[Python-checkins] r77682 - in python/branches/py3k: Misc/NEWS Modules/expat/xmlparse.c
matthias.klose
python-checkins at python.org
Fri Jan 22 02:10:19 CET 2010
Author: matthias.klose
Date: Fri Jan 22 02:10:19 2010
New Revision: 77682
Log:
Merged revisions 77680 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r77680 | matthias.klose | 2010-01-22 01:39:04 +0100 (Fr, 22 Jan 2010) | 3 lines
- Expat: Fix DoS via XML document with malformed UTF-8 sequences
(CVE_2009_3560).
........
Modified:
python/branches/py3k/ (props changed)
python/branches/py3k/Misc/NEWS
python/branches/py3k/Modules/expat/xmlparse.c
Modified: python/branches/py3k/Misc/NEWS
==============================================================================
--- python/branches/py3k/Misc/NEWS (original)
+++ python/branches/py3k/Misc/NEWS Fri Jan 22 02:10:19 2010
@@ -610,6 +610,9 @@
- Issue #2389: Array objects are now pickled in a portable manner.
+- Expat: Fix DoS via XML document with malformed UTF-8 sequences
+ (CVE_2009_3560).
+
Build
-----
Modified: python/branches/py3k/Modules/expat/xmlparse.c
==============================================================================
--- python/branches/py3k/Modules/expat/xmlparse.c (original)
+++ python/branches/py3k/Modules/expat/xmlparse.c Fri Jan 22 02:10:19 2010
@@ -3682,6 +3682,9 @@
return XML_ERROR_UNCLOSED_TOKEN;
case XML_TOK_PARTIAL_CHAR:
return XML_ERROR_PARTIAL_CHAR;
+ case -XML_TOK_PROLOG_S:
+ tok = -tok;
+ break;
case XML_TOK_NONE:
#ifdef XML_DTD
/* for internal PE NOT referenced between declarations */
More information about the Python-checkins
mailing list