• Pranjal Jumde's avatar
    Heap-based buffer overread in htmlCurrentChar · 0bcd05c5
    Pranjal Jumde authored
    For https://bugzilla.gnome.org/show_bug.cgi?id=758606
    * parserInternals.c:
    (xmlNextChar): Add an test to catch other issues on ctxt->input
    corruption proactively.
    For non-UTF-8 charsets, xmlNextChar() failed to check for the end
    of the input buffer and would continuing reading.  Fix this by
    pulling out the check for the end of the input buffer into common
    code, and return if we reach the end of the input buffer
    * result/HTML/758606.html: Added.
    * result/HTML/758606.html.err: Added.
    * result/HTML/758606.html.sax: Added.
    * result/HTML/758606_2.html: Added.
    * result/HTML/758606_2.html.err: Added.
    * result/HTML/758606_2.html.sax: Added.
    * test/HTML/758606.html: Added test case.
    * test/HTML/758606_2.html: Added test case.
758606_2.html 52 Bytes