thunderbird/SOURCES/expat-CVE-2022-25235.patch

diff -up thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok.c
--- thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235	2022-03-02 17:57:38.364361168 +0100
+++ thunderbird-91.7.0/parser/expat/lib/xmltok.c	2022-03-02 17:58:22.235512399 +0100
@@ -65,13 +65,6 @@
                       + ((((byte)[2]) >> 5) & 1)] \
          & (1u << (((byte)[2]) & 0x1F)))
 
-#define UTF8_GET_NAMING(pages, p, n) \
-  ((n) == 2 \
-  ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \
-  : ((n) == 3 \
-     ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) \
-     : 0))
-
 /* Detection of invalid UTF-8 sequences is based on Table 3.1B
    of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/
    with the additional restriction of not allowing the Unicode
diff -up thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c
--- thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235	2022-03-02 17:57:38.365361172 +0100
+++ thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c	2022-03-02 18:04:51.240853247 +0100
@@ -34,7 +34,7 @@
    case BT_LEAD ## n: \
      if (end - ptr < n) \
        return XML_TOK_PARTIAL_CHAR; \
-     if (!IS_NAME_CHAR(enc, ptr, n)) { \
+     if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \
        *nextTokPtr = ptr; \
        return XML_TOK_INVALID; \
      } \
@@ -62,7 +62,7 @@
    case BT_LEAD ## n: \
      if (end - ptr < n) \
        return XML_TOK_PARTIAL_CHAR; \
-     if (!IS_NMSTRT_CHAR(enc, ptr, n)) { \
+     if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \
        *nextTokPtr = ptr; \
        return XML_TOK_INVALID; \
      } \
@@ -1090,6 +1090,10 @@ PREFIX(prologTok)(const ENCODING *enc, c
   case BT_LEAD ## n: \
     if (end - ptr < n) \
       return XML_TOK_PARTIAL_CHAR; \
+    if (IS_INVALID_CHAR(enc, ptr, n)) {                                        \
+      *nextTokPtr = ptr;                                                       \
+      return XML_TOK_INVALID;                                                  \
+    }                                                                          \
     if (IS_NMSTRT_CHAR(enc, ptr, n)) { \
       ptr += n; \
       tok = XML_TOK_NAME; \
import thunderbird-91.7.0-2.el8_5 2022-03-14 09:50:10 +00:00			`diff -up thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok.c`
			`--- thunderbird-91.7.0/parser/expat/lib/xmltok.c.expat-CVE-2022-25235 2022-03-02 17:57:38.364361168 +0100`
			`+++ thunderbird-91.7.0/parser/expat/lib/xmltok.c 2022-03-02 17:58:22.235512399 +0100`
			`@@ -65,13 +65,6 @@`
			`+ ((((byte)[2]) >> 5) & 1)] \`
			`& (1u << (((byte)[2]) & 0x1F)))`

			`-#define UTF8_GET_NAMING(pages, p, n) \`
			`- ((n) == 2 \`
			`- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \`
			`- : ((n) == 3 \`
			`- ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) \`
			`- : 0))`
			`-`
			`/* Detection of invalid UTF-8 sequences is based on Table 3.1B`
			`of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/`
			`with the additional restriction of not allowing the Unicode`
			`diff -up thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c`
			`--- thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c.expat-CVE-2022-25235 2022-03-02 17:57:38.365361172 +0100`
			`+++ thunderbird-91.7.0/parser/expat/lib/xmltok_impl.c 2022-03-02 18:04:51.240853247 +0100`
			`@@ -34,7 +34,7 @@`
			`case BT_LEAD ## n: \`
			`if (end - ptr < n) \`
			`return XML_TOK_PARTIAL_CHAR; \`
			`- if (!IS_NAME_CHAR(enc, ptr, n)) { \`
			`+ if (IS_INVALID_CHAR(enc, ptr, n) \|\| ! IS_NAME_CHAR(enc, ptr, n)) { \`
			`*nextTokPtr = ptr; \`
			`return XML_TOK_INVALID; \`
			`} \`
			`@@ -62,7 +62,7 @@`
			`case BT_LEAD ## n: \`
			`if (end - ptr < n) \`
			`return XML_TOK_PARTIAL_CHAR; \`
			`- if (!IS_NMSTRT_CHAR(enc, ptr, n)) { \`
			`+ if (IS_INVALID_CHAR(enc, ptr, n) \|\| ! IS_NMSTRT_CHAR(enc, ptr, n)) { \`
			`*nextTokPtr = ptr; \`
			`return XML_TOK_INVALID; \`
			`} \`
			`@@ -1090,6 +1090,10 @@ PREFIX(prologTok)(const ENCODING *enc, c`
			`case BT_LEAD ## n: \`
			`if (end - ptr < n) \`
			`return XML_TOK_PARTIAL_CHAR; \`
			`+ if (IS_INVALID_CHAR(enc, ptr, n)) { \`
			`+ *nextTokPtr = ptr; \`
			`+ return XML_TOK_INVALID; \`
			`+ } \`
			`if (IS_NMSTRT_CHAR(enc, ptr, n)) { \`
			`ptr += n; \`
			`tok = XML_TOK_NAME; \`