Skip to content

fix(tinyxml2): CVE-2024-50614, CVE-2024-50615#2

Merged
Zeno-sole merged 2 commits into
masterfrom
fix/CVE-2024-50614-multi
May 28, 2026
Merged

fix(tinyxml2): CVE-2024-50614, CVE-2024-50615#2
Zeno-sole merged 2 commits into
masterfrom
fix/CVE-2024-50614-multi

Conversation

@deepin-ci-robot

@deepin-ci-robot deepin-ci-robot commented May 26, 2026

Copy link
Copy Markdown
Contributor

CVE 修复

CVE IDs: CVE-2024-50614, CVE-2024-50615

漏洞描述:

  • CVE-2024-50614: TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16 in tinyxml2.cpp XMLUtil::GetCharacterRef.
  • CVE-2024-50615: TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit in tinyxml2.cpp XMLUtil::GetCharacterRef.

修复方案: Backport upstream commit 494735de30c9

受影响版本: <= 10.0.0

当前版本: 9.0.0+dfsg-3

验证状态: quilt push 验证通过

Fix-Approach: patch backport
Generated by: CVE-Fixer Agent
Co-Authored-By: hudeng hudeng@deepin.org

@deepin-ci-robot @hudeng-go
fix(tinyxml2): CVE-2024-50614, CVE-2024-50615
fa4041e 
Fix potential overflow in char refs.

- CVE-2024-50614: reachable assertion for UINT_MAX/16 in GetCharacterRef
- CVE-2024-50615: reachable assertion for UINT_MAX/digit in GetCharacterRef

Upstream: leethomason/tinyxml2@494735de30c9
Generated-By: glm-5.1
Co-Authored-By: hudeng <hudeng@deepin.org>
@deepin-ci-robot deepin-ci-robot requested a review from myml May 26, 2026 15:37
@deepin-ci-robot

deepin-ci-robot commented May 26, 2026

Copy link
Copy Markdown
Contributor Author

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign qaqland for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@github-actions

github-actions Bot commented May 26, 2026

Copy link
Copy Markdown

TAG Bot

TAG: 9.0.0+dfsg-3deepin1
EXISTED: no
DISTRIBUTION: unstable

@deepin-ci-robot deepin-ci-robot force-pushed the fix/CVE-2024-50614-multi branch 4 times, most recently from 399b590 to c8d6205 Compare May 27, 2026 06:10
@deepin-ci-robot @hudeng-go
fix(tinyxml2): CVE-2024-50614/50615 - fix integer overflow in char refs
709bd6a 
Fix integer overflow vulnerability in XML character reference parsing.
The code could overflow when parsing large numeric character references.

- Use uint32_t instead of unsigned long for UCS values
- Add MAX_CODE_POINT check (0x10FFFF) to prevent overflow
- Remove unnecessary assertion checks that don't prevent overflow

Upstream: leethomason/tinyxml2@494735de30c9
Generated-By: glm-5.1
Co-Authored-By: hudeng <hudeng@deepin.org>
@deepin-ci-robot deepin-ci-robot force-pushed the fix/CVE-2024-50614-multi branch from c8d6205 to 709bd6a Compare May 27, 2026 06:51
@hudeng-go

hudeng-go commented May 27, 2026

Copy link
Copy Markdown
Contributor

/integrate

@deepin-community-ci-bot deepin-community-ci-bot Bot mentioned this pull request May 27, 2026
Open
@github-actions

github-actions Bot commented May 27, 2026

Copy link
Copy Markdown

AutoIntegrationPr Bot
auto integrate with pr url: deepin-community/Repository-Integration#4087
PrNumber: 4087
PrBranch: auto-integration-26499937920

@Zeno-sole Zeno-sole merged commit 6abe767 into master May 28, 2026
8 of 9 checks passed
@deepin-community-ci-bot deepin-community-ci-bot Bot mentioned this pull request May 28, 2026
Draft
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@myml myml Awaiting requested review from myml

Assignees

No one assigned

Labels

cve generated-by-ai

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@deepin-ci-robot @hudeng-go @Zeno-sole