mirror of
https://github.com/PartialVolume/shredos.x86_64.git
synced 2026-02-20 09:35:26 +00:00
43 lines
1.4 KiB
Diff
43 lines
1.4 KiB
Diff
From d9bcffd6cd5e8ec32889a594f7348d67a5101b3a Mon Sep 17 00:00:00 2001
|
|
From: Changqing Li <changqing.li@windriver.com>
|
|
Date: Mon, 12 May 2025 13:58:42 +0800
|
|
Subject: [PATCH] Fix heap buffer overflow in
|
|
soup-content-sniffer.c:sniff_feed_or_html()
|
|
|
|
CVE: CVE-2025-32053
|
|
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/eaed42ca8d40cd9ab63764e3d63641180505f40a]
|
|
|
|
Upstream: https://git.openembedded.org/meta-openembedded/tree/meta-oe/recipes-support/libsoup/libsoup-2.4/CVE-2025-32053.patch
|
|
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
|
|
Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
|
|
---
|
|
libsoup/soup-content-sniffer.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
|
|
index 967ec61..5f2896e 100644
|
|
--- a/libsoup/soup-content-sniffer.c
|
|
+++ b/libsoup/soup-content-sniffer.c
|
|
@@ -620,7 +620,7 @@ skip_insignificant_space (const char *resource, int *pos, int resource_length)
|
|
(resource[*pos] == '\x0D')) {
|
|
*pos = *pos + 1;
|
|
|
|
- if (*pos > resource_length)
|
|
+ if (*pos >= resource_length)
|
|
return TRUE;
|
|
}
|
|
|
|
@@ -682,7 +682,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
|
|
do {
|
|
pos++;
|
|
|
|
- if (pos > resource_length)
|
|
+ if ((pos + 1) > resource_length)
|
|
goto text_html;
|
|
} while (resource[pos] != '>');
|
|
|
|
--
|
|
2.34.1
|
|
|