mirror of
https://git.yoctoproject.org/poky
synced 2026-03-10 09:19:41 +01:00
7c4bd642e4
REXML is an XML toolkit for Ruby. The REXML gem before 3.3.1 has some DoS vulnerabilities when it parses an XML that has many specific characters such as `<`, `0` and `%>`. If you need to parse untrusted XMLs, you many be impacted to these vulnerabilities. The REXML gem 3.3.2 or later include the patches to fix these vulnerabilities. Users are advised to upgrade. Users unable to upgrade should avoid parsing untrusted XML strings. Reference: https://security-tracker.debian.org/tracker/CVE-2024-39908 Upstream-patches:f1df7d13b3d146162e9ab5bf109a59b8a5f4cd5c0af55fa49dc1b64c174e9f1415a261c33ea49810a79ac8b4b467efb5951e1f1e6e9b40910e5a2b48(From OE-Core rev: 6e0b70843422cd7cdb25a9e1520dd64bf701fea6) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
37 lines
1.5 KiB
Diff
37 lines
1.5 KiB
Diff
From 910e5a2b487cb5a30989884a39f9cad2cc499cfc Mon Sep 17 00:00:00 2001
|
|
From: Watson <watson1978@gmail.com>
|
|
Date: Tue, 16 Jul 2024 11:36:05 +0900
|
|
Subject: [PATCH] Fix performance issue caused by using repeated `>` characters
|
|
inside `<xml><!-- --></xml>` (#177)
|
|
|
|
A `<` is treated as a string delimiter.
|
|
In certain cases, if `<` is used in succession, read and match are
|
|
repeated, which slows down the process. Therefore, the following is used
|
|
to read ahead to a specific part of the string in advance.
|
|
|
|
CVE: CVE-2024-39908
|
|
|
|
Upstream-Status: Backport [https://github.com/ruby/rexml/commit/910e5a2b487cb5a30989884a39f9cad2cc499cfc]
|
|
|
|
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
|
|
---
|
|
.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb b/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb
|
|
index a9b1b44..4864ba1 100644
|
|
--- a/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb
|
|
+++ b/.bundle/gems/rexml-3.2.5/lib/rexml/parsers/baseparser.rb
|
|
@@ -413,7 +413,7 @@ module REXML
|
|
#STDERR.puts "SOURCE BUFFER = #{source.buffer}, #{source.buffer.size}"
|
|
raise REXML::ParseException.new("Malformed node", @source) unless md
|
|
if md[0][0] == ?-
|
|
- md = @source.match(/--(.*?)-->/um, true)
|
|
+ md = @source.match(/--(.*?)-->/um, true, term: Private::COMMENT_TERM)
|
|
|
|
case md[1]
|
|
when /--/, /-\z/
|
|
--
|
|
2.40.0
|
|
|