diff options
author | Daniel Veillard <veillard@redhat.com> | 2015-04-14 17:41:48 +0800 |
---|---|---|
committer | Daniel Veillard <veillard@redhat.com> | 2015-04-14 17:41:48 +0800 |
commit | 213f1fe0d76d30eaed6e5853057defc43e6df2c9 (patch) | |
tree | 31a733dc047ef2ed98aab69d2ac38acac9442421 /include | |
parent | 8985cde70901c62d3f0f04da225e73b7344a52d7 (diff) | |
download | android_external_libxml2-213f1fe0d76d30eaed6e5853057defc43e6df2c9.tar.gz android_external_libxml2-213f1fe0d76d30eaed6e5853057defc43e6df2c9.tar.bz2 android_external_libxml2-213f1fe0d76d30eaed6e5853057defc43e6df2c9.zip |
CVE-2015-1819 Enforce the reader to run in constant memory
One of the operation on the reader could resolve entities
leading to the classic expansion issue. Make sure the
buffer used for xmlreader operation is bounded.
Introduce a new allocation type for the buffers for this effect.
Diffstat (limited to 'include')
-rw-r--r-- | include/libxml/tree.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/libxml/tree.h b/include/libxml/tree.h index 2f90717c..4a9b3bc6 100644 --- a/include/libxml/tree.h +++ b/include/libxml/tree.h @@ -76,7 +76,8 @@ typedef enum { XML_BUFFER_ALLOC_EXACT, /* grow only to the minimal size */ XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */ XML_BUFFER_ALLOC_IO, /* special allocation scheme used for I/O */ - XML_BUFFER_ALLOC_HYBRID /* exact up to a threshold, and doubleit thereafter */ + XML_BUFFER_ALLOC_HYBRID, /* exact up to a threshold, and doubleit thereafter */ + XML_BUFFER_ALLOC_BOUNDED /* limit the upper size of the buffer */ } xmlBufferAllocationScheme; /** |