Projects
Mega:24.09
libxml2
_service:tar_scm:backport-CVE-2024-34459.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2024-34459.patch of Package libxml2
From 2876ac5392a4e891b81e40e592c3ac6cb46016ce Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Tue, 14 May 2024 08:50:50 +0800 Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout` Add a missing bounds check. --- xmllint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xmllint.c b/xmllint.c index 5c26c3f..fcbf465 100644 --- a/xmllint.c +++ b/xmllint.c @@ -560,7 +560,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) { len = strlen(buffer); snprintf(&buffer[len], sizeof(buffer) - len, "\n"); cur = input->cur; - while ((*cur == '\n') || (*cur == '\r')) + while ((cur > base) && ((*cur == '\n') || (*cur == '\r'))) cur--; n = 0; while ((cur != base) && (n++ < 80)) { -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2