|
Lines 11-16
Link Here
|
| 11 |
#include "libxml.h" |
11 |
#include "libxml.h" |
| 12 |
#include <stdlib.h> |
12 |
#include <stdlib.h> |
| 13 |
#include <string.h> |
13 |
#include <string.h> |
|
|
14 |
#include <limits.h> |
| 14 |
#include <libxml/xmlmemory.h> |
15 |
#include <libxml/xmlmemory.h> |
| 15 |
#include <libxml/tree.h> |
16 |
#include <libxml/tree.h> |
| 16 |
#include <libxml/parser.h> |
17 |
#include <libxml/parser.h> |
|
Lines 26-31
Link Here
|
| 26 |
#include <libxml/HTMLtree.h> |
27 |
#include <libxml/HTMLtree.h> |
| 27 |
#include <libxml/globals.h> |
28 |
#include <libxml/globals.h> |
| 28 |
|
29 |
|
|
|
30 |
/* Define SIZE_T_MAX unless defined through <limits.h>. */ |
| 31 |
#ifndef SIZE_T_MAX |
| 32 |
# define SIZE_T_MAX ((size_t)-1) |
| 33 |
#endif /* !SIZE_T_MAX */ |
| 34 |
|
| 29 |
/* #define DEBUG_SAX2 */ |
35 |
/* #define DEBUG_SAX2 */ |
| 30 |
/* #define DEBUG_SAX2_TREE */ |
36 |
/* #define DEBUG_SAX2_TREE */ |
| 31 |
|
37 |
|
|
Lines 2455-2463
xmlSAX2Characters(void *ctx, const xmlCh
Link Here
|
| 2455 |
(xmlDictOwns(ctxt->dict, lastChild->content))) { |
2461 |
(xmlDictOwns(ctxt->dict, lastChild->content))) { |
| 2456 |
lastChild->content = xmlStrdup(lastChild->content); |
2462 |
lastChild->content = xmlStrdup(lastChild->content); |
| 2457 |
} |
2463 |
} |
|
|
2464 |
if ((size_t)ctxt->nodelen > SIZE_T_MAX - (size_t)len || |
| 2465 |
(size_t)ctxt->nodemem + (size_t)len > SIZE_T_MAX / 2) { |
| 2466 |
xmlSAX2ErrMemory(ctxt, "xmlSAX2Characters overflow prevented"); |
| 2467 |
return; |
| 2468 |
} |
| 2458 |
if (ctxt->nodelen + len >= ctxt->nodemem) { |
2469 |
if (ctxt->nodelen + len >= ctxt->nodemem) { |
| 2459 |
xmlChar *newbuf; |
2470 |
xmlChar *newbuf; |
| 2460 |
int size; |
2471 |
size_t size; |
| 2461 |
|
2472 |
|
| 2462 |
size = ctxt->nodemem + len; |
2473 |
size = ctxt->nodemem + len; |
| 2463 |
size *= 2; |
2474 |
size *= 2; |
