Date: Mon, 14 Dec 2009 01:04:59 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-7@freebsd.org Subject: svn commit: r200493 - stable/7/contrib/expat/lib Message-ID: <200912140104.nBE14xPp002988@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Mon Dec 14 01:04:59 2009 New Revision: 200493 URL: http://svn.freebsd.org/changeset/base/200493 Log: MFC r200392: Apply two vendor fixes for CVE-2009-3720. Security: CVE-2009-3720 Modified: stable/7/contrib/expat/lib/xmlparse.c stable/7/contrib/expat/lib/xmltok_impl.c Directory Properties: stable/7/contrib/expat/ (props changed) Modified: stable/7/contrib/expat/lib/xmlparse.c ============================================================================== --- stable/7/contrib/expat/lib/xmlparse.c Mon Dec 14 00:20:48 2009 (r200492) +++ stable/7/contrib/expat/lib/xmlparse.c Mon Dec 14 01:04:59 2009 (r200493) @@ -3168,7 +3168,6 @@ doProlog(XML_Parser parser, return XML_ERROR_NO_ELEMENTS; default: tok = -tok; - next = end; break; } } Modified: stable/7/contrib/expat/lib/xmltok_impl.c ============================================================================== --- stable/7/contrib/expat/lib/xmltok_impl.c Mon Dec 14 00:20:48 2009 (r200492) +++ stable/7/contrib/expat/lib/xmltok_impl.c Mon Dec 14 01:04:59 2009 (r200493) @@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e const char *end, POSITION *pos) { - while (ptr != end) { + while (ptr < end) { switch (BYTE_TYPE(enc, ptr)) { #define LEAD_CASE(n) \ case BT_LEAD ## n: \
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200912140104.nBE14xPp002988>