libxml2/libxml2-CVE-2024-34459.patch

From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Wed, 8 May 2024 11:49:31 +0200
Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`

Add a missing bounds check.

Fixes #720.
---
 xmllint.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xmllint.c b/xmllint.c
index b2afbe969..35c328578 100644
--- a/xmllint.c
+++ b/xmllint.c
@@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
     len = strlen(buffer);
     snprintf(&buffer[len], sizeof(buffer) - len, "\n");
     cur = input->cur;
-    while ((*cur == '\n') || (*cur == '\r'))
+    while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
 	cur--;
     n = 0;
     while ((cur != base) && (n++ < 80)) {
-- 
GitLab
Sync from SUSE:ALP:Source:Standard:1.0 libxml2 revision 329c5ef83dc8176dde764cb64c1c4342 2024-09-11 13:37:30 +02:00			`From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001`
			`From: Nick Wellnhofer <wellnhofer@aevum.de>`
			`Date: Wed, 8 May 2024 11:49:31 +0200`
			Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`

			`Add a missing bounds check.`

			`Fixes #720.`
			`---`
			`xmllint.c \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/xmllint.c b/xmllint.c`
			`index b2afbe969..35c328578 100644`
			`--- a/xmllint.c`
			`+++ b/xmllint.c`
			`@@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {`
			`len = strlen(buffer);`
			`snprintf(&buffer[len], sizeof(buffer) - len, "\n");`
			`cur = input->cur;`
			`- while ((cur == '\n') \|\| (cur == '\r'))`
			`+ while ((cur > base) && ((cur == '\n') \|\| (cur == '\r')))`
			`cur--;`
			`n = 0;`
			`while ((cur != base) && (n++ < 80)) {`
			`--`
			`GitLab`