Fix CVE-2022-24839

2022-04-24 11:30:16 +08:00 · 2022-04-24 11:30:16 +08:00 · 7e407e2ee0
commit 7e407e2ee0
parent 3f2cb28de8
2 changed files with 28 additions and 1 deletions
--- a/CVE-2022-24839.patch
+++ b/CVE-2022-24839.patch
@ -0,0 +1,22 @@
+From a800fce3b079def130ed42a408ff1d09f89e773d Mon Sep 17 00:00:00 2001
+From: Mike Dalessio <mike.dalessio@gmail.com>
+Date: Sun, 3 Apr 2022 19:03:39 -0400
+Subject: [PATCH] fix: ensure ill-formed PIs are parsed correctly
+
+---
+ src/org/cyberneko/html/HTMLScanner.java | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/org/cyberneko/html/HTMLScanner.java b/src/org/cyberneko/html/HTMLScanner.java
+index fe414a4..0519316 100644
+--- a/src/org/cyberneko/html/HTMLScanner.java
+++ b/src/org/cyberneko/html/HTMLScanner.java
+@@ -2588,7 +2588,7 @@ protected void scanPI() throws IOException {
+                     if (c == '?' || c == '/') {
+                         char c0 = (char)c;
+                         c = fCurrentEntity.read();
+-                        if (c == '>') {
+                        if (c == '>' || c == -1) {
+                             break;
+                         }
+                         fStringBuffer.append(c0);
--- a/nekohtml.spec
+++ b/nekohtml.spec
@ -1,6 +1,6 @@
 Name:           nekohtml
 Version:        1.9.22
-Release:        8
+Release:        9
 Summary:        HTML scanner and tag balancer
 License:        ASL 2.0
 URL:            http://nekohtml.sourceforge.net/
@ -9,6 +9,8 @@ Source1:        http://central.maven.org/maven2/net/sourceforge/nekohtml/nekohtm
 Patch0:         0001-Crosslink-javadoc.patch
 Patch1:         0002-Jar-paths.patch
 Patch2:         0003-Add-OSGi-attributes.patch
+# https://github.com/sparklemotion/nekohtml/commit/a800fce
+Patch3:         CVE-2022-24839.patch
 Requires:       bcel xerces-j2 >= 0:2.7.1 xml-commons-apis
 BuildRequires:  javapackages-local ant ant-junit bcel xerces-j2 >= 0:2.7.1 xerces-j2-javadoc xml-commons-apis
 BuildArch:      noarch
@ -62,5 +64,8 @@ export CLASSPATH=$(build-classpath bcel xerces-j2 xml-commons-apis)
 %{_javadocdir}/%{name}

 %changelog
+* Sun Apr 24 2022 wangkai <wangkai385@h-partners.com> - 1.9.22-9
+- Fix CVE-2022-24839
+
 * Thu Dec 7 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.9.22-8
 - Package init