[libxml2] Possible overflow in HTMLParser.c
- From: Daniel Veillard <veillard src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libxml2] Possible overflow in HTMLParser.c
- Date: Mon, 6 Oct 2014 10:52:24 +0000 (UTC)
commit 292a9f293decfcd1de8870d93866bf450f3f555f
Author: Daniel Veillard <veillard redhat com>
Date: Mon Oct 6 18:51:04 2014 +0800
Possible overflow in HTMLParser.c
For https://bugzilla.gnome.org/show_bug.cgi?id=720615
make sure that the encoding string passed is of reasonable size
HTMLparser.c | 16 ++++++++++------
1 files changed, 10 insertions(+), 6 deletions(-)
---
diff --git a/HTMLparser.c b/HTMLparser.c
index 23fafb2..d329d3b 100644
--- a/HTMLparser.c
+++ b/HTMLparser.c
@@ -6288,12 +6288,16 @@ htmlCreateFileParserCtxt(const char *filename, const char *encoding)
/* set encoding */
if (encoding) {
- content = xmlMallocAtomic (xmlStrlen(content_line) + strlen(encoding) + 1);
- if (content) {
- strcpy ((char *)content, (char *)content_line);
- strcat ((char *)content, (char *)encoding);
- htmlCheckEncoding (ctxt, content);
- xmlFree (content);
+ size_t l = strlen(encoding);
+
+ if (l < 1000) {
+ content = xmlMallocAtomic (xmlStrlen(content_line) + l + 1);
+ if (content) {
+ strcpy ((char *)content, (char *)content_line);
+ strcat ((char *)content, (char *)encoding);
+ htmlCheckEncoding (ctxt, content);
+ xmlFree (content);
+ }
}
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
