textproc/libxslt: Update to 1.1.33 [1], fix CVE-2019-11068 [2]

PR:		239166 [1]
PR:		238049 [2]
Submitted by:	egypcio [2]
Exp-run by:	antoine [1]
Obtained from:	https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6 [2]

7 files changed, 94 insertions, 7 deletions

diff --git a/textproc/libxslt/Makefile b/textproc/libxslt/Makefile
index 92d28fb346af..15bfb9e5338e 100644
--- a/textproc/libxslt/Makefile
+++ b/textproc/libxslt/Makefile
@@ -2,8 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	libxslt
-PORTVERSION=	1.1.32
-PORTREVISION?=	1
+PORTVERSION=	1.1.33
 CATEGORIES?=	textproc gnome
 MASTER_SITES=	http://xmlsoft.org/sources/ \
 		https://mirror.umd.edu/xbmc/build-deps/sources/
@@ -14,7 +13,7 @@ COMMENT?=	The XSLT C library for GNOME
 
 .if !defined(REFERENCE_PORT)
 
-USES+=		cpe gmake localbase libtool pathfix
+USES+=		cpe gmake gnome localbase libtool pathfix
 CPE_VENDOR=	xmlsoft
 GNU_CONFIGURE=	yes
 INSTALL_TARGET=	install-strip
diff --git a/textproc/libxslt/distinfo b/textproc/libxslt/distinfo
index c55306366080..5d95ea23b5f7 100644
--- a/textproc/libxslt/distinfo
+++ b/textproc/libxslt/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1522146585
-SHA256 (gnome2/libxslt-1.1.32.tar.gz) = 526ecd0abaf4a7789041622c3950c0e7f2c4c8835471515fd77eec684a355460
-SIZE (gnome2/libxslt-1.1.32.tar.gz) = 3440715
+TIMESTAMP = 1562883477
+SHA256 (gnome2/libxslt-1.1.33.tar.gz) = 8e36605144409df979cab43d835002f63988f3dc94d5d3537c12796db90e38c8
+SIZE (gnome2/libxslt-1.1.33.tar.gz) = 3444093
diff --git a/textproc/libxslt/files/patch-libxslt_documents.c b/textproc/libxslt/files/patch-libxslt_documents.c
new file mode 100644
index 000000000000..d66519ecd6ca
--- /dev/null
+++ b/textproc/libxslt/files/patch-libxslt_documents.c
@@ -0,0 +1,34 @@
+--- libxslt/documents.c.orig	2015-05-10 14:11:29 UTC
++++ libxslt/documents.c
+@@ -296,10 +296,11 @@ xsltLoadDocument(xsltTransformContextPtr ctxt, const x
+ 	int res;
+ 
+ 	res = xsltCheckRead(ctxt->sec, ctxt, URI);
+-	if (res == 0) {
+-	    xsltTransformError(ctxt, NULL, NULL,
+-		 "xsltLoadDocument: read rights for %s denied\n",
+-			     URI);
++	if (res <= 0) {
++            if (res == 0)
++                xsltTransformError(ctxt, NULL, NULL,
++                     "xsltLoadDocument: read rights for %s denied\n",
++                                 URI);
+ 	    return(NULL);
+ 	}
+     }
+@@ -372,10 +373,11 @@ xsltLoadStyleDocument(xsltStylesheetPtr style, const x
+ 	int res;
+ 
+ 	res = xsltCheckRead(sec, NULL, URI);
+-	if (res == 0) {
+-	    xsltTransformError(NULL, NULL, NULL,
+-		 "xsltLoadStyleDocument: read rights for %s denied\n",
+-			     URI);
++	if (res <= 0) {
++            if (res == 0)
++                xsltTransformError(NULL, NULL, NULL,
++                     "xsltLoadStyleDocument: read rights for %s denied\n",
++                                 URI);
+ 	    return(NULL);
+ 	}
+     }
diff --git a/textproc/libxslt/files/patch-libxslt_imports.c b/textproc/libxslt/files/patch-libxslt_imports.c
