We have some news to share for the request index beta feature. We’ve added more options to sort your requests, counters to the individual filters and documentation for the search functionality. Checkout the blog post for more details.

Package not found: openSUSE:Tools/osc-plugin-install
Overview

File libsoup-CVE-2025-2784-2.patch of Package libsoup.42105

diff -urp libsoup-2.68.4.orig/libsoup/soup-content-sniffer.c libsoup-2.68.4/libsoup/soup-content-sniffer.c
--- libsoup-2.68.4.orig/libsoup/soup-content-sniffer.c	2025-04-30 15:32:59.639179133 -0500
+++ libsoup-2.68.4/libsoup/soup-content-sniffer.c	2025-04-30 15:33:21.750705579 -0500
@@ -612,8 +612,11 @@ sniff_text_or_binary (SoupContentSniffer
 }
 
 static gboolean
-skip_insignificant_space (const char *resource, int *pos, int resource_length)
+skip_insignificant_space (const char *resource, gsize *pos, gsize resource_length)
 {
+        if (*pos >= resource_length)
+	        return TRUE;
+
 	while ((resource[*pos] == '\x09') ||
 	       (resource[*pos] == '\x20') ||
 	       (resource[*pos] == '\x0A') ||
@@ -632,7 +635,7 @@ sniff_feed_or_html (SoupContentSniffer *
 {
 	const char *resource = (const char *)buffer->data;
 	int resource_length = MIN (512, buffer->length);
-	int pos = 0;
+	gsize pos = 0;
 
 	if (resource_length < 3)
 		goto text_html;
@@ -642,9 +645,6 @@ sniff_feed_or_html (SoupContentSniffer *
 		pos = 3;
 
  look_for_tag:
-	if (pos >= resource_length)
-		goto text_html;
-
 	if (skip_insignificant_space (resource, &pos, resource_length))
 		goto text_html;
 
diff -urp libsoup-2.68.4.orig/tests/sniffing-test.c libsoup-2.68.4/tests/sniffing-test.c
--- libsoup-2.68.4.orig/tests/sniffing-test.c	2025-04-30 15:32:59.639597796 -0500
+++ libsoup-2.68.4/tests/sniffing-test.c	2025-04-30 15:43:38.207966526 -0500
@@ -432,6 +432,53 @@ test_disabled (gconstpointer data)
 	soup_uri_free (uri);
 }
 
+static const gsize MARKUP_LENGTH = strlen ("<!--") + strlen ("-->");
+
+static void
+do_skip_whitespace_test (void)
+{
+        SoupContentSniffer *sniffer = soup_content_sniffer_new ();
+        SoupMessage *msg = soup_message_new (SOUP_METHOD_GET, "http://example.org");
+  guint i;
+        const char *test_cases[] = {
+                "",
+                "<rdf:RDF",
+                "<rdf:RDFxmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\"",
+                "<rdf:RDFxmlns=\"http://purl.org/rss/1.0/\"",
+        };
+
+        soup_message_headers_set_content_type (msg->response_headers, "text/html", NULL);
+
+        for (i = 0; i < G_N_ELEMENTS (test_cases); i++) {
+                const char *trailing_data = test_cases[i];
+                gsize leading_zeros = 512 - MARKUP_LENGTH - strlen (trailing_data);
+                gsize testsize = MARKUP_LENGTH + leading_zeros + strlen (trailing_data);
+                guint8 *data = g_malloc0 (testsize);
+                guint8 *p = data;
+                char *content_type;
+                GBytes *buffer;
+
+                /* Format of <!--[0x00 * $leading_zeros]-->$trailing_data */
+                memcpy (p, "<!--", strlen ("<!--"));
+                p += strlen ("<!--");
+                p += leading_zeros;
+                memcpy (p, "-->", strlen ("-->"));
+                p += strlen ("-->");
+                if (strlen (trailing_data))
+                        memcpy (p, trailing_data, strlen (trailing_data));
+                /* Purposefully not NUL terminated. */
+
+                buffer = g_bytes_new_take (g_steal_pointer (&data), testsize);
+                content_type = soup_content_sniffer_sniff (sniffer, msg, (SoupBuffer *) buffer, NULL);
+
+                g_free (content_type);
+                g_bytes_unref (buffer);
+        }
+
+        g_object_unref (msg);
+        g_object_unref (sniffer);
+}
+
 int
 main (int argc, char **argv)
 {
@@ -601,16 +648,13 @@ main (int argc, char **argv)
 			      "type/text_html; charset=UTF-8/test.html => text/html; charset=UTF-8",
 			      do_sniffing_test);
 
-        /* Test hitting skip_insignificant_space() with number of bytes equaling resource_length. */
-	g_test_add_data_func ("/sniffing/whitespace",
-			      "type/text_html/whitespace.html => text/html",
-			      do_sniffing_test);
-
 	/* Test that disabling the sniffer works correctly */
 	g_test_add_data_func ("/sniffing/disabled",
 			      "/text_or_binary/home.gif",
 			      test_disabled);
 
+	g_test_add_func ("/sniffing/whitespace", do_skip_whitespace_test);
+
 	ret = g_test_run ();
 
 	soup_uri_free (base_uri);
diff -urp libsoup-2.68.4.orig/tests/soup-tests.gresource.xml libsoup-2.68.4/tests/soup-tests.gresource.xml
--- libsoup-2.68.4.orig/tests/soup-tests.gresource.xml	2025-04-30 15:32:59.639777967 -0500
+++ libsoup-2.68.4/tests/soup-tests.gresource.xml	2025-04-30 15:33:21.751259859 -0500
@@ -25,6 +25,5 @@
     <file>resources/text.txt</file>
     <file>resources/text_binary.txt</file>
     <file>resources/tux.webp</file>
-    <file>resources/whitespace.html</file>
   </gresource>
 </gresources>
openSUSE Build Service is sponsored by
Places