just to be safe,
    even though some of the patches seem to have compatibility guards,
    not all do - and upstream develop these in tandem anyway.
    
    Closes: https://bugs.gentoo.org/790218
    Bug: https://bugs.gentoo.org/820722
    Signed-off-by: Sam James <sam@gentoo.org>

 .../files/libxslt-1.1.34-CVE-2021-30560.patch      | 194 +++++++++++++++++++++
 .../files/libxslt-1.1.34-libxml2-2.9.12.patch      | 120 +++++++++++++
 dev-libs/libxslt/libxslt-1.1.34-r2.ebuild          |  72 ++++++++
 3 files changed, 386 insertions(+)