1From 5d55315e32b34af7070d38060ccf9a60941b9696 Mon Sep 17 00:00:00 2001 2From: Nick Wellnhofer <wellnhofer@aevum.de> 3Date: Sat, 18 Feb 2023 17:29:07 +0100 4Subject: [PATCH] parser: Fix OOB read when formatting error message 5 6Don't try to print characters beyond the end of the buffer. 7 8Found by OSS-Fuzz. 9 10Reference:https://github.com/GNOME/libxml2/commit/5d55315e32b34af7070d38060ccf9a60941b9696 11Conflict:NA 12--- 13 parser.c | 6 +++++- 14 1 file changed, 5 insertions(+), 1 deletion(-) 15 16diff --git a/parser.c b/parser.c 17index 37d7dec..c276a1a 100644 18--- a/parser.c 19+++ b/parser.c 20@@ -12162,7 +12162,11 @@ done: 21 #endif 22 return(ret); 23 encoding_error: 24- { 25+ if (ctxt->input->end - ctxt->input->cur < 4) { 26+ __xmlErrEncoding(ctxt, XML_ERR_INVALID_CHAR, 27+ "Input is not proper UTF-8, indicate encoding !\n", 28+ NULL, NULL); 29+ } else { 30 char buffer[150]; 31 32 snprintf(buffer, 149, "Bytes: 0x%02X 0x%02X 0x%02X 0x%02X\n", 33-- 342.27.0 35 36