Skip to content
Commit 11ed4a7a authored by Pranjal Jumde's avatar Pranjal Jumde Committed by Daniel Veillard
Browse files

Heap use-after-free in htmlParsePubidLiteral and htmlParseSystemiteral

For https://bugzilla.gnome.org/show_bug.cgi?id=760263

* HTMLparser.c: Add BASE_PTR convenience macro.
(htmlParseSystemLiteral): Store length and start position instead
of a pointer while iterating through the public identifier since
the underlying buffer may change, resulting in a stale pointer
being used.
(htmlParsePubidLiteral): Ditto.
parent 4472c3a5
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment