debian/patches/0005-Fix-potential-out-of-bound-access.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22

From: Daniel Veillard <veillard@redhat.com>
Date: Mon, 29 Oct 2012 02:39:55 +0000
Subject: Fix potential out of bound access

---
 parser.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parser.c b/parser.c
index 192eaed..4519a70 100644
--- a/parser.c
+++ b/parser.c
@@ -4075,7 +4075,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
         goto error;
 
     if ((in_space) && (normalize)) {
-        while (buf[len - 1] == 0x20) len--;
+        while ((len > 0) && (buf[len - 1] == 0x20)) len--;
     }
     buf[len] = 0;
     if (RAW == '<') {
--