36 lines
953 B
Diff
36 lines
953 B
Diff
From 5d55315e32b34af7070d38060ccf9a60941b9696 Mon Sep 17 00:00:00 2001
|
|
From: Nick Wellnhofer <wellnhofer@aevum.de>
|
|
Date: Sat, 18 Feb 2023 17:29:07 +0100
|
|
Subject: [PATCH] parser: Fix OOB read when formatting error message
|
|
|
|
Don't try to print characters beyond the end of the buffer.
|
|
|
|
Found by OSS-Fuzz.
|
|
|
|
Reference:https://github.com/GNOME/libxml2/commit/5d55315e32b34af7070d38060ccf9a60941b9696
|
|
Conflict:NA
|
|
---
|
|
parser.c | 6 +++++-
|
|
1 file changed, 5 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/parser.c b/parser.c
|
|
index 37d7dec..c276a1a 100644
|
|
--- a/parser.c
|
|
+++ b/parser.c
|
|
@@ -12162,7 +12162,11 @@ done:
|
|
#endif
|
|
return(ret);
|
|
encoding_error:
|
|
- {
|
|
+ if (ctxt->input->end - ctxt->input->cur < 4) {
|
|
+ __xmlErrEncoding(ctxt, XML_ERR_INVALID_CHAR,
|
|
+ "Input is not proper UTF-8, indicate encoding !\n",
|
|
+ NULL, NULL);
|
|
+ } else {
|
|
char buffer[150];
|
|
|
|
snprintf(buffer, 149, "Bytes: 0x%02X 0x%02X 0x%02X 0x%02X\n",
|
|
--
|
|
2.27.0
|
|
|