sources/poky/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32053.patch

From 819dbc0fcf174b8182cdb279f7be15ea1cde649f Mon Sep 17 00:00:00 2001
From: Ar Jun <pkillarjun@protonmail.com>
Date: Mon, 18 Nov 2024 14:59:51 -0600
Subject: [PATCH] Fix heap buffer overflow in
 soup-content-sniffer.c:sniff_feed_or_html()

CVE: CVE-2025-32053
Upstream-Status: Backport
[https://gitlab.gnome.org/GNOME/libsoup/-/commit/eaed42ca8d40cd9ab63764e3d63641180505f40a]

Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
 libsoup/content-sniffer/soup-content-sniffer.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c
index 2351c3f..23d5aaa 100644
--- a/libsoup/content-sniffer/soup-content-sniffer.c
+++ b/libsoup/content-sniffer/soup-content-sniffer.c
@@ -646,7 +646,7 @@ skip_insignificant_space (const char *resource, int *pos, int resource_length)
 	       (resource[*pos] == '\x0D')) {
 		*pos = *pos + 1;
 
-		if (*pos > resource_length)
+		if (*pos >= resource_length)
 			return TRUE;
 	}
 
@@ -709,7 +709,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, GBytes *buffer)
 		do {
 			pos++;
 
-			if (pos > resource_length)
+			if ((pos + 1) > resource_length)
 				goto text_html;
 		} while (resource[pos] != '>');
 
-- 
2.34.1
Complete Yocto mirror with license table for TQMa6UL (2038-compliance) - 264 license table entries with exact download URLs (224/264 resolved) - Complete sources/ directory with all BitBake recipes - Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl) - Full traceability for Softwarefreigabeantrag - GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4 - License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16) 2026-03-01 20:58:18 +00:00			`From 819dbc0fcf174b8182cdb279f7be15ea1cde649f Mon Sep 17 00:00:00 2001`
			`From: Ar Jun <pkillarjun@protonmail.com>`
			`Date: Mon, 18 Nov 2024 14:59:51 -0600`
			`Subject: [PATCH] Fix heap buffer overflow in`
			`soup-content-sniffer.c:sniff_feed_or_html()`

			`CVE: CVE-2025-32053`
			`Upstream-Status: Backport`
			`[https://gitlab.gnome.org/GNOME/libsoup/-/commit/eaed42ca8d40cd9ab63764e3d63641180505f40a]`

			`Signed-off-by: Changqing Li <changqing.li@windriver.com>`
			`---`
			`libsoup/content-sniffer/soup-content-sniffer.c \| 4 ++--`
			`1 file changed, 2 insertions(+), 2 deletions(-)`

			`diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c`
			`index 2351c3f..23d5aaa 100644`
			`--- a/libsoup/content-sniffer/soup-content-sniffer.c`
			`+++ b/libsoup/content-sniffer/soup-content-sniffer.c`
			`@@ -646,7 +646,7 @@ skip_insignificant_space (const char resource, int pos, int resource_length)`
			`(resource[*pos] == '\x0D')) {`
			`pos = pos + 1;`

			`- if (*pos > resource_length)`
			`+ if (*pos >= resource_length)`
			`return TRUE;`
			`}`

			`@@ -709,7 +709,7 @@ sniff_feed_or_html (SoupContentSniffer sniffer, GBytes buffer)`
			`do {`
			`pos++;`

			`- if (pos > resource_length)`
			`+ if ((pos + 1) > resource_length)`
			`goto text_html;`
			`} while (resource[pos] != '>');`

			`--`
			`2.34.1`