We have some news to share for the request index beta feature. We’ve added more options to sort your requests, counters to the individual filters and documentation for the search functionality. Checkout the blog post for more details.

Overview

File libxml2-CVE-2024-34459.patch of Package libxml2.42447

From 3ad7f81624572ebd5b9e6058c9f67d38207c10e2 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Wed, 8 May 2024 11:49:31 +0200
Subject: [PATCH] [CVE-2024-34459] Fix buffer overread with `xmllint --htmlout`

Add a missing bounds check.

Fixes #720.
---
 xmllint.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xmllint.c b/xmllint.c
index b2afbe969..35c328578 100644
--- a/xmllint.c
+++ b/xmllint.c
@@ -543,7 +543,7 @@ xmlHTMLPrintFileContext(xmlParserInputPtr input) {
     len = strlen(buffer);
     snprintf(&buffer[len], sizeof(buffer) - len, "\n");
     cur = input->cur;
-    while ((*cur == '\n') || (*cur == '\r'))
+    while ((cur > base) && ((*cur == '\n') || (*cur == '\r')))
 	cur--;
     n = 0;
     while ((cur != base) && (n++ < 80)) {
-- 
GitLab
openSUSE Build Service is sponsored by
Places