- Expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).

commit: 0d948ac90cc92aa7724a20b47226bf2e512e30ab [log] [tgz]
author: Matthias Klose <doko@ubuntu.com> Fri Jan 22 00:39:04 2010 +0000
committer: Matthias Klose <doko@ubuntu.com> Fri Jan 22 00:39:04 2010 +0000
tree: 31b238bd3c0c6db55a19a82a84e87ab94cec8c51
parent: 3b0f9b01f6e668a526faf01ce70d0fccd76e9f65 [diff] [blame]
diff --git a/Modules/expat/xmlparse.c b/Modules/expat/xmlparse.c
index e04426d..105958b 100644
--- a/Modules/expat/xmlparse.c
+++ b/Modules/expat/xmlparse.c

@@ -3682,6 +3682,9 @@
         return XML_ERROR_UNCLOSED_TOKEN;
       case XML_TOK_PARTIAL_CHAR:
         return XML_ERROR_PARTIAL_CHAR;
+      case -XML_TOK_PROLOG_S:
+        tok = -tok;
+        break;
       case XML_TOK_NONE:
 #ifdef XML_DTD
         /* for internal PE NOT referenced between declarations */
commit	0d948ac90cc92aa7724a20b47226bf2e512e30ab	[log] [tgz]
author	Matthias Klose <doko@ubuntu.com>	Fri Jan 22 00:39:04 2010 +0000
committer	Matthias Klose <doko@ubuntu.com>	Fri Jan 22 00:39:04 2010 +0000
tree	31b238bd3c0c6db55a19a82a84e87ab94cec8c51
parent	3b0f9b01f6e668a526faf01ce70d0fccd76e9f65 [diff] [blame]