diff options
author | Xin LI <delphij@FreeBSD.org> | 2009-12-10 21:23:46 +0000 |
---|---|---|
committer | Xin LI <delphij@FreeBSD.org> | 2009-12-10 21:23:46 +0000 |
commit | e03f0571759059147077c3c20690a21239b3dfad (patch) | |
tree | d769c9c51a0f8051163a5630efe49e0a935b3603 | |
parent | 8057c390ca1b3c5b78fe431c23221d2c87c7fb82 (diff) | |
download | src-test2-e03f0571759059147077c3c20690a21239b3dfad.tar.gz src-test2-e03f0571759059147077c3c20690a21239b3dfad.zip |
Correct a DoS issue when processing XML document with malformed
UTF-8 sequences.
Obtained from: expat CVS (revisions 1.14 and 1.15)
Security: CVE-2009-3560
Notes
Notes:
svn path=/vendor/expat/dist/; revision=200368
-rw-r--r-- | lib/xmltok_impl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c index 126881925222..16dfb85f031e 100644 --- a/lib/xmltok_impl.c +++ b/lib/xmltok_impl.c @@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *end, POSITION *pos) { - while (ptr != end) { + while (ptr < end) { switch (BYTE_TYPE(enc, ptr)) { #define LEAD_CASE(n) \ case BT_LEAD ## n: \ |