1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
Description: Remove invalid simple key assertion
CVE-2014-9130: denial-of-service/application crash with untrusted
yaml input.
Origin: upstream, https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
Bug: https://bitbucket.org/xi/libyaml/issue/10/wrapped-strings-cause-assert-failure
Bug-Debian: https://bugs.debian.org/771365
Forwarded: no
Author: Salvatore Bonaccorso <carnil@debian.org>
Last-Update: 2014-11-29
Index: libyaml-libyaml-perl-0.33/LibYAML/scanner.c
===================================================================
--- libyaml-libyaml-perl-0.33.orig/LibYAML/scanner.c 2014-12-14 13:46:11.000000000 +0100
+++ libyaml-libyaml-perl-0.33/LibYAML/scanner.c 2014-12-14 13:46:11.000000000 +0100
@@ -1106,13 +1106,6 @@
&& parser->indent == (ptrdiff_t)parser->mark.column);
/*
- * A simple key is required only when it is the first token in the current
- * line. Therefore it is always allowed. But we add a check anyway.
- */
-
- assert(parser->simple_key_allowed || !required); /* Impossible. */
-
- /*
* If the current position may start a simple key, save it.
*/
|
