http://bugzilla.suse.com/show_bug.cgi?id=1065270 http://bugzilla.suse.com/show_bug.cgi?id=1065270#c2 --- Comment #2 from Jan Matejek <jmatejek@suse.com> --- Created attachment 746019 --> http://bugzilla.suse.com/attachment.cgi?id=746019&action=edit hacky workaround patch this patch works around the issue by moving forward in the error string as long as the Unicode conversion is failing. This, however, masks other possible sources of errors, so it's not great. (OTOH it's not worse than before either) Please evaluate whether it's OK to use this patch; I'm submitting a SR in the meantime. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1065270 http://bugzilla.suse.com/show_bug.cgi?id=1065270#c4 --- Comment #4 from Jan Matejek <jmatejek@suse.com> --- That doesn't seem to be necesary, so maybe for upstream to decide. The "proper" solution for this is probably in libxml2 itself, not returning undecodable strings as error messages. (there's actually a related bug: the error handler emits a "^" to mark the error location, but it's spaced to bytes, so if the error text contains Unicode characters, the "^" is misplaced. ISTM these two should be fixed together, by making the error reporting encoding-aware) -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1065270 http://bugzilla.suse.com/show_bug.cgi?id=1065270#c6 Jan Matejek <jmatejek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #746019|0 |1 is obsolete| | --- Comment #6 from Jan Matejek <jmatejek@suse.com> --- Created attachment 746044 --> http://bugzilla.suse.com/attachment.cgi?id=746044&action=edit less hacky workaround patch This one seems to be a little better. It limits the workaround behavior to the error handler, and does not mask errors. The only limitation is that it relies on the text being UTF8, but the PyUnicode_FromString metod does that too, so again, no worse than before. -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1065270 http://bugzilla.suse.com/show_bug.cgi?id=1065270#c10 Michael Gorse <mgorse@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mgorse@suse.com --- Comment #10 from Michael Gorse <mgorse@suse.com> --- I think that this is a different bug from bug 1084286. The latter is a use after free issue. Anyway, I'm seeing another instance of this bug when running itstool on a .mo file. This is clearly passing bad data to libxml2, but it should print an error, as it does on python 2, rather than crashing. I think that the code in types.c should check the return value of PY_IMPORT_STRING and avoid returning NULL. I'm going to submit a merge request upstream to do that. Was the patch that we already have for this bug ever sent upstream? -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1065270 http://bugzilla.suse.com/show_bug.cgi?id=1065270#c13 --- Comment #13 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-RU-2019:0221-1: An update that has two recommended fixes can now be installed. Category: recommended (moderate) Bug References: 1065270,1111019 CVE References: Sources used: openSUSE Leap 15.0 (src): itstool-2.0.5-lp150.2.3.1, libxml2-2.9.7-lp150.2.6.1, python-libxml2-python-2.9.7-lp150.2.6.1 -- You are receiving this mail because: You are on the CC list for the bug.

http://bugzilla.suse.com/show_bug.cgi?id=1065270 http://bugzilla.suse.com/show_bug.cgi?id=1065270#c15 --- Comment #15 from Swamp Workflow Management <swamp@suse.de> --- This is an autogenerated message for OBS integration: This bug (1065270) was mentioned in https://build.opensuse.org/request/show/720632 Factory / libxml2 -- You are receiving this mail because: You are on the CC list for the bug.