expat/SOURCES/expat-2.2.5-CVE-2024-45492....

commit 6fd04be3c2f7a2730c85b0eaf061549953161da3
Author: Tomas Korbar <tkorbar@redhat.com>
Date:   Wed Sep 11 15:12:38 2024 +0200

    Fix CVE-2024-45492
    
    https://github.com/libexpat/libexpat/pull/892

diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
index 6818c4e..698e907 100644
--- a/expat/lib/xmlparse.c
+++ b/expat/lib/xmlparse.c
@@ -7426,6 +7426,15 @@ nextScaffoldPart(XML_Parser parser)
   int next;
 
   if (!dtd->scaffIndex) {
+    /* Detect and prevent integer overflow.
+     * The preprocessor guard addresses the "always false" warning
+     * from -Wtype-limits on platforms where
+     * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */
+#if UINT_MAX >= SIZE_MAX
+    if (parser->m_groupSize > ((size_t)(-1) / sizeof(int))) {
+      return -1;
+    }
+#endif
     dtd->scaffIndex = (int *)MALLOC(parser, parser->m_groupSize * sizeof(int));
     if (!dtd->scaffIndex)
       return -1;
import expat-2.2.5-15.el8_10 5 months ago			`commit 6fd04be3c2f7a2730c85b0eaf061549953161da3`
			`Author: Tomas Korbar <tkorbar@redhat.com>`
			`Date: Wed Sep 11 15:12:38 2024 +0200`

			`Fix CVE-2024-45492`

			`https://github.com/libexpat/libexpat/pull/892`

			`diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c`
			`index 6818c4e..698e907 100644`
			`--- a/expat/lib/xmlparse.c`
			`+++ b/expat/lib/xmlparse.c`
			`@@ -7426,6 +7426,15 @@ nextScaffoldPart(XML_Parser parser)`
			`int next;`

			`if (!dtd->scaffIndex) {`
			`+ /* Detect and prevent integer overflow.`
			`+ * The preprocessor guard addresses the "always false" warning`
			`+ * from -Wtype-limits on platforms where`
			`+ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */`
			`+#if UINT_MAX >= SIZE_MAX`
			`+ if (parser->m_groupSize > ((size_t)(-1) / sizeof(int))) {`
			`+ return -1;`
			`+ }`
			`+#endif`
			`dtd->scaffIndex = (int )MALLOC(parser, parser->m_groupSize sizeof(int));`
			`if (!dtd->scaffIndex)`
			`return -1;`