CVS commit: [netbsd-4] xsrc/xfree/xc/extras/expat/lib
Module Name:xsrc Committed By: bouyer Date: Wed Jan 27 20:56:38 UTC 2010 Modified Files: xsrc/xfree/xc/extras/expat/lib [netbsd-4]: xmlparse.c Log Message: Pull up following revision(s) (requested by tron in ticket #1383): xsrc/xfree/xc/extras/expat/lib/xmlparse.c: revision 1.2 Add patch from upstream CVS to fix CVE-2009-3560 (possible DOS due to crash on bad input). To generate a diff of this commit: cvs rdiff -u -r1.1.1.2 -r1.1.1.2.16.1 \ xsrc/xfree/xc/extras/expat/lib/xmlparse.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: xsrc/xfree/xc/extras/expat/lib/xmlparse.c diff -u xsrc/xfree/xc/extras/expat/lib/xmlparse.c:1.1.1.2 xsrc/xfree/xc/extras/expat/lib/xmlparse.c:1.1.1.2.16.1 --- xsrc/xfree/xc/extras/expat/lib/xmlparse.c:1.1.1.2 Fri Mar 5 14:26:08 2004 +++ xsrc/xfree/xc/extras/expat/lib/xmlparse.c Wed Jan 27 20:56:38 2010 @@ -3253,6 +3253,9 @@ return XML_ERROR_UNCLOSED_TOKEN; case XML_TOK_PARTIAL_CHAR: return XML_ERROR_PARTIAL_CHAR; + case -XML_TOK_PROLOG_S: + tok = -tok; + break; case XML_TOK_NONE: #ifdef XML_DTD if (enc != encoding)
CVS commit: [netbsd-4] xsrc/xfree/xc/extras/expat/lib
Module Name:xsrc Committed By: bouyer Date: Fri Sep 11 23:03:19 UTC 2009 Modified Files: xsrc/xfree/xc/extras/expat/lib [netbsd-4]: xmltok_impl.c Log Message: Pull up following revision(s) (requested by snj in ticket #1359): xfree/xc/extras/expat/lib/xmltok_impl.c: revision 1.2 Apply revisions 1.14 and 1.15 from expat CVS to fix SA36425. To generate a diff of this commit: cvs rdiff -u -r1.1.1.2 -r1.1.1.2.16.1 \ xsrc/xfree/xc/extras/expat/lib/xmltok_impl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: xsrc/xfree/xc/extras/expat/lib/xmltok_impl.c diff -u xsrc/xfree/xc/extras/expat/lib/xmltok_impl.c:1.1.1.2 xsrc/xfree/xc/extras/expat/lib/xmltok_impl.c:1.1.1.2.16.1 --- xsrc/xfree/xc/extras/expat/lib/xmltok_impl.c:1.1.1.2 Fri Mar 5 14:26:09 2004 +++ xsrc/xfree/xc/extras/expat/lib/xmltok_impl.c Fri Sep 11 23:03:19 2009 @@ -1741,7 +1741,7 @@ const char *end, POSITION *pos) { - while (ptr != end) { + while (ptr < end) { switch (BYTE_TYPE(enc, ptr)) { #define LEAD_CASE(n) \ case BT_LEAD ## n: \