qt/qt-everywhere-opensource-src-4.8.5-QTBUG-35459.patch
Kevin Kofler 97c30bc66d fix QTBUG-35459 and fix QTBUG-35460
* Mon Jan 13 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 4.8.5-14
- fix QTBUG-35459 (too low entityCharacterLimit=1024 for CVE-2013-4549)
- fix QTBUG-35460 (error message for CVE-2013-4549 is misspelled)
2014-01-13 21:01:51 +01:00

13 lines
721 B
Diff

diff -ur qt-everywhere-opensource-src-4.8.5-CVE-2013-4549/src/xml/sax/qxml.cpp qt-everywhere-opensource-src-4.8.5-QTBUG-35459/src/xml/sax/qxml.cpp
--- qt-everywhere-opensource-src-4.8.5-CVE-2013-4549/src/xml/sax/qxml.cpp 2013-12-05 19:23:33.000000000 +0100
+++ qt-everywhere-opensource-src-4.8.5-QTBUG-35459/src/xml/sax/qxml.cpp 2014-01-13 20:13:59.000000000 +0100
@@ -428,7 +428,7 @@
// for the DTD currently being parsed.
static const int dtdRecursionLimit = 2;
// The maximum amount of characters an entity value may contain, after expansion.
- static const int entityCharacterLimit = 1024;
+ static const int entityCharacterLimit = 65536;
const QString &string();
void stringClear();