Overview

File Fix-CVE-2021-30485-bug-25.patch of Package netcdf.21639

From: Egbert Eich <eich@suse.com>
Date: Mon Oct 25 15:49:58 2021 +0200
Subject: Fix CVE-2021-30485 / bug 25
Patch-mainline: Not yet
Git-commit: 01fccb947ea2704913a97b0436c9fec7b26392e6
References: 

This fixes
 https://sourceforge.net/p/ezxml/bugs/25/

Signed-off-by: Egbert Eich <eich@suse.com>
---
 netcdf-c-4.8.0/libdap4/ezxml.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/netcdf-c-4.8.0/libdap4/ezxml.c b/netcdf-c-4.8.0/libdap4/ezxml.c
index e842962..b11c88a 100644
--- a/libdap4/ezxml.c
+++ b/libdap4/ezxml.c
@@ -366,7 +366,7 @@ short ezxml_internal_dtd(ezxml_root_t root, char *s, size_t len)
             if (! *t) { ezxml_err(root, t, "unclosed <!ATTLIST"); break; }
             if (*(s = t + strcspn(t, EZXML_WS ">")) == '>') continue;
             else *s = '\0'; /* null terminate tag name*/
-            for (i = 0; root->attr[i] && strcmp(n, root->attr[i][0]); i++);
+            for (i = 0; n && root->attr[i] && strcmp(n, root->attr[i][0]); i++);
 
 	    for(;;) {
 		s++;
openSUSE Build Service is sponsored by
Places