Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP4
libxml2
libxml2-CVE-2024-34459.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-CVE-2024-34459.patch of Package libxml2
From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Wed, 8 May 2024 11:49:31 +0200 Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout` Add a missing bounds check. Fixes #720. --- xmllint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xmllint.c b/xmllint.c index b2afbe969..35c328578 100644 --- a/xmllint.c +++ b/xmllint.c @@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) { len = strlen(buffer); snprintf(&buffer[len], sizeof(buffer) - len, "\n"); cur = input->cur; - while ((*cur == '\n') || (*cur == '\r')) + while ((cur > base) && ((*cur == '\n') || (*cur == '\r'))) cur--; n = 0; while ((cur != base) && (n++ < 80)) { -- GitLab
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor