diff options
author | Matthias Klose <doko@ubuntu.com> | 2010-01-21 17:43:31 +0000 |
---|---|---|
committer | Matthias Klose <doko@ubuntu.com> | 2010-01-21 17:43:31 +0000 |
commit | b8ec8a48ec519b12727cddcef196f45302886f10 (patch) | |
tree | 96bab21dd6946708de26b913fdc95e50e01a783e | |
parent | 166f80860e09697d49969fe88bcf0b598eb98ef4 (diff) | |
download | cpython-git-b8ec8a48ec519b12727cddcef196f45302886f10.tar.gz |
- expat: Fix DoS via malformed XML (CVE-2009-3720).
-rw-r--r-- | Misc/NEWS | 3 | ||||
-rw-r--r-- | Modules/expat/xmltok_impl.c | 2 |
2 files changed, 3 insertions, 2 deletions
@@ -12,7 +12,8 @@ What's New in Python 2.5.5c2? Extension Modules ----------------- -- Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560). +- expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560). +- expat: Fix DoS via malformed XML (CVE-2009-3720). What's New in Python 2.5.5c1? diff --git a/Modules/expat/xmltok_impl.c b/Modules/expat/xmltok_impl.c index 0ee57abb1f..f793a6b8c7 100644 --- a/Modules/expat/xmltok_impl.c +++ b/Modules/expat/xmltok_impl.c @@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *end, POSITION *pos) { - while (ptr != end) { + while (ptr < end) { switch (BYTE_TYPE(enc, ptr)) { #define LEAD_CASE(n) \ case BT_LEAD ## n: \ |