We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 166f808 commit b8ec8a4Copy full SHA for b8ec8a4
Misc/NEWS
@@ -12,7 +12,8 @@ What's New in Python 2.5.5c2?
12
Extension Modules
13
-----------------
14
15
-- Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).
+- expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560).
16
+- expat: Fix DoS via malformed XML (CVE-2009-3720).
17
18
19
What's New in Python 2.5.5c1?
Modules/expat/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *enc,
1741
const char *end,
1742
POSITION *pos)
1743
{
1744
- while (ptr != end) {
+ while (ptr < end) {
1745
switch (BYTE_TYPE(enc, ptr)) {
1746
#define LEAD_CASE(n) \
1747
case BT_LEAD ## n: \
0 commit comments