1663704235
add patch from upstream CVS to fix CVE-2009-3560 (possible DOS due to crash on bad input) bump PKGREVISION
16 lines
463 B
Text
16 lines
463 B
Text
$NetBSD: patch-as,v 1.1 2010/01/26 18:38:27 drochner Exp $
|
|
|
|
CVE-2009-3560
|
|
|
|
--- modules/expat/xmlparse/xmlparse.c.orig 2000-08-28 08:52:01.000000000 +0000
|
|
+++ modules/expat/xmlparse/xmlparse.c
|
|
@@ -2199,6 +2199,9 @@ doProlog(XML_Parser parser,
|
|
return XML_ERROR_UNCLOSED_TOKEN;
|
|
case XML_TOK_PARTIAL_CHAR:
|
|
return XML_ERROR_PARTIAL_CHAR;
|
|
+ case -XML_TOK_PROLOG_S:
|
|
+ tok = -tok;
|
|
+ break;
|
|
case XML_TOK_NONE:
|
|
#ifdef XML_DTD
|
|
if (enc != encoding)
|