Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity

- Expat: Fix DoS via XML document with malformed UTF-8 sequences 

(CVE_2009_3560).
This commit is contained in:
Matthias Klose 2010-01-22 00:39:04 +00:00
parent 3b0f9b01f6
commit 0d948ac90c
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Misc/NEWS
View File

@ -66,6 +66,12 @@ Library
Extension extra options may change the output without changing the .c Extension extra options may change the output without changing the .c
file). Initial patch by Collin Winter. file). Initial patch by Collin Winter.
Extension Modules
-----------------
- Expat: Fix DoS via XML document with malformed UTF-8 sequences
(CVE_2009_3560).
Build Build
----- -----

3
Modules/expat/xmlparse.c
View File

@ -3682,6 +3682,9 @@ doProlog(XML_Parser parser,
return XML_ERROR_UNCLOSED_TOKEN; return XML_ERROR_UNCLOSED_TOKEN;
case XML_TOK_PARTIAL_CHAR: case XML_TOK_PARTIAL_CHAR:
return XML_ERROR_PARTIAL_CHAR; return XML_ERROR_PARTIAL_CHAR;
case -XML_TOK_PROLOG_S:
tok = -tok;
break;
case XML_TOK_NONE: case XML_TOK_NONE:
#ifdef XML_DTD #ifdef XML_DTD
/* for internal PE NOT referenced between declarations */ /* for internal PE NOT referenced between declarations */