[Sblim-commit] sfcb cimXmlParser.c, 1.37, 1.38 ChangeLog, 1.779, 1.780 NEWS, 1.697, 1.698

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/sblim/sfcb
In directory vz-cvs-3.sog:/tmp/cvs-serv26125

Modified Files:
	cimXmlParser.c ChangeLog NEWS 
Log Message:
[ 3535313 ] xmlUnescape may access memory beyond its buffer

Index: NEWS
===================================================================
RCS file: /cvsroot/sblim/sfcb/NEWS,v
retrieving revision 1.697
retrieving revision 1.698
diff -u -d -r1.697 -r1.698

--- NEWS	13 Jun 2012 21:21:09 -0000	1.697
+++ NEWS	14 Jun 2012 23:43:20 -0000	1.698
@@ -27,6 +27,7 @@
 - 3527620 EnumerateClasses does not include qualifiers by default
 - 3532951 Filter creation fails with disable default properties
 - 3533179 Double definition for union semun  in FreeBSD
+- 3535313 xmlUnescape may access memory beyond its buffer
 
 Changes in 1.3.14
 =================

Index: cimXmlParser.c
===================================================================
RCS file: /cvsroot/sblim/sfcb/cimXmlParser.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- cimXmlParser.c	11 Feb 2012 19:43:32 -0000	1.37
+++ cimXmlParser.c	14 Jun 2012 23:43:20 -0000	1.38
@@ -359,7 +359,7 @@
         // we didn't do anything, return 0
         return 0;
     }
-    if (semiloc-buf > MAX_UNESC_CHAR_LEN) 
+    if (semiloc-buf >= MAX_UNESC_CHAR_LEN) 
     {
         // if there's more than 10 characters in the unescaped string, then
         // it is either not an escaped char or it is malformed...  just return

Index: ChangeLog
===================================================================
RCS file: /cvsroot/sblim/sfcb/ChangeLog,v
retrieving revision 1.779
retrieving revision 1.780
diff -u -d -r1.779 -r1.780
--- ChangeLog	13 Jun 2012 21:21:08 -0000	1.779
+++ ChangeLog	14 Jun 2012 23:43:20 -0000	1.780
@@ -1,3 +1,8 @@
+2012-06-14  Chris Buccella  <buc...@li...>
+
+	* cimXmlParser.c:
+	[ 3535313 ] xmlUnescape may access memory beyond its buffer
+
 2012-06-13  Narasimha Sharoff  <nsh...@us...>
 
 	* cimslpCMPI.c, cimXmlGen.c, cimXmlGen.h, cimXmlRequest.c,



