28 lines
864 B
Diff
28 lines
864 B
Diff
From a4c86a395ee447c59175c762af3d17f7107b2261 Mon Sep 17 00:00:00 2001
|
|
From: Sebastian Pipping <sebastian@pipping.org>
|
|
Date: Sun, 3 Mar 2024 02:19:58 +0100
|
|
Subject: [PATCH] lib/xmlparse.c: Reject directly recursive parameter entities
|
|
|
|
---
|
|
expat/lib/xmlparse.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/xmlparse.c b/expat/lib/xmlparse.c
|
|
index b884d82b..8e667fcb 100644
|
|
--- a/lib/xmlparse.c
|
|
+++ b/lib/xmlparse.c
|
|
@@ -6240,7 +6240,7 @@ storeEntityValue(XML_Parser parser, const ENCODING *enc,
|
|
dtd->keepProcessing = dtd->standalone;
|
|
goto endEntityValue;
|
|
}
|
|
- if (entity->open) {
|
|
+ if (entity->open || (entity == parser->m_declEntity)) {
|
|
if (enc == parser->m_encoding)
|
|
parser->m_eventPtr = entityTextPtr;
|
|
result = XML_ERROR_RECURSIVE_ENTITY_REF;
|
|
--
|
|
2.33.0
|
|
|
|
|
|
|