From 584dbc2f0a30bb4011d5e14a69ba3bba99b89613 Mon Sep 17 00:00:00 2001 From: Gustavo Zacarias Date: Fri, 2 Mar 2012 12:00:34 -0300 Subject: libxslt: add multiple security patches Add security patches for CVE-2011-1202 and CVE-2011-3970. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard --- ...libxslt-1.1.26-pattern-out-of-bounds-read.patch | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 package/libxslt/libxslt-1.1.26-pattern-out-of-bounds-read.patch (limited to 'package/libxslt/libxslt-1.1.26-pattern-out-of-bounds-read.patch') diff --git a/package/libxslt/libxslt-1.1.26-pattern-out-of-bounds-read.patch b/package/libxslt/libxslt-1.1.26-pattern-out-of-bounds-read.patch new file mode 100644 index 000000000..cd2e292f4 --- /dev/null +++ b/package/libxslt/libxslt-1.1.26-pattern-out-of-bounds-read.patch @@ -0,0 +1,27 @@ +From fe5a4fa33eb85bce3253ed3742b1ea6c4b59b41b Mon Sep 17 00:00:00 2001 +From: Abhishek Arya +Date: Sun, 22 Jan 2012 17:47:50 +0800 +Subject: [PATCH] Fix some case of pattern parsing errors + +We could accidentally hit an off by one string array access +due to improper loop exit when parsing patterns +--- + libxslt/pattern.c | 2 ++ + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/libxslt/pattern.c b/libxslt/pattern.c +index 6161376..1155b54 100644 +--- a/libxslt/pattern.c ++++ b/libxslt/pattern.c +@@ -1867,6 +1867,8 @@ xsltCompilePatternInternal(const xmlChar *pattern, xmlDocPtr doc, + while ((pattern[end] != 0) && (pattern[end] != '"')) + end++; + } ++ if (pattern[end] == 0) ++ break; + end++; + } + if (current == end) { +-- +1.7.8.4 + -- cgit v1.2.3