Peter Simons 8f30bdff69 Add missing increments of recursion depth counter to XML parser. ...

For https://bugzilla.gnome.org/show_bug.cgi?id=765207
CVE-2016-3705
The functions xmlParserEntityCheck() and xmlParseAttValueComplex() used to call
xmlStringDecodeEntities() in a recursive context without incrementing the
'depth' counter in the parser context. Because of that omission, the parser
failed to detect attribute recursions in certain documents before running out
of stack space.

2016-05-22 09:24:05 +08:00

429 KiB

Raw Permalink Blame History

View Raw