shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-03-31 06:50:06 +03:00
Code

malloc-fail: Fix infinite loop in htmlParseDocTypeDecl

Browse Source 
Found with libFuzzer, see #344.
This commit is contained in:
Nick Wellnhofer 2023-02-16 15:09:02 +01:00
parent 041789d9ec
commit 15b0ed0815
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
HTMLparser.c
View File

@ -3706,7 +3706,8 @@ htmlParseDocTypeDecl(htmlParserCtxtPtr ctxt) {
htmlParseErr(ctxt, XML_ERR_DOCTYPE_NOT_FINISHED,
"DOCTYPE improperly terminated\n", NULL, NULL);
/* Ignore bogus content */
while ((CUR != 0) && (CUR != '>'))
while ((CUR != 0) && (CUR != '>') &&
(ctxt->instate != XML_PARSER_EOF))
NEXT;
}
if (CUR == '>')