153aa9179Sopenharmony_ciFrom d9a8dab3a3ba980f1efc1366c1b9a3a2434dcabd Mon Sep 17 00:00:00 2001 253aa9179Sopenharmony_ciFrom: Nick Wellnhofer <wellnhofer@aevum.de> 353aa9179Sopenharmony_ciDate: Sun, 22 Jan 2023 12:00:59 +0100 453aa9179Sopenharmony_ciSubject: [PATCH] error: Don't move past current position 553aa9179Sopenharmony_ci 653aa9179Sopenharmony_ciMake sure that we never move past the current position in 753aa9179Sopenharmony_cixmlParserPrintFileContextInternal. 853aa9179Sopenharmony_ci 953aa9179Sopenharmony_ciFound with libFuzzer and -fsanitize=implicit-conversion. 1053aa9179Sopenharmony_ci 1153aa9179Sopenharmony_ciReference:https://github.com/GNOME/libxml2/commit/d9a8dab3a3ba980f1efc1366c1b9a3a2434dcabd 1253aa9179Sopenharmony_ciConflict:NA 1353aa9179Sopenharmony_ci--- 1453aa9179Sopenharmony_ci error.c | 8 +++++--- 1553aa9179Sopenharmony_ci 1 file changed, 5 insertions(+), 3 deletions(-) 1653aa9179Sopenharmony_ci 1753aa9179Sopenharmony_cidiff --git a/error.c b/error.c 1853aa9179Sopenharmony_ciindex fe9a7e2..5eee72a 100644 1953aa9179Sopenharmony_ci--- a/error.c 2053aa9179Sopenharmony_ci+++ b/error.c 2153aa9179Sopenharmony_ci@@ -188,10 +188,12 @@ xmlParserPrintFileContextInternal(xmlParserInputPtr input , 2253aa9179Sopenharmony_ci } 2353aa9179Sopenharmony_ci n = 0; 2453aa9179Sopenharmony_ci /* search backwards for beginning-of-line (to max buff size) */ 2553aa9179Sopenharmony_ci- while ((n++ < (sizeof(content)-1)) && (cur > base) && 2653aa9179Sopenharmony_ci- (*(cur) != '\n') && (*(cur) != '\r')) 2753aa9179Sopenharmony_ci+ while ((n < sizeof(content) - 1) && (cur > base) && 2853aa9179Sopenharmony_ci+ (*cur != '\n') && (*cur != '\r')) { 2953aa9179Sopenharmony_ci cur--; 3053aa9179Sopenharmony_ci- if ((*(cur) == '\n') || (*(cur) == '\r')) { 3153aa9179Sopenharmony_ci+ n++; 3253aa9179Sopenharmony_ci+ } 3353aa9179Sopenharmony_ci+ if ((n > 0) && ((*cur == '\n') || (*cur == '\r'))) { 3453aa9179Sopenharmony_ci cur++; 3553aa9179Sopenharmony_ci } else { 3653aa9179Sopenharmony_ci /* skip over continuation bytes */ 3753aa9179Sopenharmony_ci-- 3853aa9179Sopenharmony_ci2.27.0 3953aa9179Sopenharmony_ci 40