feat: update tinyxml to 2.6.2-7

debian/changelog

@@ -1,8 +1,33 @@
-tinyxml (2.6.2-5deepin0) unstable; urgency=medium
+tinyxml (2.6.2-7) unstable; urgency=medium
 
-  * No source change upload against GCC 12.
+  * Fix passing -DTIXML_USE_STL to the build. (Closes: #1076929)
 
- -- Tianyu Chen <sweetyfish@deepin.org>  Fri, 20 Sep 2024 12:20:07 +0800
+ -- Felix Geyer <fgeyer@debian.org>  Fri, 26 Jul 2024 17:29:19 +0200
+
+tinyxml (2.6.2-6.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+
+  [ Debian Janitor ]
+  * Set upstream metadata fields: Bug-Database.
+
+  [ Felix Geyer ]
+  * Set Homepage to the SourceForge project since the original website
+    is offline.
+
+  [ Guilhem Moulin ]
+  * Fix CVE-2023-34194 / CVE-2023-40462: Reachable assertion (and application
+    exit) via a crafted XML document with a '\0' located after whitespace.
+    (Closes: #1059315)
+
+ -- Guilhem Moulin <guilhem@debian.org>  Sat, 30 Dec 2023 22:49:10 +0100
+
+tinyxml (2.6.2-6) unstable; urgency=medium
+
+  * Import fix for CVE-2021-42260.
+    - Add CVE-2021-42260.patch
+
+ -- Felix Geyer <fgeyer@debian.org>  Sun, 12 Dec 2021 23:53:05 +0100
 
 tinyxml (2.6.2-5) unstable; urgency=medium
 

debian/control

@@ -4,7 +4,7 @@ Priority: optional
 Maintainer: Felix Geyer <fgeyer@debian.org>
 Build-Depends: debhelper-compat (= 13)
 Standards-Version: 4.1.3
-Homepage: http://www.grinninglizard.com/tinyxml/
+Homepage: https://sourceforge.net/projects/tinyxml/
 Vcs-Git: https://salsa.debian.org/debian/tinyxml.git
 Vcs-Browser: https://salsa.debian.org/debian/tinyxml
 

debian/patches/CVE-2021-42260.patch

@@ -0,0 +1,25 @@
+Description: In stamp always advance the pointer if *p= 0xef
+ .
+ The current implementation only advanced if 0xef is followed
+ by two non-zero bytes. In case of malformed input (0xef should be
+ the start byte of a three byte character) this leads to an infinite
+ loop. (CVE-2021-42260)
+Origin: https://sourceforge.net/p/tinyxml/git/merge-requests/1/
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2021-42260
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-40458
+
+--- a/tinyxmlparser.cpp
++++ b/tinyxmlparser.cpp
+@@ -274,6 +274,12 @@ void TiXmlParsingData::Stamp( const char* now, TiXmlEncoding encoding )
+ 						else
+ 							{ p +=3; ++col; }	// A normal character.
+ 					}
++					else
++					{
++						// TIXML_UTF_LEAD_0 (239) is the start character of a 3 byte sequence, so
++						// there is something wrong here. Just advance the pointer to evade infinite loops
++						++p;
++					}
+ 				}
+ 				else
+ 				{

debian/patches/CVE-2023-34194.patch

@@ -0,0 +1,28 @@
+From: Guilhem Moulin <guilhem@debian.org>
+Date: Sat, 30 Dec 2023 14:15:54 +0100
+Subject: Avoid reachable assertion via crafted XML document with a '\0'
+ located after whitespace
+
+Bug: https://www.forescout.com/resources/sierra21-vulnerabilities
+Bug-Debian: https://bugs.debian.org/1059315
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-34194
+Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-40462
+---
+ tinyxmlparser.cpp | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/tinyxmlparser.cpp b/tinyxmlparser.cpp
+index 8aa0dfa..1601962 100644
+--- a/tinyxmlparser.cpp
++++ b/tinyxmlparser.cpp
+@@ -1606,6 +1606,10 @@ const char* TiXmlDeclaration::Parse( const char* p, TiXmlParsingData* data, TiXm
+ 		}
+
+ 		p = SkipWhiteSpace( p, _encoding );
++		if ( !p || !*p )
++		{
++			break;
++		}
+ 		if ( StringEqual( p, "version", true, _encoding ) )
+ 		{
+ 			TiXmlAttribute attrib;

debian/patches/series

@@ -1,2 +1,4 @@
 enforce-use-stl.patch
 entity-encoding.patch
+CVE-2021-42260.patch
+CVE-2023-34194.patch

debian/rules

@@ -1,12 +1,12 @@
 #!/usr/bin/make -f
 
+DEB_CPPFLAGS_MAINT_APPEND = -DTIXML_USE_STL
+
 include /usr/share/dpkg/default.mk
 ifeq ($(origin CXX),default)
 CXX = $(DEB_HOST_GNU_TYPE)-g++
 endif
 
-CXXFLAGS += -DTIXML_USE_STL
-
 OBJ_FILES := tinyxml.o tinyxmlparser.o tinyxmlerror.o
 
 %:

debian/upstream/metadata

@@ -1,3 +1,4 @@
 ---
 Archive: SourceForge
+Bug-Database: http://sourceforge.net/projects/tinyxml/forums/forum/42748
 Repository: https://git.code.sf.net/p/tinyxml/git