Overview

File 5739a090.patch of Package libsoup.38609

From 5739a090529209c2afc13f482256573bcd9ce940 Mon Sep 17 00:00:00 2001
From: Ar Jun <pkillarjun@protonmail.com>
Date: Mon, 18 Nov 2024 14:59:51 -0600
Subject: [PATCH] Fix heap buffer overflow in
 soup-content-sniffer.c:sniff_feed_or_html()

CVE-2025-32053
---
 libsoup/soup-content-sniffer.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
index 744f48a0..3fb29adf 100644
--- a/libsoup/soup-content-sniffer.c
+++ b/libsoup/soup-content-sniffer.c
@@ -623,7 +623,7 @@ skip_insignificant_space (const char *resource, gsize *pos, gsize resource_lengt
 	       (resource[*pos] == '\x0D')) {
 		*pos = *pos + 1;
 
-		if (*pos > resource_length)
+		if (*pos >= resource_length)
 			return TRUE;
 	}
 
@@ -682,7 +682,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
 		do {
 			pos++;
 
-			if (pos > resource_length)
+			if ((pos + 1) > resource_length)
 				goto text_html;
 		} while (resource[pos] != '>');
 
-- 
GitLab
openSUSE Build Service is sponsored by
Places