Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/libs/libxml2/patches/003-CVE-2020-7595.patch
Ilya Lipnitskiy 5d8d4fbbcb
treewide: Run refresh on all packages 
The crude loop I wrote to come up with this changeset:

  find -L package/feeds/packages/ -name patches | \
  sed 's/patches$/refresh/' | sort | xargs make

Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
2021-02-20 16:02:15 -08:00

27 lines
879 B
Diff
Raw Blame History

From 0e1a49c8907645d2e155f0d89d4d9895ac5112b5 Mon Sep 17 00:00:00 2001
From: Zhipeng Xie <xiezhipeng1@huawei.com>
Date: Thu, 12 Dec 2019 17:30:55 +0800
Subject: [PATCH] Fix infinite loop in xmlStringLenDecodeEntities
When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef
return NULL which cause a infinite loop in xmlStringLenDecodeEntities
Found with libFuzzer.
Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>
---
parser.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/parser.c
+++ b/parser.c
@@ -2646,7 +2646,8 @@ xmlStringLenDecodeEntities(xmlParserCtxt
else
c = 0;
while ((c != 0) && (c != end) && /* non input consuming loop */
- (c != end2) && (c != end3)) {
+ (c != end2) && (c != end3) &&
+ (ctxt->instate != XML_PARSER_EOF)) {
if (c == 0) break;
if ((c == '&') && (str[1] == '#')) {
Reference in a new issue View git blame Copy permalink