584dbc2f0a
Add security patches for CVE-2011-1202 and CVE-2011-3970. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
28 lines
797 B
Diff
28 lines
797 B
Diff
From fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b Mon Sep 17 00:00:00 2001
|
|
From: Abhishek Arya <inferno@chromium.org>
|
|
Date: Sun, 22 Jan 2012 17:47:50 +0800
|
|
Subject: [PATCH] Fix some case of pattern parsing errors
|
|
|
|
We could accidentally hit an off by one string array access
|
|
due to improper loop exit when parsing patterns
|
|
---
|
|
libxslt/pattern.c | 2 ++
|
|
1 files changed, 2 insertions(+), 0 deletions(-)
|
|
|
|
diff --git a/libxslt/pattern.c b/libxslt/pattern.c
|
|
index 6161376..1155b54 100644
|
|
--- a/libxslt/pattern.c
|
|
+++ b/libxslt/pattern.c
|
|
@@ -1867,6 +1867,8 @@ xsltCompilePatternInternal(const xmlChar *pattern, xmlDocPtr doc,
|
|
while ((pattern[end] != 0) && (pattern[end] != '"'))
|
|
end++;
|
|
}
|
|
+ if (pattern[end] == 0)
|
|
+ break;
|
|
end++;
|
|
}
|
|
if (current == end) {
|
|
--
|
|
1.7.8.4
|
|
|