a2bd8e17dc
CVE-2011-0216 - Off-by-one error CVE-2011-2821 - Double free vulnerability CVE-2011-2834 - Double free vulnerability CVE-2011-3905 - DOS (out-of-bounds read) via unspecified vectors CVE-2011-3919 - Heap-based buffer overflow ok sthen@
29 lines
1007 B
Plaintext
29 lines
1007 B
Plaintext
$OpenBSD: patch-include_libxml_xpath_h,v 1.1 2012/01/23 10:17:49 ajacoutot Exp $
|
|
|
|
From f5048b3e71fc30ad096970b8df6e7af073bae4cb Mon Sep 17 00:00:00 2001
|
|
From: Daniel Veillard <veillard@redhat.com>
|
|
Date: Thu, 18 Aug 2011 09:10:13 +0000
|
|
Subject: Hardening of XPath evaluation
|
|
|
|
--- include/libxml/xpath.h.orig Tue Oct 12 08:25:32 2010
|
|
+++ include/libxml/xpath.h Mon Jan 23 08:15:53 2012
|
|
@@ -68,7 +68,8 @@ typedef enum {
|
|
XPATH_UNDEF_PREFIX_ERROR,
|
|
XPATH_ENCODING_ERROR,
|
|
XPATH_INVALID_CHAR_ERROR,
|
|
- XPATH_INVALID_CTXT
|
|
+ XPATH_INVALID_CTXT,
|
|
+ XPATH_STACK_ERROR
|
|
} xmlXPathError;
|
|
|
|
/*
|
|
@@ -380,6 +381,8 @@ struct _xmlXPathParserContext {
|
|
xmlXPathCompExprPtr comp; /* the precompiled expression */
|
|
int xptr; /* it this an XPointer expression */
|
|
xmlNodePtr ancestor; /* used for walking preceding axis */
|
|
+
|
|
+ int valueFrame; /* used to limit Pop on the stack */
|
|
};
|
|
|
|
/************************************************************************
|