Overview

File CVE-2017-9765.patch of Package gsoap.7011

Index: gsoap-2.8.33/gsoap/stdsoap2.c
===================================================================
--- gsoap-2.8.33.orig/gsoap/stdsoap2.c
+++ gsoap-2.8.33/gsoap/stdsoap2.c
@@ -1709,17 +1709,16 @@ static soap_wchar
 soap_get_pi(struct soap *soap)
 { char buf[64];
   char *s = buf;
-  int i = sizeof(buf);
-  soap_wchar c = soap_getchar(soap);
-  /* This is a quick way to parse XML PI and we could use a callback instead to
-   * enable applications to intercept processing instructions */
-  while ((int)c != EOF && c != '?')
-  { if (--i > 0)
+  size_t i = sizeof(buf);
+  soap_wchar c;
+  /* Parse the XML PI encoding declaration and look for <?xml ... encoding=X ?> */
+  while ((int)(c = soap_getchar(soap)) != EOF && c != '?')
+  { if (i > 1)
     { if (soap_blank(c))
         c = ' ';
       *s++ = (char)c;
+      i--;
     }
-    c = soap_getchar(soap);
   }
   *s = '\0';
   DBGLOG(TEST, SOAP_MESSAGE(fdebug, "XML PI <?%s?>\n", buf));
Index: gsoap-2.8.33/gsoap/stdsoap2.cpp
===================================================================
--- gsoap-2.8.33.orig/gsoap/stdsoap2.cpp
+++ gsoap-2.8.33/gsoap/stdsoap2.cpp
@@ -1709,17 +1709,16 @@ static soap_wchar
 soap_get_pi(struct soap *soap)
 { char buf[64];
   char *s = buf;
-  int i = sizeof(buf);
-  soap_wchar c = soap_getchar(soap);
-  /* This is a quick way to parse XML PI and we could use a callback instead to
-   * enable applications to intercept processing instructions */
-  while ((int)c != EOF && c != '?')
-  { if (--i > 0)
+  size_t i = sizeof(buf);
+  soap_wchar c;
+  /* Parse the XML PI encoding declaration and look for <?xml ... encoding=X ?> */
+  while ((int)(c = soap_getchar(soap)) != EOF && c != '?')
+  { if (i > 1)
     { if (soap_blank(c))
         c = ' ';
       *s++ = (char)c;
+      i--;
     }
-    c = soap_getchar(soap);
   }
   *s = '\0';
   DBGLOG(TEST, SOAP_MESSAGE(fdebug, "XML PI <?%s?>\n", buf));
openSUSE Build Service is sponsored by
Places