Commit 22fe1dea authored Jan 19, 2022 by Steve Sakoman

expat: fix CVE-2021-45960

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more)
places in the storeAtts function in xmlparse.c can lead to realloc
misbehavior (e.g., allocating too few bytes, or only freeing memory).

Backport patch from:
https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea



CVE: CVE-2021-45960
Signed-off-by: Steve Sakoman <steve@sakoman.com>

parent 3b6c47c0

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 8d475823
· Feb 03, 2022

mentioned in commit 8d475823

mentioned in commit 8d475823acf95d81596c1c125bc7dd4d0e0f5f1c

Toggle commit list

Please register or to comment