• Pranjal Jumde's avatar
    Heap-based buffer overread in htmlCurrentChar · 0bcd05c5
    Pranjal Jumde authored
    For https://bugzilla.gnome.org/show_bug.cgi?id=758606
    
    * parserInternals.c:
    (xmlNextChar): Add an test to catch other issues on ctxt->input
    corruption proactively.
    For non-UTF-8 charsets, xmlNextChar() failed to check for the end
    of the input buffer and would continuing reading.  Fix this by
    pulling out the check for the end of the input buffer into common
    code, and return if we reach the end of the input buffer
    prematurely.
    * result/HTML/758606.html: Added.
    * result/HTML/758606.html.err: Added.
    * result/HTML/758606.html.sax: Added.
    * result/HTML/758606_2.html: Added.
    * result/HTML/758606_2.html.err: Added.
    * result/HTML/758606_2.html.sax: Added.
    * test/HTML/758606.html: Added test case.
    * test/HTML/758606_2.html: Added test case.
    0bcd05c5
758606.html 15 Bytes