Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:GA
libxml2.4858
libxml2-CVE-2017-9050.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-CVE-2017-9050.patch of Package libxml2.4858
From beca86e8c86984b967a6efa05a9653470253edda Mon Sep 17 00:00:00 2001 From: Hugh Davenport <hugh@davenport.net.nz> Date: Wed, 4 May 2016 11:23:49 +0800 Subject: Detect change of encoding when parsing HTML names From https://bugzilla.gnome.org/show_bug.cgi?id=758518 Happens when a file has a name getting parsed, but no valid encoding set, so libxml has to guess what the encoding is. This patch detects when the buffer location changes, and if it does, restarts the parsing of the name. This slightly change a couple of regression tests output --- HTMLparser.c | 8 ++++++++ result/HTML/758605.html | 2 +- result/HTML/758605.html.err | 2 +- result/HTML/758605.html.sax | 3 ++- 4 files changed, 12 insertions(+), 3 deletions(-) Index: libxml2-2.9.1/HTMLparser.c =================================================================== --- libxml2-2.9.1.orig/HTMLparser.c +++ libxml2-2.9.1/HTMLparser.c @@ -2493,6 +2493,7 @@ htmlParseNameComplex(xmlParserCtxtPtr ct int len = 0, l; int c; int count = 0; + const xmlChar *base = ctxt->input->base; /* * Handler for more complex cases @@ -2518,6 +2519,13 @@ htmlParseNameComplex(xmlParserCtxtPtr ct len += l; NEXTL(l); c = CUR_CHAR(l); + if (ctxt->input->base != base) { + /* + * We changed encoding from an unknown encoding + * Input buffer changed location, so we better start again + */ + return(htmlParseNameComplex(ctxt)); + } } if (ctxt->input->base > ctxt->input->cur - len) Index: libxml2-2.9.1/result/HTML/758605.html =================================================================== --- libxml2-2.9.1.orig/result/HTML/758605.html +++ libxml2-2.9.1/result/HTML/758605.html @@ -1,3 +1,3 @@ <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> -<html><body><p>& +<html><body><p>&ê </p></body></html> Index: libxml2-2.9.1/result/HTML/758605.html.err =================================================================== --- libxml2-2.9.1.orig/result/HTML/758605.html.err +++ libxml2-2.9.1/result/HTML/758605.html.err @@ -1,3 +1,3 @@ -./test/HTML/758605.html:1: HTML parser error : htmlParseEntityRef: no name +./test/HTML/758605.html:1: HTML parser error : htmlParseEntityRef: expecting ';' ê ^ Index: libxml2-2.9.1/result/HTML/758605.html.sax =================================================================== --- libxml2-2.9.1.orig/result/HTML/758605.html.sax +++ libxml2-2.9.1/result/HTML/758605.html.sax @@ -1,10 +1,11 @@ SAX.setDocumentLocator() SAX.startDocument() -SAX.error: htmlParseEntityRef: no name +SAX.error: htmlParseEntityRef: expecting ';' SAX.startElement(html) SAX.startElement(body) SAX.startElement(p) SAX.characters(&, 1) +SAX.characters(ê, 2) SAX.ignorableWhitespace( , 1) SAX.endElement(p)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
