From b0975cb73a41869fbecf0fa55afd35b69b64cc50 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Thu, 26 Oct 2023 00:47:52 +0200
Subject: [PATCH] lib: Fail the build if XML_GE is not set to 1 or 0

CVE: CVE-2023-52426
Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/b0975cb73a41869fbecf0fa55afd35b69b64cc50]

Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
 lib/xmlparse.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/xmlparse.c b/lib/xmlparse.c
index e23441e..ac3efe1 100644
--- a/lib/xmlparse.c
+++ b/lib/xmlparse.c
@@ -62,6 +62,14 @@

 #include <expat_config.h>

+#if ! defined(XML_GE) || (1 - XML_GE - 1 == 2) || (XML_GE < 0) || (XML_GE > 1)
+#  error XML_GE (for general entities) must be defined, non-empty, either 1 or 0 (0 to disable, 1 to enable; 1 is a common default)
+#endif
+
+#if defined(XML_DTD) && XML_GE == 0
+#  error Either undefine XML_DTD or define XML_GE to 1.
+#endif
+
 #if ! defined(_GNU_SOURCE)
 #  define _GNU_SOURCE 1 /* syscall prototype */
 #endif
--
2.40.0