mirror of
https://git.yoctoproject.org/poky
synced 2026-03-09 16:59:40 +01:00
efbd99e462
Release notes:
https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.14.5
(From OE-Core rev: b82cb6d55033ffff79b5a767bd50b06989c0acfc)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
32 lines
888 B
Diff
32 lines
888 B
Diff
From e546e423d69ec9b3c71167d3c3140fa1b9af93c7 Mon Sep 17 00:00:00 2001
|
|
From: Nick Wellnhofer <wellnhofer@aevum.de>
|
|
Date: Tue, 27 May 2025 12:53:17 +0200
|
|
Subject: [PATCH] tree: Fix integer overflow in xmlBuildQName
|
|
|
|
This issue affects memory safety and might receive a CVE ID later.
|
|
|
|
Fixes #926.
|
|
|
|
Signed-off-by: Nick Wellnhofer <wellnhofer@aevum.de>
|
|
|
|
Add '#include <stdint.h>' to assure the definition of SIZE_MAX
|
|
CVE: CVE-2025-6021
|
|
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/acbbeef9f5dcdcc901c5f3fa14d583ef8cfd22f0]
|
|
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
|
|
---
|
|
tree.c | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/tree.c b/tree.c
|
|
index e14bc62..22ec11c 100644
|
|
--- a/tree.c
|
|
+++ b/tree.c
|
|
@@ -23,6 +23,7 @@
|
|
#include <limits.h>
|
|
#include <ctype.h>
|
|
#include <stdlib.h>
|
|
+#include <stdint.h>
|
|
|
|
#ifdef LIBXML_ZLIB_ENABLED
|
|
#include <zlib.h>
|