Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
libxslt-python
libxslt-CVE-2019-13117.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxslt-CVE-2019-13117.patch of Package libxslt-python
From c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Sat, 27 Apr 2019 11:19:48 +0200 Subject: [PATCH] Fix uninitialized read of xsl:number token Found by OSS-Fuzz. --- libxslt/numbers.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libxslt/numbers.c b/libxslt/numbers.c index 89e1f668..75c31eba 100644 --- a/libxslt/numbers.c +++ b/libxslt/numbers.c @@ -382,7 +382,10 @@ xsltNumberFormatTokenize(const xmlChar *format, tokens->tokens[tokens->nTokens].token = val - 1; ix += len; val = xmlStringCurrentChar(NULL, format+ix, &len); - } + } else { + tokens->tokens[tokens->nTokens].token = (xmlChar)'0'; + tokens->tokens[tokens->nTokens].width = 1; + } } else if ( (val == (xmlChar)'A') || (val == (xmlChar)'a') || (val == (xmlChar)'I') || -- 2.21.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor