File mozjs52-CVE-2024-45490-part01-5c1a3164.patch of Package mozjs52.42029

From 5c1a31642e243f4870c0bd1f2afc7597976521bf Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Mon, 19 Aug 2024 22:26:07 +0200
Subject: [PATCH] lib: Reject negative len for XML_ParseBuffer

Reported by TaiYou

--- a/parser/expat/lib/xmlparse.c
+++ b/parser/expat/lib/xmlparse.c
@@ -1637,6 +1637,11 @@
   const char *start;
   enum XML_Status result = XML_STATUS_OK;
 
+  if (len < 0) {
+    parser->m_errorCode = XML_ERROR_INVALID_ARGUMENT;
+    return XML_STATUS_ERROR;
+  }
+
   switch (ps_parsing) {
   case XML_SUSPENDED:
     errorCode = XML_ERROR_SUSPENDED;

Places

File mozjs52-CVE-2024-45490-part01-5c1a3164.patch of Package mozjs52.42029

Places