- expat: Fix DoS via malformed XML (CVE-2009-3720).

author Matthias Klose <doko@ubuntu.com>

Thu, 21 Jan 2010 17:43:31 +0000 (17:43 +0000)

committer Matthias Klose <doko@ubuntu.com>

Thu, 21 Jan 2010 17:43:31 +0000 (17:43 +0000)
author Matthias Klose <doko@ubuntu.com>
Thu, 21 Jan 2010 17:43:31 +0000 (17:43 +0000)
committer Matthias Klose <doko@ubuntu.com>
Thu, 21 Jan 2010 17:43:31 +0000 (17:43 +0000)
diff --git a/Misc/NEWS b/Misc/NEWS

index 638d8e762c45d69ee7b037f6e5e0958eeee9a959..ce333a5cb0fa77dd696e429ee8ce3fb51c773315 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -12,7 +12,8 @@ What's New in Python 2.5.5c2?
  Extension Modules
  -----------------
  
-- Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).
+- expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).
+- expat: Fix DoS via malformed XML (CVE-2009-3720).
  
  
  What's New in Python 2.5.5c1?
diff --git a/Modules/expat/xmltok_impl.c b/Modules/expat/xmltok_impl.c

index 0ee57abb1f41c720bd374a1884323bb16f42b817..f793a6b8c76fcf09777356ec7cf365eb365fde98 100644 (file)
--- a/Modules/expat/xmltok_impl.c
+++ b/Modules/expat/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *enc,
                         const char *end,
                         POSITION *pos)
  {
-  while (ptr != end) {
+  while (ptr < end) {
      switch (BYTE_TYPE(enc, ptr)) {
  #define LEAD_CASE(n) \
      case BT_LEAD ## n: \
author	Matthias Klose <doko@ubuntu.com>
	Thu, 21 Jan 2010 17:43:31 +0000 (17:43 +0000)
committer	Matthias Klose <doko@ubuntu.com>
	Thu, 21 Jan 2010 17:43:31 +0000 (17:43 +0000)
Misc/NEWS		patch \| blob \| history
Modules/expat/xmltok_impl.c		patch \| blob \| history