Re: [xml] Buffer overflow error in entities.c

On Wed, Oct 01, 2003 at 11:14:23AM -0700, Eric Hanchrow wrote:

This is in libxml2 version 2.5.11.

Here's how to reproduce the problem: put the following two nonblank
lines into a file named "foo.xml":

        <?xml version="1.0"?>

Now type "xmllint foo.xml", and examine the output.  Notice that the
semicolon is missing.  That's the bug.

  Damnnn !!! Okay this is not exploitable as a security bug but
that's sad. This also tends to prove that nobody uses those high 
code points.
  Thanks a lot ! Commited in CVS,


Daniel Veillard      | Red Hat Network
veillard redhat com  | libxml GNOME XML XSLT toolkit | Rpmfind RPM search engine

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]