nixpkgs/pkgs/development/libraries/expat/cve-2009-3560.patch
Eelco Dolstra 5dcde6d437 * Expat: apply a fix for CVE-2009-3560.
svn path=/nixpkgs/branches/x-updates/; revision=25902
2011-02-11 13:55:30 +00:00

18 lines
673 B
Diff

From: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/dev-libs/expat/files/expat-2.0.1-CVE-2009-3560-revised.patch?revision=1.1
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3560
http://bugs.gentoo.org/show_bug.cgi?id=303727
http://cvs.fedoraproject.org/viewvc/rpms/expat/devel/
--- a/lib/xmlparse.c
+++ b/lib/xmlparse.c
@@ -3703,6 +3703,9 @@ doProlog(XML_Parser parser,
return XML_ERROR_UNCLOSED_TOKEN;
case XML_TOK_PARTIAL_CHAR:
return XML_ERROR_PARTIAL_CHAR;
+ case -XML_TOK_PROLOG_S:
+ tok = -tok;
+ break;
case XML_TOK_NONE:
#ifdef XML_DTD
/* for internal PE NOT referenced between declarations */