Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP4:FactoryCandidates
mozjs78
mozjs78-CVE-2024-45490-part01-5c1a3164.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mozjs78-CVE-2024-45490-part01-5c1a3164.patch of Package mozjs78
From 5c1a31642e243f4870c0bd1f2afc7597976521bf Mon Sep 17 00:00:00 2001 From: Sebastian Pipping <sebastian@pipping.org> Date: Mon, 19 Aug 2024 22:26:07 +0200 Subject: [PATCH] lib: Reject negative len for XML_ParseBuffer References: CVE-2024-45490 References: bsc#1230036 Upstream: Backport from upstream Reported by TaiYou --- expat/lib/xmlparse.c | 6 ++++++ 1 file changed, 6 insertions(+) --- firefox-78.15.0/parser/expat/lib/xmlparse.c +++ firefox-78.15.0_new/parser/expat/lib/xmlparse.c @@ -1966,6 +1966,12 @@ if (parser == NULL) return XML_STATUS_ERROR; + + if (len < 0) { + parser->m_errorCode = XML_ERROR_INVALID_ARGUMENT; + return XML_STATUS_ERROR; + } + switch (ps_parsing) { case XML_SUSPENDED: errorCode = XML_ERROR_SUSPENDED;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor