diff options
Diffstat (limited to 'meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch')
-rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch b/meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch new file mode 100644 index 0000000000..98b30f037c --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2015-8241.patch @@ -0,0 +1,41 @@ +From ab2b9a93ff19cedde7befbf2fcc48c6e352b6cbe Mon Sep 17 00:00:00 2001 +From: Hugh Davenport <hugh@allthethings.co.nz> +Date: Tue, 3 Nov 2015 20:40:49 +0800 +Subject: Avoid extra processing of MarkupDecl when EOF + +For https://bugzilla.gnome.org/show_bug.cgi?id=756263 + +One place where ctxt->instate == XML_PARSER_EOF whic was set up +by entity detection issues doesn't get noticed, and even overrided + +Fixes CVE-2015-8241. + +Upstream-Status: Backport + +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> +--- + parser.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/parser.c b/parser.c +index d67b300..134afe7 100644 +--- a/parser.c ++++ b/parser.c +@@ -6972,6 +6972,14 @@ xmlParseMarkupDecl(xmlParserCtxtPtr ctxt) { + xmlParsePI(ctxt); + } + } ++ ++ /* ++ * detect requirement to exit there and act accordingly ++ * and avoid having instate overriden later on ++ */ ++ if (ctxt->instate == XML_PARSER_EOF) ++ return; ++ + /* + * This is only for internal subset. On external entities, + * the replacement is done before parsing stage +-- +cgit v0.11.2 + |