1 files changed, 0 insertions, 56 deletions

diff --git a/abs/core/libxslt/CVE-2011-1202.patch b/abs/core/libxslt/CVE-2011-1202.patch
deleted file mode 100644
index 61ea213..0000000
--- a/abs/core/libxslt/CVE-2011-1202.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From ecb6bcb8d1b7e44842edde3929f412d46b40c89f Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Tue, 22 Feb 2011 02:14:23 +0000
-Subject: Fix generate-id() to not expose object addresses
-
-As pointed out by Chris Evans <scarybeasts@gmail.com> it's better
-security wise to not expose object addresses directly, use a diff
-w.r.t. the document root own address to avoid this
-* libxslt/functions.c: fix IDs generation code
----
-diff --git a/libxslt/functions.c b/libxslt/functions.c
-index 4720c7a..de962f4 100644
---- a/libxslt/functions.c
-+++ b/libxslt/functions.c
-@@ -654,8 +654,9 @@ xsltFormatNumberFunction(xmlXPathParserContextPtr ctxt, int nargs)
- void
- xsltGenerateIdFunction(xmlXPathParserContextPtr ctxt, int nargs){
-     xmlNodePtr cur = NULL;
--    unsigned long val;
--    xmlChar str[20];
-+    long val;
-+    xmlChar str[30];
-+    xmlDocPtr doc;
- 
-     if (nargs == 0) {
- 	cur = ctxt->context->node;
-@@ -694,9 +695,24 @@ xsltGenerateIdFunction(xmlXPathParserContextPtr ctxt, int nargs){
-      * Okay this is ugly but should work, use the NodePtr address
-      * to forge the ID
-      */
--    val = (unsigned long)((char *)cur - (char *)0);
--    val /= sizeof(xmlNode);
--    sprintf((char *)str, "id%ld", val);
-+    if (cur->type != XML_NAMESPACE_DECL)
-+        doc = cur->doc;
-+    else {
-+        xmlNsPtr ns = (xmlNsPtr) cur;
-+
-+        if (ns->context != NULL)
-+            doc = ns->context;
-+        else
-+            doc = ctxt->context->doc;
-+
-+    }
-+
-+    val = (long)((char *)cur - (char *)doc);
-+    if (val >= 0) {
-+      sprintf((char *)str, "idp%ld", val);
-+    } else {
-+      sprintf((char *)str, "idm%ld", -val);
-+    }
-     valuePush(ctxt, xmlXPathNewString(str));
- }
- 
---
-cgit v0.9.0.2