summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/libxml/libxml2/CVE-2015-8242-Buffer-overead-with-HTML-parser.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-core/libxml/libxml2/CVE-2015-8242-Buffer-overead-with-HTML-parser.patch')
-rw-r--r--meta/recipes-core/libxml/libxml2/CVE-2015-8242-Buffer-overead-with-HTML-parser.patch49
1 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2015-8242-Buffer-overead-with-HTML-parser.patch b/meta/recipes-core/libxml/libxml2/CVE-2015-8242-Buffer-overead-with-HTML-parser.patch
new file mode 100644
index 0000000..73531b3
--- /dev/null
+++ b/meta/recipes-core/libxml/libxml2/CVE-2015-8242-Buffer-overead-with-HTML-parser.patch
@@ -0,0 +1,49 @@
1From 8fb4a770075628d6441fb17a1e435100e2f3b1a2 Mon Sep 17 00:00:00 2001
2From: Hugh Davenport <hugh@allthethings.co.nz>
3Date: Fri, 20 Nov 2015 17:16:06 +0800
4Subject: [PATCH] CVE-2015-8242 Buffer overead with HTML parser in push mode
5
6For https://bugzilla.gnome.org/show_bug.cgi?id=756372
7Error in the code pointing to the codepoint in the stack for the
8current char value instead of the pointer in the input that the SAX
9callback expects
10Reported and fixed by Hugh Davenport
11
12Upstream-Status: Backport
13
14CVE-2015-8242
15
16Signed-off-by: Armin Kuster <akuster@mvista.com>
17
18---
19 HTMLparser.c | 6 +++---
20 1 file changed, 3 insertions(+), 3 deletions(-)
21
22diff --git a/HTMLparser.c b/HTMLparser.c
23index bdf7807..b729197 100644
24--- a/HTMLparser.c
25+++ b/HTMLparser.c
26@@ -5735,17 +5735,17 @@ htmlParseTryOrFinish(htmlParserCtxtPtr ctxt, int terminate) {
27 if (ctxt->keepBlanks) {
28 if (ctxt->sax->characters != NULL)
29 ctxt->sax->characters(
30- ctxt->userData, &cur, 1);
31+ ctxt->userData, &in->cur[0], 1);
32 } else {
33 if (ctxt->sax->ignorableWhitespace != NULL)
34 ctxt->sax->ignorableWhitespace(
35- ctxt->userData, &cur, 1);
36+ ctxt->userData, &in->cur[0], 1);
37 }
38 } else {
39 htmlCheckParagraph(ctxt);
40 if (ctxt->sax->characters != NULL)
41 ctxt->sax->characters(
42- ctxt->userData, &cur, 1);
43+ ctxt->userData, &in->cur[0], 1);
44 }
45 }
46 ctxt->token = 0;
47--
482.3.5
49