Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a50ffe5

Browse files
doko42doko42
committed
Merged revisions 77680 via svnmerge from
svn+ssh://[email protected]/python/trunk ........ r77680 | matthias.klose | 2010-01-22 01:39:04 +0100 (Fr, 22 Jan 2010) | 3 lines - Expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560). ........
1 parent b660599 commit a50ffe5

2 files changed

Lines changed: 6 additions & 0 deletions

File tree

Misc/NEWS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -610,6 +610,9 @@ Extension Modules
610610

611611
- Issue #2389: Array objects are now pickled in a portable manner.
612612

613+
- Expat: Fix DoS via XML document with malformed UTF-8 sequences
614+
(CVE_2009_3560).
615+
613616
Build
614617
-----
615618

Modules/expat/xmlparse.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3682,6 +3682,9 @@ doProlog(XML_Parser parser,
36823682
return XML_ERROR_UNCLOSED_TOKEN;
36833683
case XML_TOK_PARTIAL_CHAR:
36843684
return XML_ERROR_PARTIAL_CHAR;
3685+
case -XML_TOK_PROLOG_S:
3686+
tok = -tok;
3687+
break;
36853688
case XML_TOK_NONE:
36863689
#ifdef XML_DTD
36873690
/* for internal PE NOT referenced between declarations */

0 commit comments

Comments
 (0)