diff options
| author | delphij <delphij@FreeBSD.org> | 2009-12-10 21:23:46 +0000 |
|---|---|---|
| committer | delphij <delphij@FreeBSD.org> | 2009-12-10 21:23:46 +0000 |
| commit | 2f6a20e2cac3e778fbb0861a358511c49298db94 (patch) | |
| tree | d769c9c51a0f8051163a5630efe49e0a935b3603 /lib | |
| parent | ec9b7e31858761e82682d82f4a00e6661922bc95 (diff) | |
| download | FreeBSD-src-2f6a20e2cac3e778fbb0861a358511c49298db94.zip FreeBSD-src-2f6a20e2cac3e778fbb0861a358511c49298db94.tar.gz | |
Correct a DoS issue when processing XML document with malformed
UTF-8 sequences.
Obtained from: expat CVS (revisions 1.14 and 1.15)
Security: CVE-2009-3560
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/xmltok_impl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c index 1268819..16dfb85 100644 --- a/lib/xmltok_impl.c +++ b/lib/xmltok_impl.c @@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *end, POSITION *pos) { - while (ptr != end) { + while (ptr < end) { switch (BYTE_TYPE(enc, ptr)) { #define LEAD_CASE(n) \ case BT_LEAD ## n: \ |
