diff options
author | Daniel Veillard <veillard@redhat.com> | 2012-11-28 22:33:47 +0800 |
---|---|---|
committer | Aron Xu <aron@debian.org> | 2012-11-28 22:33:47 +0800 |
commit | fd980c4487256b74e5dd641eb14078d6bf31a047 (patch) | |
tree | 3f0cac6353b5e67a412f81cd05da850b302085b5 /debian | |
parent | 730248e31b460fe2bc5709258f538e97af7108b1 (diff) | |
download | libxml2-fd980c4487256b74e5dd641eb14078d6bf31a047.tar.gz |
Fix potential out of bound access
Diffstat (limited to 'debian')
-rw-r--r-- | debian/patches/0005-Fix-potential-out-of-bound-access.patch | 22 | ||||
-rw-r--r-- | debian/patches/series | 1 |
2 files changed, 23 insertions, 0 deletions
diff --git a/debian/patches/0005-Fix-potential-out-of-bound-access.patch b/debian/patches/0005-Fix-potential-out-of-bound-access.patch new file mode 100644 index 0000000..1e6396c --- /dev/null +++ b/debian/patches/0005-Fix-potential-out-of-bound-access.patch @@ -0,0 +1,22 @@ +From: Daniel Veillard <veillard@redhat.com> +Date: Mon, 29 Oct 2012 02:39:55 +0000 +Subject: Fix potential out of bound access + +--- + parser.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/parser.c b/parser.c +index 192eaed..4519a70 100644 +--- a/parser.c ++++ b/parser.c +@@ -4075,7 +4075,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { + goto error; + + if ((in_space) && (normalize)) { +- while (buf[len - 1] == 0x20) len--; ++ while ((len > 0) && (buf[len - 1] == 0x20)) len--; + } + buf[len] = 0; + if (RAW == '<') { +-- diff --git a/debian/patches/series b/debian/patches/series index 2caba13..cd4a7d3 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,4 @@ 0002-rand_seed-should-be-static-in-dict.c.patch 0003-Fix-a-thread-portability-problem.patch 0004-link-libxml2mod-first.patch +0005-Fix-potential-out-of-bound-access.patch |