summaryrefslogtreecommitdiff
path: root/yocto-poky/meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch
diff options
context:
space:
mode:
Diffstat (limited to 'yocto-poky/meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch')
-rw-r--r--yocto-poky/meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch71
1 files changed, 0 insertions, 71 deletions
diff --git a/yocto-poky/meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch b/yocto-poky/meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch
deleted file mode 100644
index be06cc22c..000000000
--- a/yocto-poky/meta/recipes-core/libxml/libxml2/CVE-2015-8710.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From e724879d964d774df9b7969fc846605aa1bac54c Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 30 Oct 2015 21:14:55 +0800
-Subject: [PATCH] Fix parsing short unclosed comment uninitialized access
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=746048
-The HTML parser was too optimistic when processing comments and
-didn't check for the end of the stream on the first 2 characters
-
-Upstream-Status: Backport
-
-https://git.gnome.org/browse/libxml2/commit/?id=e724879d964d774df9b7969fc846605aa1bac54c
-
-CVE: CVE-2015-8710
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- HTMLparser.c | 21 ++++++++++++++-------
- 1 file changed, 14 insertions(+), 7 deletions(-)
-
-Index: libxml2-2.9.2/HTMLparser.c
-===================================================================
---- libxml2-2.9.2.orig/HTMLparser.c
-+++ libxml2-2.9.2/HTMLparser.c
-@@ -3245,12 +3245,17 @@ htmlParseComment(htmlParserCtxtPtr ctxt)
- ctxt->instate = state;
- return;
- }
-+ len = 0;
-+ buf[len] = 0;
- q = CUR_CHAR(ql);
-+ if (!IS_CHAR(q))
-+ goto unfinished;
- NEXTL(ql);
- r = CUR_CHAR(rl);
-+ if (!IS_CHAR(r))
-+ goto unfinished;
- NEXTL(rl);
- cur = CUR_CHAR(l);
-- len = 0;
- while (IS_CHAR(cur) &&
- ((cur != '>') ||
- (r != '-') || (q != '-'))) {
-@@ -3281,18 +3286,20 @@ htmlParseComment(htmlParserCtxtPtr ctxt)
- }
- }
- buf[len] = 0;
-- if (!IS_CHAR(cur)) {
-- htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED,
-- "Comment not terminated \n<!--%.50s\n", buf, NULL);
-- xmlFree(buf);
-- } else {
-+ if (IS_CHAR(cur)) {
- NEXT;
- if ((ctxt->sax != NULL) && (ctxt->sax->comment != NULL) &&
- (!ctxt->disableSAX))
- ctxt->sax->comment(ctxt->userData, buf);
- xmlFree(buf);
-+ ctxt->instate = state;
-+ return;
- }
-- ctxt->instate = state;
-+
-+unfinished:
-+ htmlParseErr(ctxt, XML_ERR_COMMENT_NOT_FINISHED,
-+ "Comment not terminated \n<!--%.50s\n", buf, NULL);
-+ xmlFree(buf);
- }
-
- /**
generated by cgit v1.2.3 (git 2.39.0) at 2024-08-26 05:15:57 +0300