From fd980c4487256b74e5dd641eb14078d6bf31a047 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Wed, 28 Nov 2012 22:33:47 +0800
Subject: Fix potential out of bound access

---
 .../0005-Fix-potential-out-of-bound-access.patch   | 22 ++++++++++++++++++++++
 debian/patches/series                              |  1 +
 2 files changed, 23 insertions(+)
 create mode 100644 debian/patches/0005-Fix-potential-out-of-bound-access.patch

diff --git a/debian/patches/0005-Fix-potential-out-of-bound-access.patch b/debian/patches/0005-Fix-potential-out-of-bound-access.patch
new file mode 100644
index 0000000..1e6396c
--- /dev/null
+++ b/debian/patches/0005-Fix-potential-out-of-bound-access.patch
@@ -0,0 +1,22 @@
+From: Daniel Veillard <veillard@redhat.com>
+Date: Mon, 29 Oct 2012 02:39:55 +0000
+Subject: Fix potential out of bound access
+
+---
+ parser.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/parser.c b/parser.c
+index 192eaed..4519a70 100644
+--- a/parser.c
++++ b/parser.c
+@@ -4075,7 +4075,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
+         goto error;
+ 
+     if ((in_space) && (normalize)) {
+-        while (buf[len - 1] == 0x20) len--;
++        while ((len > 0) && (buf[len - 1] == 0x20)) len--;
+     }
+     buf[len] = 0;
+     if (RAW == '<') {
+-- 
diff --git a/debian/patches/series b/debian/patches/series
index 2caba13..cd4a7d3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -2,3 +2,4 @@
 0002-rand_seed-should-be-static-in-dict.c.patch
 0003-Fix-a-thread-portability-problem.patch
 0004-link-libxml2mod-first.patch
+0005-Fix-potential-out-of-bound-access.patch
-- 
cgit v1.2.3