diff options
author | Boris Kolpackov <boris@codesynthesis.com> | 2022-09-09 15:33:15 +0200 |
---|---|---|
committer | Boris Kolpackov <boris@codesynthesis.com> | 2022-09-09 15:33:15 +0200 |
commit | b998434099e615ed6222c3c63c050db0e0bd2bd1 (patch) | |
tree | 3fe55d809ce09d52b1715deafeba402543760e18 /libxsde/xsde/c/expat/expat.h | |
parent | 924ac19858a9afebba1809a0549395836d588b0c (diff) |
Import fixes for Expat security vulnerabilities
Specifically:
CVE-2022-25315
CVE-2022-25313
CVE-2022-25236
CVE-2022-25235
CVE-2022-23990
CVE-2022-23852
CVE-2022-22822-22827
CVE-2021-46143
CVE-2021-45960
Diffstat (limited to 'libxsde/xsde/c/expat/expat.h')
-rw-r--r-- | libxsde/xsde/c/expat/expat.h | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/libxsde/xsde/c/expat/expat.h b/libxsde/xsde/c/expat/expat.h index f61d3fe..1d01773 100644 --- a/libxsde/xsde/c/expat/expat.h +++ b/libxsde/xsde/c/expat/expat.h @@ -215,6 +215,17 @@ XML_ParserCreate(const XML_Char *encoding); and the local part will be concatenated without any separator. It is a programming error to use the separator '\0' with namespace triplets (see XML_SetReturnNSTriplet). + If a namespace separator is chosen that can be part of a URI or + part of an XML name, splitting an expanded name back into its + 1, 2 or 3 original parts on application level in the element handler + may end up vulnerable, so these are advised against; sane choices for + a namespace separator are e.g. '\n' (line feed) and '|' (pipe). + + Note that Expat does not validate namespace URIs (beyond encoding) + against RFC 3986 today (and is not required to do so with regard to + the XML 1.0 namespaces specification) but it may start doing that + in future releases. Before that, an application using Expat must + be ready to receive namespace URIs containing non-URI characters. */ XMLPARSEAPI(XML_Parser) XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator); |