mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-15 23:29:56 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

CVE-2024-45492

Browse source
This commit is contained in:
KIMDONGYEON00 2025-07-15 01:50:17 +09:00 committed by GitHub
parent 190e956e01
commit 646e27faa9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
third_party/python/Modules/expat/xmlparse.c vendored
View file

@ -6145,6 +6145,15 @@ static int nextScaffoldPart(XML_Parser parser) {
int next; int next;
if (!dtd->scaffIndex) { if (!dtd->scaffIndex) {
/* Detect and prevent integer overflow.
* The preprocessor guard addresses the "always false" warning
* from -Wtype-limits on platforms where
* sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
#if UINT_MAX >= SIZE_MAX
if (parser->m_groupSize > ((size_t)(-1) / sizeof(int))) {
return -1;
}
#endif
dtd->scaffIndex = (int *)MALLOC(parser, parser->m_groupSize * sizeof(int)); dtd->scaffIndex = (int *)MALLOC(parser, parser->m_groupSize * sizeof(int));
if (!dtd->scaffIndex) return -1; if (!dtd->scaffIndex) return -1;
dtd->scaffIndex[0] = 0; dtd->scaffIndex[0] = 0;