Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
libxml2.3902
libxml2-2.9.1-CVE-2015-8317.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-2.9.1-CVE-2015-8317.patch of Package libxml2.3902
From 9aa37588ee78a06ca1379a9d9356eab16686099c Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veillard@redhat.com> Date: Mon, 29 Jun 2015 09:08:25 +0800 Subject: Do not process encoding values if the declaration if broken CVE-2015-8317 For https://bugzilla.gnome.org/show_bug.cgi?id=751603 If the string is not properly terminated do not try to convert to the given encoding. From 709a952110e98621c9b78c4f26462a9d8333102e Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veillard@redhat.com> Date: Mon, 29 Jun 2015 16:10:26 +0800 Subject: Fail parsing early on if encoding conversion failed For https://bugzilla.gnome.org/show_bug.cgi?id=751631 If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors. --- parser.c | 4 ++++ 1 file changed, 4 insertions(+) Index: libxml2-2.9.1/parser.c =================================================================== --- libxml2-2.9.1.orig/parser.c +++ libxml2-2.9.1/parser.c @@ -10347,6 +10347,8 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ct encoding = xmlParseEncName(ctxt); if (RAW != '"') { xmlFatalErr(ctxt, XML_ERR_STRING_NOT_CLOSED, NULL); + xmlFree((xmlChar *) encoding); + return(NULL); } else NEXT; } else if (RAW == '\''){ @@ -10354,6 +10356,8 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ct encoding = xmlParseEncName(ctxt); if (RAW != '\'') { xmlFatalErr(ctxt, XML_ERR_STRING_NOT_CLOSED, NULL); + xmlFree((xmlChar *) encoding); + return(NULL); } else NEXT; } else { @@ -10408,7 +10412,11 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ct handler = xmlFindCharEncodingHandler((const char *) encoding); if (handler != NULL) { - xmlSwitchToEncoding(ctxt, handler); + if (xmlSwitchToEncoding(ctxt, handler) < 0) { + /* failed to convert */ + ctxt->errNo = XML_ERR_UNSUPPORTED_ENCODING; + return(NULL); + } } else { xmlFatalErrMsgStr(ctxt, XML_ERR_UNSUPPORTED_ENCODING, "Unsupported encoding %s\n", encoding);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor