diff options
Diffstat (limited to 'meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch')
-rw-r--r-- | meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch | 37 |
1 files changed, 0 insertions, 37 deletions
diff --git a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch b/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch deleted file mode 100644 index 26779aa572..0000000000 --- a/meta/recipes-core/libxml/libxml2/libxml2-CVE-2017-8872.patch +++ /dev/null @@ -1,37 +0,0 @@ -From d2f873a541c72b0f67e15562819bf98b884b30b7 Mon Sep 17 00:00:00 2001 -From: Hongxu Jia <hongxu.jia@windriver.com> -Date: Wed, 23 Aug 2017 16:04:49 +0800 -Subject: [PATCH] fix CVE-2017-8872 - -this makes xmlHaltParser "empty" the buffer, as it resets cur and ava -il too here. - -this seems to cure this specific issue, and also passes the testsuite - -Signed-off-by: Marcus Meissner <meissner@suse.de> - -https://bugzilla.gnome.org/show_bug.cgi?id=775200 -Upstream-Status: Backport [https://bugzilla.gnome.org/attachment.cgi?id=355527&action=diff] -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - parser.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/parser.c b/parser.c -index 9506ead..6c07ffd 100644 ---- a/parser.c -+++ b/parser.c -@@ -12664,6 +12664,10 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) { - } - ctxt->input->cur = BAD_CAST""; - ctxt->input->base = ctxt->input->cur; -+ if (ctxt->input->buf) { -+ xmlBufEmpty (ctxt->input->buf->buffer); -+ } else -+ ctxt->input->length = 0; - } - } - --- -2.7.4 - |