x11/wxGTK26/patches/patch-ah


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

$NetBSD: patch-ah,v 1.1 2010/02/16 17:35:34 taca Exp $

deal with CVE-2009-2625.

--- src/expat/lib/xmltok_impl.c.orig	2006-03-21 23:42:06.000000000 +0000
+++ src/expat/lib/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr <= end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \