diff options
author | Daniel Veillard <veillard@redhat.com> | 2015-06-29 16:10:26 +0800 |
---|---|---|
committer | Daniel Veillard <veillard@redhat.com> | 2015-06-29 16:10:26 +0800 |
commit | 709a952110e98621c9b78c4f26462a9d8333102e (patch) | |
tree | 5edb1587f44d1351a539ac31a22a7b542733ef98 | |
parent | 9aa37588ee78a06ca1379a9d9356eab16686099c (diff) | |
download | libxml2-709a952110e98621c9b78c4f26462a9d8333102e.tar.gz |
Fail parsing early on if encoding conversion failedCVE-2015-8317
For https://bugzilla.gnome.org/show_bug.cgi?id=751631
If we fail conversing the current input stream while
processing the encoding declaration of the XMLDecl
then it's safer to just abort there and not try to
report further errors.
-rw-r--r-- | parser.c | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -10471,7 +10471,11 @@ xmlParseEncodingDecl(xmlParserCtxtPtr ctxt) { handler = xmlFindCharEncodingHandler((const char *) encoding); if (handler != NULL) { - xmlSwitchToEncoding(ctxt, handler); + if (xmlSwitchToEncoding(ctxt, handler) < 0) { + /* failed to convert */ + ctxt->errNo = XML_ERR_UNSUPPORTED_ENCODING; + return(NULL); + } } else { xmlFatalErrMsgStr(ctxt, XML_ERR_UNSUPPORTED_ENCODING, "Unsupported encoding %s\n", encoding); |