From: Matthias Klose <doko@ubuntu.com>
Date: Thu, 21 Jan 2010 17:43:31 +0000 (+0000)
Subject: - expat: Fix DoS via malformed XML (CVE-2009-3720).
X-Git-Tag: v2.5.5c2~1
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b8ec8a48ec519b12727cddcef196f45302886f10;p=python

- expat: Fix DoS via malformed XML (CVE-2009-3720).
---

diff --git a/Misc/NEWS b/Misc/NEWS
index 638d8e762c..ce333a5cb0 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -12,7 +12,8 @@ What's New in Python 2.5.5c2?
 Extension Modules
 -----------------
 
-- Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).
+- expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).
+- expat: Fix DoS via malformed XML (CVE-2009-3720).
 
 
 What's New in Python 2.5.5c1?
diff --git a/Modules/expat/xmltok_impl.c b/Modules/expat/xmltok_impl.c
index 0ee57abb1f..f793a6b8c7 100644
--- a/Modules/expat/xmltok_impl.c
+++ b/Modules/expat/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *enc,
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \