svn commit: r200392 - head/contrib/expat/lib

Xin LI Thu, 10 Dec 2009 18:10:26 -0800

Author: delphij
Date: Fri Dec 11 02:09:46 2009
New Revision: 200392
URL: http://svn.freebsd.org/changeset/base/200392


Log:
  Apply two vendor fixes for CVE-2009-3720.
  
  Security:     CVE-2009-3720
  MFC after:    3 days

Modified:
  head/contrib/expat/lib/xmlparse.c
  head/contrib/expat/lib/xmltok_impl.c
Directory Properties:
  head/contrib/expat/   (props changed)

Modified: head/contrib/expat/lib/xmlparse.c
==============================================================================
--- head/contrib/expat/lib/xmlparse.c   Fri Dec 11 02:07:21 2009        
(r200391)
+++ head/contrib/expat/lib/xmlparse.c   Fri Dec 11 02:09:46 2009        
(r200392)
@@ -3725,7 +3725,6 @@ doProlog(XML_Parser parser,
         return XML_ERROR_NO_ELEMENTS;
       default:
         tok = -tok;
-        next = end;
         break;
       }
     }

Modified: head/contrib/expat/lib/xmltok_impl.c
==============================================================================
--- head/contrib/expat/lib/xmltok_impl.c        Fri Dec 11 02:07:21 2009        
(r200391)
+++ head/contrib/expat/lib/xmltok_impl.c        Fri Dec 11 02:09:46 2009        
(r200392)
@@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *e
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r200392 - head/contrib/expat/lib

Reply via email to