blob: afcfd151810e3d1a21f685a58db9de1ec1883ff8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
$NetBSD: patch-ah,v 1.1 2010/02/16 17:35:34 taca Exp $
deal with CVE-2009-2625.
--- src/expat/lib/xmltok_impl.c.orig 2006-03-21 23:42:06.000000000 +0000
+++ src/expat/lib/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e
const char *end,
POSITION *pos)
{
- while (ptr != end) {
+ while (ptr <= end) {
switch (BYTE_TYPE(enc, ptr)) {
#define LEAD_CASE(n) \
case BT_LEAD ## n: \
|