From a7a94612aa3b16779e2c74e1fa353b5d9786c602 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Tue, 9 Feb 2016 12:55:29 +0100
Subject: [PATCH] Heap-based buffer overread in xmlNextChar

For https://bugzilla.gnome.org/show_bug.cgi?id=759671

when the end of the internal subset isn't properly detected
xmlParseInternalSubset should just return instead of trying
to process input further.
---
 parser.c                       |  1 +
 result/errors/754946.xml.err   | 10 +++++-----
 result/errors/content1.xml.err |  2 +-
 result/valid/t8.xml.err        |  2 +-
 result/valid/t8a.xml.err       |  2 +-
 5 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/parser.c b/parser.c
index c5741e3b..0677030c 100644
--- a/parser.c
+++ b/parser.c
@@ -8468,6 +8468,7 @@ xmlParseInternalSubset(xmlParserCtxtPtr ctxt) {
      */
     if (RAW != '>') {
 	xmlFatalErr(ctxt, XML_ERR_DOCTYPE_NOT_FINISHED, NULL);
+	return;
     }
     NEXT;
 }
diff --git a/result/errors/754946.xml.err b/result/errors/754946.xml.err
index a75088b9..c03e35bf 100644
--- a/result/errors/754946.xml.err
+++ b/result/errors/754946.xml.err
@@ -11,9 +11,9 @@ Entity: line 1: parser error : DOCTYPE improperly terminated
 Entity: line 1: 
 A<lbbbbbbbbbbbbbbbbbbb_
 ^
-./test/errors/754946.xml:1: parser error : Start tag doesn't start and stop in the same entity
->%SYSTEM;<![
-         ^
-./test/errors/754946.xml:1: parser error : Extra content at the end of the document
->%SYSTEM;<![
+Entity: line 1: parser error : Start tag expected, '<' not found
+ %SYSTEM; 
          ^
+Entity: line 1: 
+A<lbbbbbbbbbbbbbbbbbbb_
+^
diff --git a/result/errors/content1.xml.err b/result/errors/content1.xml.err
index 425be393..9fcd6033 100644
--- a/result/errors/content1.xml.err
+++ b/result/errors/content1.xml.err
@@ -13,4 +13,4 @@
                          ^
 ./test/errors/content1.xml:7: parser error : Start tag expected, '<' not found
 <!ELEMENT aElement (a |b * >
-                           ^
+                         ^
diff --git a/result/valid/t8.xml.err b/result/valid/t8.xml.err
index d795788c..1a3c006d 100644
--- a/result/valid/t8.xml.err
+++ b/result/valid/t8.xml.err
@@ -16,4 +16,4 @@ Entity: line 1: parser error : Start tag expected, '<' not found
           ^
 Entity: line 1: 
 &lt;!ELEMENT root (middle) >
- ^
+^
diff --git a/result/valid/t8a.xml.err b/result/valid/t8a.xml.err
index d795788c..1a3c006d 100644
--- a/result/valid/t8a.xml.err
+++ b/result/valid/t8a.xml.err
@@ -16,4 +16,4 @@ Entity: line 1: parser error : Start tag expected, '<' not found
           ^
 Entity: line 1: 
 &lt;!ELEMENT root (middle) >
- ^
+^
-- 
GitLab