applied patch from Massimo Morara fixing bug #317447 about risk of invalid * parser.c: applied patch from Massimo Morara fixing bug #317447 about risk of invalid write in xmlStringLenDecodeEntities Daniel

commit: bedc9771e782f7def4771b19ce1bf489127af43c [log] [tgz]
author: Daniel Veillard <veillard@src.gnome.org> Wed Sep 28 21:42:15 2005 +0000
committer: Daniel Veillard <veillard@src.gnome.org> Wed Sep 28 21:42:15 2005 +0000
tree: 1026a3f3c6b76ff6626d96818373b611786d5bf7
parent: d070d3ca6809a1e4ecfb88bfe9b5a9dfed6d5849 [diff] [blame]
diff --git a/parser.c b/parser.c
index ce6e003..aeb8ab3 100644
--- a/parser.c
+++ b/parser.c

@@ -2177,6 +2177,9 @@
 	    if (val != 0) {
 		COPY_BUF(0,buffer,nbchars,val);
 	    }
+	    if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
+	        growBuffer(buffer);
+	    }
 	} else if ((c == '&') && (what & XML_SUBSTITUTE_REF)) {
 	    if (xmlParserDebugEntities)
 		xmlGenericError(xmlGenericErrorContext,
@@ -2187,6 +2190,9 @@
 		(ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
 		if (ent->content != NULL) {
 		    COPY_BUF(0,buffer,nbchars,ent->content[0]);
+		    if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
+			growBuffer(buffer);
+		    }
 		} else {
 		    xmlFatalErrMsg(ctxt, XML_ERR_INTERNAL_ERROR,
 			    "predefined entity has no content\n");
commit	bedc9771e782f7def4771b19ce1bf489127af43c	[log] [tgz]
author	Daniel Veillard <veillard@src.gnome.org>	Wed Sep 28 21:42:15 2005 +0000
committer	Daniel Veillard <veillard@src.gnome.org>	Wed Sep 28 21:42:15 2005 +0000
tree	1026a3f3c6b76ff6626d96818373b611786d5bf7
parent	d070d3ca6809a1e4ecfb88bfe9b5a9dfed6d5849 [diff] [blame]