xzyang / rpms / libxml2

Forked from rpms/libxml2 3 years ago
Clone

Blame SOURCES/libxml2-Heap-based-buffer-overread-in-xmlNextChar.patch

6dedca
commit 498a54c26abd0fbd6f7d02b6b6f0275b4390d821
6dedca
Author: Daniel Veillard <veillard@redhat.com>
6dedca
Date:   Tue Feb 9 12:55:29 2016 +0100
6dedca
6dedca
    Heap-based buffer overread in xmlNextChar
6dedca
    
6dedca
    For https://bugzilla.gnome.org/show_bug.cgi?id=759671
6dedca
    
6dedca
    when the end of the internal subset isn't properly detected
6dedca
    xmlParseInternalSubset should just return instead of trying
6dedca
    to process input further.
6dedca
6dedca
diff --git a/parser.c b/parser.c
6dedca
index f4fc310..b1215ca 100644
6dedca
--- a/parser.c
6dedca
+++ b/parser.c
6dedca
@@ -8448,6 +8448,7 @@ xmlParseInternalSubset(xmlParserCtxtPtr ctxt) {
6dedca
      */
6dedca
     if (RAW != '>') {
6dedca
 	xmlFatalErr(ctxt, XML_ERR_DOCTYPE_NOT_FINISHED, NULL);
6dedca
+	return;
6dedca
     }
6dedca
     NEXT;
6dedca
 }