CVE-2017-11742: Expat 2.2.3

Change-Id: I1a1de789eaa5a78d2dc0e41ef861d10fa97b689b
Reviewed-on: https://gerrit.libreoffice.org/40718Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>

download.lst

@@ -43,8 +43,8 @@ export EPUBGEN_TARBALL := libepubgen-0.0.1.tar.bz2
 export ETONYEK_SHA256SUM := 032f53e8d7691e48a73ddbe74fa84c906ff6ff32a33e6ee2a935b6fdb6aecb78
 export ETONYEK_VERSION_MICRO := 6
 export ETONYEK_TARBALL := libetonyek-0.1.$(ETONYEK_VERSION_MICRO).tar.bz2
-export EXPAT_SHA256SUM := 1868cadae4c82a018e361e2b2091de103cd820aaacb0d6cfa49bd2cd83978885
-export EXPAT_TARBALL := expat-2.2.1.tar.bz2
+export EXPAT_SHA256SUM := b31890fb02f85c002a67491923f89bda5028a880fd6c374f707193ad81aace5f
+export EXPAT_TARBALL := expat-2.2.3.tar.bz2
 export FIREBIRD_SHA256SUM := 6994be3555e23226630c587444be19d309b25b0fcf1f87df3b4e3f88943e5860
 export FIREBIRD_TARBALL := Firebird-3.0.0.32483-0.tar.bz2
 export FONTCONFIG_SHA256SUM := 668293fcc4b3c59765cdee5cee05941091c0879edcc24dfec5455ef83912e45c

external/expat/StaticLibrary_expat.mk

@@ -48,6 +48,7 @@ $(eval $(call gb_StaticLibrary_add_cflags,expat,\
 ))
 
 $(eval $(call gb_StaticLibrary_add_generated_cobjects,expat,\
+	UnpackedTarball/expat/lib/loadlibrary \
 	UnpackedTarball/expat/lib/xmlparse \
 	UnpackedTarball/expat/lib/xmlrole \
 	UnpackedTarball/expat/lib/xmltok \

external/expat/StaticLibrary_expat_x64.mk

@@ -25,6 +25,7 @@ $(eval $(call gb_StaticLibrary_add_defs,expat_x64,\
 ))
 
 $(eval $(call gb_StaticLibrary_add_x64_generated_cobjects,expat_x64,\
+	UnpackedTarball/expat/lib/loadlibrary_x64 \
 	UnpackedTarball/expat/lib/xmlparse_x64 \
 	UnpackedTarball/expat/lib/xmltok_x64 \
 	UnpackedTarball/expat/lib/xmlrole_x64 \

external/expat/UnpackedTarball_expat.mk

@@ -14,7 +14,6 @@ $(eval $(call gb_UnpackedTarball_set_tarball,expat,$(EXPAT_TARBALL)))
 $(eval $(call gb_UnpackedTarball_add_patches,expat,\
 	external/expat/expat-winapi.patch \
 	external/expat/expat-iOS.patch \
-	external/expat/expat.getrandom_detection.patch.1 \
 ))
 
 # This is a bit hackish.
@@ -26,6 +25,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,expat,\
 
 $(eval $(call gb_UnpackedTarball_set_post_action,expat,\
 	$(if $(filter $(BUILD_X64),TRUE),         \
+	  cp lib/loadlibrary.c lib/loadlibrary_x64.c && \
 	  cp lib/xmlparse.c lib/xmlparse_x64.c && \
 	  cp lib/xmltok.c lib/xmltok_x64.c     && \
 	  cp lib/xmlrole.c lib/xmlrole_x64.c) \

external/expat/expat.getrandom_detection.patch.1

-https://github.com/libexpat/libexpat/issues/52
-
-fixes /usr/include/sys/random.h:37:22: error: expected ')'
-misdetection of random.h feature, already fixed upstream:
-https://github.com/libexpat/libexpat/commit/602e6c78ca750c082b72f8cdf4a38839b312959f
-
-diff -ur expat.org/configure expat/configure
---- expat.org/configure	2017-07-12 17:04:34.000000000 +0200
-+++ expat/configure	2017-07-12 17:05:59.000000000 +0200
-@@ -16341,7 +16341,7 @@
-   }
- 
- _ACEOF
--if ac_fn_c_try_compile "$LINENO"; then :
-+if ac_fn_c_try_link "$LINENO"; then :
- 
- 
- $as_echo "#define HAVE_GETRANDOM 1" >>confdefs.h
-@@ -16386,7 +16386,8 @@
-     conftest$ac_exeext conftest.$ac_ext
- 
- fi
--rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-+rm -f core conftest.err conftest.$ac_objext \
-+    conftest$ac_exeext conftest.$ac_ext
- 
- 
- for ac_header in fcntl.h unistd.h
-diff -ur expat.org/configure.ac expat/configure.ac
---- expat.org/configure.ac	2017-07-12 17:04:34.000000000 +0200
-+++ expat/configure.ac	2017-07-12 17:05:31.000000000 +0200
-@@ -130,7 +130,7 @@
- 
- 
- AC_MSG_CHECKING([for getrandom (Linux 3.17+, glibc 2.25+)])
--AC_COMPILE_IFELSE([AC_LANG_SOURCE([
-+AC_LINK_IFELSE([AC_LANG_SOURCE([
-   #include <stdlib.h>  /* for NULL */
-   #include <sys/random.h>
-   int main() {