From cc46bf4ecb4a9b79f4a11d08a68b09e6871dc1a6 Mon Sep 17 00:00:00 2001
From: Slávek Banko <slavek.banko@axis.cz>
Date: Mon, 9 Mar 2015 22:30:32 +0100
Subject: Fix security issue CVE-2013-4549 [taken from RedHat Qt3 patches]

---
 src/xml/ntqxml.h | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'src/xml/ntqxml.h')

diff --git a/src/xml/ntqxml.h b/src/xml/ntqxml.h
index cc4d23910..f729b6abc 100644
--- a/src/xml/ntqxml.h
+++ b/src/xml/ntqxml.h
@@ -307,6 +307,12 @@ private:
 
     TQXmlSimpleReaderPrivate* d;
 
+    // The limit to the amount of times the DTD parsing functions can be called
+    // for the DTD currently being parsed.
+    static const uint dtdRecursionLimit = 2U;
+    // The maximum amount of characters an entity value may contain, after expansion.
+    static const uint entityCharacterLimit = 65536U;
+
     const TQString &string();
     void stringClear();
     inline void stringAddC() { stringAddC(c); }
@@ -378,6 +384,7 @@ private:
     void unexpectedEof( ParseFunction where, int state );
     void parseFailed( ParseFunction where, int state );
     void pushParseState( ParseFunction function, int state );
+    bool isExpandedEntityValueTooLarge(TQString *errorMessage);
 
     void setUndefEntityInAttrHack(bool b);
 
-- 
cgit v1.2.3