diff options
Diffstat (limited to 'main/libxml2/CVE-2015-8317-1.patch')
-rw-r--r-- | main/libxml2/CVE-2015-8317-1.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/main/libxml2/CVE-2015-8317-1.patch b/main/libxml2/CVE-2015-8317-1.patch new file mode 100644 index 0000000000..3075d527e9 --- /dev/null +++ b/main/libxml2/CVE-2015-8317-1.patch @@ -0,0 +1,38 @@ +From 9aa37588ee78a06ca1379a9d9356eab16686099c Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Mon, 29 Jun 2015 09:08:25 +0800 +Subject: Do not process encoding values if the declaration if broken + +For https://bugzilla.gnome.org/show_bug.cgi?id=751603 + +If the string is not properly terminated do not try to convert +to the given encoding. +--- + parser.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/parser.c b/parser.c +index fe603ac..a3a9568 100644 +--- a/parser.c ++++ b/parser.c +@@ -10404,6 +10404,8 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ctxt) { + encoding = xmlParseEncName(ctxt); + if (RAW != '"') { + xmlFatalErr(ctxt, XML_ERR_STRING_NOT_CLOSED, NULL); ++ xmlFree((xmlChar *) encoding); ++ return(NULL); + } else + NEXT; + } else if (RAW == '\''){ +@@ -10411,6 +10413,8 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ctxt) { + encoding = xmlParseEncName(ctxt); + if (RAW != '\'') { + xmlFatalErr(ctxt, XML_ERR_STRING_NOT_CLOSED, NULL); ++ xmlFree((xmlChar *) encoding); ++ return(NULL); + } else + NEXT; + } else { +-- +cgit v0.12 + |