diff options
author | Nikias Bassen | 2017-01-02 00:20:15 +0100 |
---|---|---|
committer | Nikias Bassen | 2017-01-02 00:20:15 +0100 |
commit | 7a3ce8da05c3ce93121676e286ab4d40305b21bb (patch) | |
tree | 9e388e931d8501ef519360249061d6b287cecee2 /src | |
parent | 3abf4ffb312f1ebb040e0389f4409312e0539426 (diff) | |
download | libplist-7a3ce8da05c3ce93121676e286ab4d40305b21bb.tar.gz libplist-7a3ce8da05c3ce93121676e286ab4d40305b21bb.tar.bz2 |
xplist: Make sure to error out when encountering empty/incomplete entities
Diffstat (limited to 'src')
-rw-r--r-- | src/xplist.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/xplist.c b/src/xplist.c index b1bdd46..a7d0722 100644 --- a/src/xplist.c +++ b/src/xplist.c @@ -640,7 +640,8 @@ static int unescape_entities(char *str, size_t *length) i++; } if (i >= len) { - break; + PLIST_XML_ERR("Invalid entity sequence encountered (missing terminating ';')\n"); + return -1; } if (str+i >= entp+1) { int entlen = str+i - entp; @@ -714,6 +715,9 @@ static int unescape_entities(char *str, size_t *length) i -= entlen+1 - bytelen; len -= entlen+2 - bytelen; continue; + } else { + PLIST_XML_ERR("Invalid empty entity sequence &;\n"); + return -1; } } i++; |