Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2024-06-29 08:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
2e84510f6f
DivestOS/Patches/LineageOS-14.1/android_external_expat/337987-backport.patch

30 lines
1003 B
Diff
Raw Normal View History

Pull in old cherrypicks + 5 missing patches from syphyr This adds 3 expat patches for n-asb-2022-09 from https://github.com/syphyr/android_external_expat/commits/cm-14.1 and also applies 2 of them to 15.1 Signed-off-by: Tad <tad@spotco.us>
2022-09-11 16:25:11 +00:00
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Sadaf Ebrahimi <sadafebrahimi@google.com>
Date: Thu, 2 Jun 2022 19:32:22 +0000
Subject: [PATCH] Prevent XML_GetBuffer signed integer overflow
Bug: http://b/221255869
Change-Id: I38758fae8c71184f728f95e6073457cdb86bcc29
(cherry picked from commit d6a09f1b7fb24dd03dc58e45062ad951a37ff8e3)
Merged-In: I38758fae8c71184f728f95e6073457cdb86bcc29
---
lib/xmlparse.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lib/xmlparse.c b/lib/xmlparse.c
index 0655e080..ee4de203 100644
--- a/lib/xmlparse.c
+++ b/lib/xmlparse.c
@@ -1738,6 +1738,11 @@ XML_GetBuffer(XML_Parser parser, int len)
if (keep > XML_CONTEXT_BYTES)
keep = XML_CONTEXT_BYTES;
+ /* Detect and prevent integer overflow */
+ if (keep > INT_MAX - neededSize) {
+ errorCode = XML_ERROR_NO_MEMORY;
+ return NULL;
+ }
neededSize += keep;
#endif /* defined XML_CONTEXT_BYTES */
if (neededSize <= bufferLim - buffer) {
Reference in New Issue Copy Permalink