[libxslt] Switch to xmlUTF8Strsize in EXSLT string functions
- From: Nick Wellnhofer <nwellnhof src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libxslt] Switch to xmlUTF8Strsize in EXSLT string functions
- Date: Thu, 18 May 2017 16:26:01 +0000 (UTC)
commit 8a1d5b6a5aefce69a9dc4f7ec7425a76b323bc48
Author: Nick Wellnhofer <wellnhofer aevum de>
Date: Thu May 18 17:35:03 2017 +0200
Switch to xmlUTF8Strsize in EXSLT string functions
When encountering invalid UTF-8, xmlUTF8Size can return a size greater
than the actual string length or -1. Switch to xmlUTF8Strsize which
returns a sensible size even with invalid UTF-8.
Under normal conditions, libxslt should never receive invalid UTF-8.
But this change helps when fuzzing and hardens security.
libexslt/strings.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
---
diff --git a/libexslt/strings.c b/libexslt/strings.c
index 8c8ed1d..0fdbe3b 100644
--- a/libexslt/strings.c
+++ b/libexslt/strings.c
@@ -75,7 +75,7 @@ exsltStrTokenizeFunction(xmlXPathParserContextPtr ctxt, int nargs)
ret = xmlXPathNewNodeSet(NULL);
if (ret != NULL) {
for (cur = str, token = str; *cur != 0; cur += clen) {
- clen = xmlUTF8Size(cur);
+ clen = xmlUTF8Strsize(cur, 1);
if (*delimiters == 0) { /* empty string case */
xmlChar ctmp;
ctmp = *(cur+clen);
@@ -87,7 +87,7 @@ exsltStrTokenizeFunction(xmlXPathParserContextPtr ctxt, int nargs)
*(cur+clen) = ctmp; /* restore the changed byte */
token = cur + clen;
} else for (delimiter = delimiters; *delimiter != 0;
- delimiter += xmlUTF8Size(delimiter)) {
+ delimiter += xmlUTF8Strsize(delimiter, 1)) {
if (!xmlUTF8Charcmp(cur, delimiter)) {
if (cur == token) {
/* discard empty tokens */
@@ -729,7 +729,7 @@ exsltStrReplaceFunction (xmlXPathParserContextPtr ctxt, int nargs) {
start = src;
}
- src += xmlUTF8Size(src);
+ src += xmlUTF8Strsize(src, 1);
}
else {
if ((start < src &&
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
