Fix CVE-2021-42260
(cherry picked from commit 9b314d6163e5448789190a2576df0daf87e5a0c3)
This commit is contained in:
Zhiyi Weng
openeuler-sync-bot
parent
a12a89dc66
commit
fb5ff55a67
32
0001-In-stamp-always-advance-the-pointer-if-p-0xef.patch
Normal file
32
0001-In-stamp-always-advance-the-pointer-if-p-0xef.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From f7ca0035d17a663f55668e662b840afce7b86112 Mon Sep 17 00:00:00 2001
|
||||
From: Christian Voegl <cvoegl@suse.com>
|
||||
Date: Wed, 27 Oct 2021 11:25:18 +0200
|
||||
Subject: [PATCH] In stamp always advance the pointer if *p= 0xef
|
||||
|
||||
The current implementation only advanced if 0xef is followed
|
||||
by two non-zero bytes. In case of malformed input (0xef should be
|
||||
the start byte of a three byte character) this leads to an infinite
|
||||
loop. (CVE-2021-42260)
|
||||
---
|
||||
tinyxmlparser.cpp | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
diff --git a/tinyxmlparser.cpp b/tinyxmlparser.cpp
|
||||
index 81b7eae..8aa0dfa 100755
|
||||
--- a/tinyxmlparser.cpp
|
||||
+++ b/tinyxmlparser.cpp
|
||||
@@ -274,6 +274,12 @@ void TiXmlParsingData::Stamp( const char* now, TiXmlEncoding encoding )
|
||||
else
|
||||
{ p +=3; ++col; } // A normal character.
|
||||
}
|
||||
+ else
|
||||
+ {
|
||||
+ // TIXML_UTF_LEAD_0 (239) is the start character of a 3 byte sequence, so
|
||||
+ // there is something wrong here. Just advance the pointer to evade infinite loops
|
||||
+ ++p;
|
||||
+ }
|
||||
}
|
||||
else
|
||||
{
|
||||
--
|
||||
2.33.0
|
||||
@ -1,10 +1,11 @@
|
||||
Name: tinyxml
|
||||
Version: 2.6.2
|
||||
Release: 20
|
||||
Release: 21
|
||||
Summary: C++ XML parser
|
||||
License: zlib
|
||||
URL: http://www.grinninglizard.com/tinyxml/
|
||||
Source0: http://downloads.sourceforge.net/tinyxml/tinyxml_2_6_2.tar.gz
|
||||
Patch0: 0001-In-stamp-always-advance-the-pointer-if-p-0xef.patch
|
||||
BuildRequires: gcc-c++
|
||||
|
||||
%description
|
||||
@ -23,7 +24,7 @@ The devel package contains development files for tinyxml.
|
||||
It provides header files and libraries for tinyxml.
|
||||
|
||||
%prep
|
||||
%autosetup -n tinyxml
|
||||
%autosetup -p1 -n tinyxml
|
||||
touch tinyxml.h
|
||||
|
||||
%build
|
||||
@ -63,6 +64,9 @@ mkdir -p %{buildroot}%{_libdir}/pkgconfig
|
||||
%{_libdir}/*.so
|
||||
|
||||
%changelog
|
||||
* Mon Nov 1 2021 Zhiyi Weng <zhiyi@iscas.ac.cn> - 2.6.2-21
|
||||
- Fix CVE-2021-42260
|
||||
|
||||
* Tue Oct 26 2021 chenchen <chen_aka_jan@163.com> - 2.6.2-20
|
||||
- change the spec file name to be the same as the repo name
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user