e91d3ca42c
Fixes: assert failure when processing wrapped strings (CVE-2014-9130). See https://bugzilla.redhat.com/show_bug.cgi?id=1169369 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
34 lines
1.2 KiB
Diff
34 lines
1.2 KiB
Diff
From e6aa721cc0e5a48f408c52355559fd36780ba32a Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Ingy=20d=C3=B6t=20Net?= <ingy@ingy.net>
|
|
Date: Fri, 28 Nov 2014 09:21:49 -0800
|
|
Subject: [PATCH] Fix for https://bitbucket.org/xi/libyaml/issue/10/
|
|
|
|
https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
|
|
|
|
Commenting out the assert makes the scanner do the right thing and
|
|
results in just a simple parse failure.
|
|
|
|
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
|
|
---
|
|
src/scanner.c | 4 +++-
|
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/scanner.c b/src/scanner.c
|
|
index 88d4fa5..c5f3d2f 100644
|
|
--- a/src/scanner.c
|
|
+++ b/src/scanner.c
|
|
@@ -1110,7 +1110,9 @@ yaml_parser_save_simple_key(yaml_parser_t *parser)
|
|
* line. Therefore it is always allowed. But we add a check anyway.
|
|
*/
|
|
|
|
- assert(parser->simple_key_allowed || !required); /* Impossible. */
|
|
+ /* XXX This caused:
|
|
+ * https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
|
|
+ assert(parser->simple_key_allowed || !required); */ /* Impossible. */
|
|
|
|
/*
|
|
* If the current position may start a simple key, save it.
|
|
--
|
|
2.0.4
|
|
|