97c30bc66d
* Mon Jan 13 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.8.5-14 - fix QTBUG-35459 (too low entityCharacterLimit=1024 for CVE-2013-4549) - fix QTBUG-35460 (error message for CVE-2013-4549 is misspelled)
13 lines
721 B
Diff
13 lines
721 B
Diff
diff -ur qt-everywhere-opensource-src-4.8.5-CVE-2013-4549/src/xml/sax/qxml.cpp qt-everywhere-opensource-src-4.8.5-QTBUG-35459/src/xml/sax/qxml.cpp
|
|
--- qt-everywhere-opensource-src-4.8.5-CVE-2013-4549/src/xml/sax/qxml.cpp 2013-12-05 19:23:33.000000000 +0100
|
|
+++ qt-everywhere-opensource-src-4.8.5-QTBUG-35459/src/xml/sax/qxml.cpp 2014-01-13 20:13:59.000000000 +0100
|
|
@@ -428,7 +428,7 @@
|
|
// for the DTD currently being parsed.
|
|
static const int dtdRecursionLimit = 2;
|
|
// The maximum amount of characters an entity value may contain, after expansion.
|
|
- static const int entityCharacterLimit = 1024;
|
|
+ static const int entityCharacterLimit = 65536;
|
|
|
|
const QString &string();
|
|
void stringClear();
|