~ubuntu-branches/ubuntu/lucid/libxml2/lucid-updates

« back to all changes in this revision

Viewing changes to SAX2.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2014-10-22 14:27:25 UTC
  • Revision ID: package-import@ubuntu.com-20141022142725-449j4fkzdfrv26dp
Tags: 2.7.6.dfsg-1ubuntu1.15
* SECURITY UPDATE: denial of service via entity expansion
  - parser.c, SAX2.c, include/libxml/entities.h: refactor entity checking
    and add additional tests.
  - https://git.gnome.org/browse/libxml2/commit/?id=a3f1e3e5712257fd279917a9158278534e8f4b72
  - https://git.gnome.org/browse/libxml2/commit/?id=cff2546f13503ac028e4c1f63c7b6d85f2f2d777
  - https://git.gnome.org/browse/libxml2/commit/?id=be2a7edaf289c5da74a4f9ed3a0b6c733e775230
  - CVE-2014-3660

Show diffs side-by-side

added added

removed removed

Lines of Context:
574
574
         * parse the external entity
575
575
         */
576
576
        xmlNodePtr children;
 
577
        unsigned long oldnbent = ctxt->nbentities;
577
578
 
578
579
        val = xmlParseCtxtExternalEntity(ctxt, ret->URI,
579
580
                                         ret->ExternalID, &children);
586
587
            return(NULL);
587
588
        }
588
589
        ret->owner = 1;
589
 
        if (ret->checked == 0)
590
 
            ret->checked = 1;
 
590
        if (ret->checked == 0) {
 
591
            ret->checked = (ctxt->nbentities - oldnbent + 1) * 2;
 
592
            if ((ret->content != NULL) && (xmlStrchr(ret->content, '<')))
 
593
                ret->checked |= 1;
 
594
        }
591
595
    }
592
596
    return(ret);
593
597
}