1From a6df42e649acacb55be832222d1f3f50c66720ff Mon Sep 17 00:00:00 2001 2From: David Kilzer <ddkilzer@apple.com> 3Date: Sat, 28 May 2022 08:08:29 -0700 4Subject: [PATCH 296/300] Fix integer overflow in xmlBufferDump() 5 6* tree.c: 7(xmlBufferDump): 8- Cap the return value to INT_MAX. 9 10Reference:https://github.com/GNOME/libxml2/commit/a6df42e649acacb55be832222d1f3f50c66720ff 11Conflict:NA 12 13--- 14 tree.c | 4 ++-- 15 1 file changed, 2 insertions(+), 2 deletions(-) 16 17diff --git a/tree.c b/tree.c 18index 0cf2483..3dff195 100644 19--- a/tree.c 20+++ b/tree.c 21@@ -7380,7 +7380,7 @@ xmlBufferGrow(xmlBufferPtr buf, unsigned int len) { 22 */ 23 int 24 xmlBufferDump(FILE *file, xmlBufferPtr buf) { 25- int ret; 26+ size_t ret; 27 28 if (buf == NULL) { 29 #ifdef DEBUG_BUFFER 30@@ -7399,7 +7399,7 @@ xmlBufferDump(FILE *file, xmlBufferPtr buf) { 31 if (file == NULL) 32 file = stdout; 33 ret = fwrite(buf->content, sizeof(xmlChar), buf->use, file); 34- return(ret); 35+ return(ret > INT_MAX ? INT_MAX : (int)ret); 36 } 37 38 /** 39-- 402.27.0 41 42