summaryrefslogtreecommitdiff
path: root/repo/raptor2/CVE-2020-25713.patch
diff options
context:
space:
mode:
Diffstat (limited to 'repo/raptor2/CVE-2020-25713.patch')
-rw-r--r--repo/raptor2/CVE-2020-25713.patch16
1 files changed, 16 insertions, 0 deletions
diff --git a/repo/raptor2/CVE-2020-25713.patch b/repo/raptor2/CVE-2020-25713.patch
new file mode 100644
index 0000000..b154f92
--- /dev/null
+++ b/repo/raptor2/CVE-2020-25713.patch
@@ -0,0 +1,16 @@
+https://bugs.librdf.org/mantis/view.php?id=650
+
+diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
+index 56993dc3..163f34d5 100644
+--- a/src/raptor_xml_writer.c
++++ b/src/raptor_xml_writer.c
+@@ -216,6 +216,9 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
+
+ if(nstack && element->attributes) {
+ for(i = 0; i < element->attribute_count; i++) {
++ if (nspace_declarations_count > element->attribute_count)
++ goto error;
++
+ /* qname */
+ if(element->attributes[i]->nspace) {
+ /* Check if we need a namespace declaration attribute */
generated by cgit v1.2.1 (git 2.18.0) at 2024-09-21 08:22:18 +0000