summaryrefslogtreecommitdiffstats
path: root/third_party
diff options
context:
space:
mode:
Diffstat (limited to 'third_party')
-rw-r--r--third_party/libxml/README.google1
-rw-r--r--third_party/libxml/parser.c3
2 files changed, 3 insertions, 1 deletions
diff --git a/third_party/libxml/README.google b/third_party/libxml/README.google
index f7cd50b..8d2b1d6 100644
--- a/third_party/libxml/README.google
+++ b/third_party/libxml/README.google
@@ -15,6 +15,7 @@ includes the following modifications :
added a check to nsParent in xmlGetNamespace() in parser.c.
This allows parsed entities to inherit namespaces.
(http://bugzilla.gnome.org/show_bug.cgi?id=502960 )
+* Applied security patch located at https://bugzilla.redhat.com/show_bug.cgi?id=461015
Current version: 2.6.32
diff --git a/third_party/libxml/parser.c b/third_party/libxml/parser.c
index d12f429..fab0ea8 100644
--- a/third_party/libxml/parser.c
+++ b/third_party/libxml/parser.c
@@ -2307,6 +2307,7 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
*/
#define growBuffer(buffer) { \
xmlChar *tmp; \
+ buffer##_size += XML_PARSER_BUFFER_SIZE ; \
buffer##_size *= 2; \
tmp = (xmlChar *) \
xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \
@@ -3347,7 +3348,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
* Just output the reference
*/
buf[len++] = '&';
- if (len > buf_size - i - 10) {
+ while (len > buf_size - i - 10) {
growBuffer(buf);
}
for (;i > 0;i--)
generated by cgit v1.1 at 2025-02-01 05:10:55 +0000