70 lines
2.2 KiB
Diff
70 lines
2.2 KiB
Diff
From 0552959d99413279c456e3289ad24db783f579ba Mon Sep 17 00:00:00 2001
|
|
From: Christophe Marin <christophe@krop.fr>
|
|
Date: Wed, 30 Oct 2024 14:50:13 +0100
|
|
Subject: [PATCH] Backport fix for CVE-2024-50602
|
|
|
|
---
|
|
libcutl/cutl/details/expat/expat.h | 4 +++-
|
|
libcutl/cutl/details/expat/xmlparse.c | 9 ++++++++-
|
|
2 files changed, 11 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libcutl/cutl/details/expat/expat.h b/libcutl/cutl/details/expat/expat.h
|
|
index f5dd736..85a0f8a 100644
|
|
--- a/libcutl/cutl/details/expat/expat.h
|
|
+++ b/libcutl/cutl/details/expat/expat.h
|
|
@@ -95,7 +95,9 @@ enum XML_Error {
|
|
/* Added in 2.0. */
|
|
XML_ERROR_RESERVED_PREFIX_XML,
|
|
XML_ERROR_RESERVED_PREFIX_XMLNS,
|
|
- XML_ERROR_RESERVED_NAMESPACE_URI
|
|
+ XML_ERROR_RESERVED_NAMESPACE_URI,
|
|
+ /* Added in 2.6.4. */
|
|
+ XML_ERROR_NOT_STARTED,
|
|
};
|
|
|
|
enum XML_Content_Type {
|
|
diff --git a/libcutl/cutl/details/expat/xmlparse.c b/libcutl/cutl/details/expat/xmlparse.c
|
|
index d469102..fd9fc79 100644
|
|
--- a/libcutl/cutl/details/expat/xmlparse.c
|
|
+++ b/libcutl/cutl/details/expat/xmlparse.c
|
|
@@ -1750,6 +1750,9 @@ enum XML_Status XMLCALL
|
|
XML_StopParser(XML_Parser parser, XML_Bool resumable)
|
|
{
|
|
switch (ps_parsing) {
|
|
+ case XML_INITIALIZED:
|
|
+ errorCode = XML_ERROR_NOT_STARTED;
|
|
+ return XML_STATUS_ERROR;
|
|
case XML_SUSPENDED:
|
|
if (resumable) {
|
|
errorCode = XML_ERROR_SUSPENDED;
|
|
@@ -1760,7 +1763,7 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable)
|
|
case XML_FINISHED:
|
|
errorCode = XML_ERROR_FINISHED;
|
|
return XML_STATUS_ERROR;
|
|
- default:
|
|
+ case XML_PARSING:
|
|
if (resumable) {
|
|
#ifdef XML_DTD
|
|
if (isParamEntity) {
|
|
@@ -1772,6 +1775,9 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable)
|
|
}
|
|
else
|
|
ps_parsing = XML_FINISHED;
|
|
+ break;
|
|
+ default:
|
|
+ assert(0);
|
|
}
|
|
return XML_STATUS_OK;
|
|
}
|
|
@@ -1959,6 +1965,7 @@ XML_ErrorString(enum XML_Error code)
|
|
XML_L("reserved prefix (xml) must not be undeclared or bound to another namespace name"),
|
|
XML_L("reserved prefix (xmlns) must not be declared or undeclared"),
|
|
XML_L("prefix must not be bound to one of the reserved namespace names")
|
|
+ XML_L("parser not started")
|
|
};
|
|
if (code > 0 && code < sizeof(message)/sizeof(message[0]))
|
|
return message[code];
|
|
--
|
|
2.47.0
|
|
|