Bug 758605: Heap-based buffer overread in xmlDictAddString... (a820dbea) · Commits · GNOME / libxml2 · GitLab

Commit a820dbea authored Mar 01, 2016 by

Pranjal Jumde Committed by Daniel Veillard May 23, 2016

Bug 758605: Heap-based buffer overread in xmlDictAddString...

Bug 758605: Heap-based buffer overread in xmlDictAddString <https://bugzilla.gnome.org/show_bug.cgi?id=758605>

Reviewed by David Kilzer.

* HTMLparser.c:
(htmlParseName): Add bounds check.
(htmlParseNameComplex): Ditto.
* result/HTML/758605.html: Added.
* result/HTML/758605.html.err: Added.
* result/HTML/758605.html.sax: Added.
* runtest.c:
(pushParseTest): The input for the new test case was so small
(4 bytes) that htmlParseChunk() was never called after
htmlCreatePushParserCtxt(), thereby creating a false positive
test failure.  Fixed by using a do-while loop so we always call
htmlParseChunk() at least once.
* test/HTML/758605.html: Added.

parent db07dd61

Hide whitespace changes

Inline Side-by-side

Ghost User @ghost
mentioned in issue #17 (closed)
· Aug 15, 2018

mentioned in issue #17 (closed)

mentioned in issue #17

Toggle commit list

Please register or to comment