summaryrefslogtreecommitdiff
path: root/backport-CVE-2025-7519.patch
diff options
context:
space:
mode:
Diffstat (limited to 'backport-CVE-2025-7519.patch')
-rw-r--r--backport-CVE-2025-7519.patch27
1 files changed, 27 insertions, 0 deletions
diff --git a/backport-CVE-2025-7519.patch b/backport-CVE-2025-7519.patch
new file mode 100644
index 0000000..afd77da
--- /dev/null
+++ b/backport-CVE-2025-7519.patch
@@ -0,0 +1,27 @@
+From 107d3801361b9f9084f78710178e683391f1d245 Mon Sep 17 00:00:00 2001
+From: Jan Rybar <jrybar@redhat.com>
+Date: Fri, 6 Jun 2025 13:25:55 +0200
+Subject: [PATCH] Nested .policy files cause xml parsing overflow leading to
+ crash
+
+---
+ src/polkitbackend/polkitbackendactionpool.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
+index 43f89cb9..f4acca9d 100644
+--- a/src/polkitbackend/polkitbackendactionpool.c
++++ b/src/polkitbackend/polkitbackendactionpool.c
+@@ -739,6 +739,12 @@ _start (void *data, const char *el, const char **attr)
+ guint num_attr;
+ ParserData *pd = data;
+
++ if (pd->stack_depth < 0 || pd->stack_depth >= PARSER_MAX_DEPTH)
++ {
++ g_warning ("XML parsing reached max depth?");
++ goto error;
++ }
++
+ for (num_attr = 0; attr[num_attr] != NULL; num_attr++)
+ ;
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-11 00:48:35 +0000