Commit 41a65d27 authored Jan 19, 2022 by Steve Sakoman

expat: fix CVE-2021-46143

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an
integer overflow exists for m_groupSize.

Backport patch from:
https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b



CVE: CVE-2021-46143
Signed-off-by: Steve Sakoman <steve@sakoman.com>

parent 22fe1dea

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit babe1859
· Feb 03, 2022

mentioned in commit babe1859

mentioned in commit babe185972eb71058762ca20c349ba2651d0f73d

Toggle commit list

Please register or to comment