projects / platform / upstream / libxml2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a58184a) | patch
[CVE-2020-7595] Fix infinite loop in xmlStringLenDecodeEntities 99/294499/1 accepted/tizen_6.0_base accepted/tizen_6.0_base_tool tizen_6.0_base accepted/tizen/6.0/base/20230713.142922 accepted/tizen/6.0/base/tool/20230625.221418 submit/tizen_6.0_base/20230622.060439
authorJinWang An <jinwang.an@samsung.com>
Tue, 20 Jun 2023 07:57:03 +0000 (16:57 +0900)
committerJinWang An <jinwang.an@samsung.com>
Tue, 20 Jun 2023 07:57:03 +0000 (16:57 +0900)
commit64b97c05d73b983d9afa3759dce8232629be05c3
tree1f49e79bce6848e600534e97de3f99b9b6817923tree | snapshot
parenta58184a0533c8833ddc91e10a8677d9ac59dd1fecommit | diff
[CVE-2020-7595] Fix infinite loop in xmlStringLenDecodeEntities

When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef
return NULL which cause a infinite loop in xmlStringLenDecodeEntities

Found with libFuzzer.

From 0e1a49c8907645d2e155f0d89d4d9895ac5112b5 Mon Sep 17 00:00:00 2001
From: Zhipeng Xie <xiezhipeng1@huawei.com>
Date: Thu, 12 Dec 2019 17:30:55 +0800

Change-Id: Icf48083013a7e949a591eac94dc6def067a49459
Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>
Signed-off-by: JinWang An <jinwang.an@samsung.com>
parser.c diff | blob | history
Domain: System / Base;