Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / libxml2 / 932cc9896ab41475d4aa429c27d9afd175959d74
commit932cc9896ab41475d4aa429c27d9afd175959d74[log] [tgz]
authorNick Wellnhofer <wellnhofer@aevum.de>Sat Jun 03 02:01:29 2017 +0200
committerNick Wellnhofer <wellnhofer@aevum.de>Mon Jun 05 19:38:19 2017 +0200
treeed74a4daf78c4a432db4b570a1a7a673deba263c
parente26630548e7d138d2c560844c43820b6767251e3 [diff]
Fix buffer size checks in xmlSnprintfElementContent

xmlSnprintfElementContent failed to correctly check the available
buffer space in two locations.

Fixes bug 781333 (CVE-2017-9047) and bug 781701 (CVE-2017-9048).

Thanks to Marcel Böhme and Thuan Pham for the report.
5 files changed
tree: ed74a4daf78c4a432db4b570a1a7a673deba263c
  1. bakefile/
  2. doc/
  3. example/
  4. include/
  5. macos/
  6. optim/
  7. os400/
  8. python/
  9. result/
  10. test/
  11. vms/
  12. VxWorks/
  13. win32/
  14. xstc/
  15. .gitignore
  16. .travis.yml
  17. acinclude.m4
  18. AUTHORS
  19. autogen.sh
  20. buf.c
  21. buf.h
  22. build_glob.py
  23. c14n.c
  24. catalog.c
  25. ChangeLog
  26. check-relaxng-test-suite.py
  27. check-relaxng-test-suite2.py
  28. check-xinclude-test-suite.py
  29. check-xml-test-suite.py
  30. check-xsddata-test-suite.py
  31. chvalid.c
  32. chvalid.def
  33. configure.ac
  34. Copyright
  35. dbgen.pl
  36. dbgenattr.pl
  37. debugXML.c
  38. dict.c
  39. DOCBparser.c
  40. elfgcchack.h
  41. enc.h
  42. encoding.c
  43. entities.c
  44. error.c
  45. genChRanges.py
  46. gentest.py
  47. genUnicode.py
  48. global.data
  49. globals.c
  50. HACKING
  51. hash.c
  52. HTMLparser.c
  53. HTMLtree.c
  54. INSTALL.libxml2
  55. legacy.c
  56. libxml-2.0-uninstalled.pc.in
  57. libxml-2.0.pc.in
  58. libxml.3
  59. libxml.h
  60. libxml.m4
  61. libxml.spec.in
  62. libxml2-config.cmake.in
  63. libxml2.doap
  64. libxml2.syms
  65. list.c
  66. MAINTAINERS
  67. Makefile.am
  68. Makefile.tests
  69. Makefile.win
  70. nanoftp.c
  71. nanohttp.c
  72. NEWS
  73. parser.c
  74. parserInternals.c
  75. pattern.c
  76. README
  77. README.cvs-commits
  78. README.tests
  79. regressions.py
  80. regressions.xml
  81. relaxng.c
  82. rngparser.c
  83. runsuite.c
  84. runtest.c
  85. runxmlconf.c
  86. save.h
  87. SAX.c
  88. SAX2.c
  89. schematron.c
  90. testapi.c
  91. testAutomata.c
  92. testC14N.c
  93. testchar.c
  94. testdict.c
  95. testdso.c
  96. testHTML.c
  97. testlimits.c
  98. testModule.c
  99. testOOM.c
  100. testOOMlib.c
  101. testOOMlib.h
  102. testReader.c
  103. testrecurse.c
  104. testRegexp.c
  105. testRelax.c
  106. testSAX.c
  107. testSchemas.c
  108. testThreads.c
  109. testThreadsWin32.c
  110. testURI.c
  111. testXPath.c
  112. threads.c
  113. timsort.h
  114. TODO
  115. TODO_SCHEMAS
  116. tree.c
  117. trio.c
  118. trio.h
  119. triodef.h
  120. trionan.c
  121. trionan.h
  122. triop.h
  123. triostr.c
  124. triostr.h
  125. uri.c
  126. valid.c
  127. xinclude.c
  128. xlink.c
  129. xml2-config.1
  130. xml2-config.in
  131. xml2Conf.sh.in
  132. xmlcatalog.c
  133. xmlIO.c
  134. xmllint.c
  135. xmlmemory.c
  136. xmlmodule.c
  137. xmlreader.c
  138. xmlregexp.c
  139. xmlsave.c
  140. xmlschemas.c
  141. xmlschemastypes.c
  142. xmlstring.c
  143. xmlunicode.c
  144. xmlwriter.c
  145. xpath.c
  146. xpointer.c
  147. xzlib.c
  148. xzlib.h