new file mode 100644
index 000000000000..f627696341cd
--- /dev/null
+++ b/textproc/libxslt/files/patch-libxslt_imports.c
@@ -0,0 +1,18 @@
+--- libxslt/imports.c.orig	2015-09-28 01:15:21 UTC
++++ libxslt/imports.c
+@@ -131,10 +131,11 @@ xsltParseStylesheetImport(xsltStylesheetPtr style, xml
+ 	int secres;
+ 
+ 	secres = xsltCheckRead(sec, NULL, URI);
+-	if (secres == 0) {
+-	    xsltTransformError(NULL, NULL, NULL,
+-		 "xsl:import: read rights for %s denied\n",
+-			     URI);
++	if (secres <= 0) {
++            if (secres == 0)
++                xsltTransformError(NULL, NULL, NULL,
++                     "xsl:import: read rights for %s denied\n",
++                                 URI);
+ 	    goto error;
+ 	}
+     }
diff --git a/textproc/libxslt/files/patch-libxslt_transform.c b/textproc/libxslt/files/patch-libxslt_transform.c
new file mode 100644
index 000000000000..744e8dd9b127
--- /dev/null
+++ b/textproc/libxslt/files/patch-libxslt_transform.c
@@ -0,0 +1,18 @@
+--- libxslt/transform.c.orig	2017-10-30 07:49:55 UTC
++++ libxslt/transform.c
+@@ -3485,10 +3485,11 @@ xsltDocumentElem(xsltTransformContextPtr ctxt, xmlNode
+      */
+     if (ctxt->sec != NULL) {
+ 	ret = xsltCheckWrite(ctxt->sec, ctxt, filename);
+-	if (ret == 0) {
+-	    xsltTransformError(ctxt, NULL, inst,
+-		 "xsltDocumentElem: write rights for %s denied\n",
+-			     filename);
++	if (ret <= 0) {
++            if (ret == 0)
++                xsltTransformError(ctxt, NULL, inst,
++                     "xsltDocumentElem: write rights for %s denied\n",
++                                 filename);
+ 	    xmlFree(URL);
+ 	    xmlFree(filename);
+ 	    return;
diff --git a/textproc/libxslt/files/patch-libxslt_xslt.c b/textproc/libxslt/files/patch-libxslt_xslt.c
new file mode 100644
index 000000000000..075df166472e
--- /dev/null
+++ b/textproc/libxslt/files/patch-libxslt_xslt.c
@@ -0,0 +1,18 @@
+--- libxslt/xslt.c.orig	2017-10-26 07:55:47 UTC
++++ libxslt/xslt.c
+@@ -6763,10 +6763,11 @@ xsltParseStylesheetFile(const xmlChar* filename) {
+ 	int res;
+ 
+ 	res = xsltCheckRead(sec, NULL, filename);
+-	if (res == 0) {
+-	    xsltTransformError(NULL, NULL, NULL,
+-		 "xsltParseStylesheetFile: read rights for %s denied\n",
+-			     filename);
++	if (res <= 0) {
++            if (res == 0)
++                xsltTransformError(NULL, NULL, NULL,
++                     "xsltParseStylesheetFile: read rights for %s denied\n",
++                                 filename);
+ 	    return(NULL);
+ 	}
+     }
diff --git a/textproc/libxslt/pkg-plist b/textproc/libxslt/pkg-plist
index c8d27c9cceb9..9e879de13a98 100644
--- a/textproc/libxslt/pkg-plist
+++ b/textproc/libxslt/pkg-plist
@@ -31,7 +31,7 @@ lib/libexslt.so.0.8.20
 lib/libxslt.a
 lib/libxslt.so
 lib/libxslt.so.1
-lib/libxslt.so.1.1.32
+lib/libxslt.so.1.1.33
 lib/xsltConf.sh
 libdata/pkgconfig/libexslt.pc
 libdata/pkgconfig/libxslt.pc