diff options
author | Max Rees <maxcrees@me.com> | 2019-07-23 18:07:09 -0400 |
---|---|---|
committer | Max Rees <maxcrees@me.com> | 2019-07-23 18:07:09 -0400 |
commit | 0b09c67b8eba048295e57af90599dd74d1e30df8 (patch) | |
tree | 9fa18b7e838bdcb803e806a8f893217a11f184e0 /system/libxslt/CVE-2019-13117.patch | |
parent | b7ffaa4d55e1faf4de0f8e6a2edf372fedfeaf71 (diff) | |
download | packages-0b09c67b8eba048295e57af90599dd74d1e30df8.tar.gz packages-0b09c67b8eba048295e57af90599dd74d1e30df8.tar.bz2 packages-0b09c67b8eba048295e57af90599dd74d1e30df8.tar.xz packages-0b09c67b8eba048295e57af90599dd74d1e30df8.zip |
system/libxslt: patch for CVE-2019-13117, CVE-2019-13118
Diffstat (limited to 'system/libxslt/CVE-2019-13117.patch')
-rw-r--r-- | system/libxslt/CVE-2019-13117.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/system/libxslt/CVE-2019-13117.patch b/system/libxslt/CVE-2019-13117.patch new file mode 100644 index 000000000..78ebb9075 --- /dev/null +++ b/system/libxslt/CVE-2019-13117.patch @@ -0,0 +1,29 @@ +From c5eb6cf3aba0af048596106ed839b4ae17ecbcb1 Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Sat, 27 Apr 2019 11:19:48 +0200 +Subject: [PATCH] Fix uninitialized read of xsl:number token + +Found by OSS-Fuzz. +--- + libxslt/numbers.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/libxslt/numbers.c b/libxslt/numbers.c +index 89e1f668..75c31eba 100644 +--- a/libxslt/numbers.c ++++ b/libxslt/numbers.c +@@ -382,7 +382,10 @@ xsltNumberFormatTokenize(const xmlChar *format, + tokens->tokens[tokens->nTokens].token = val - 1; + ix += len; + val = xmlStringCurrentChar(NULL, format+ix, &len); +- } ++ } else { ++ tokens->tokens[tokens->nTokens].token = (xmlChar)'0'; ++ tokens->tokens[tokens->nTokens].width = 1; ++ } + } else if ( (val == (xmlChar)'A') || + (val == (xmlChar)'a') || + (val == (xmlChar)'I') || +-- +2.21.0 + |