Version in base suite: 2.6.2-4

Base version: tinyxml_2.6.2-4
Target version: tinyxml_2.6.2-4+deb11u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/t/tinyxml/tinyxml_2.6.2-4.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/t/tinyxml/tinyxml_2.6.2-4+deb11u1.dsc

 changelog                    |    7 +++++++
 patches/CVE-2021-42260.patch |   23 +++++++++++++++++++++++
 patches/series               |    1 +
 3 files changed, 31 insertions(+)

diff -Nru tinyxml-2.6.2/debian/changelog tinyxml-2.6.2/debian/changelog
--- tinyxml-2.6.2/debian/changelog	2016-10-20 18:36:11.000000000 +0000
+++ tinyxml-2.6.2/debian/changelog	2022-10-20 14:32:51.000000000 +0000
@@ -1,3 +1,10 @@
+tinyxml (2.6.2-4+deb11u1) bullseye; urgency=medium
+
+  * Import fix for CVE-2021-42260.
+    - Add CVE-2021-42260.patch
+
+ -- Felix Geyer <fgeyer@debian.org>  Thu, 20 Oct 2022 16:32:51 +0200
+
 tinyxml (2.6.2-4) unstable; urgency=medium
 
   [ Helmut Grohne ]
diff -Nru tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch
--- tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch	1970-01-01 00:00:00.000000000 +0000
+++ tinyxml-2.6.2/debian/patches/CVE-2021-42260.patch	2022-10-20 14:31:07.000000000 +0000
@@ -0,0 +1,23 @@
+Description: In stamp always advance the pointer if *p= 0xef
+ .
+ The current implementation only advanced if 0xef is followed
+ by two non-zero bytes. In case of malformed input (0xef should be
+ the start byte of a three byte character) this leads to an infinite
+ loop. (CVE-2021-42260)
+Origin: https://sourceforge.net/p/tinyxml/git/merge-requests/1/
+
+--- a/tinyxmlparser.cpp
++++ b/tinyxmlparser.cpp
+@@ -274,6 +274,12 @@ void TiXmlParsingData::Stamp( const char* now, TiXmlEncoding encoding )
+ 						else
+ 							{ p +=3; ++col; }	// A normal character.
+ 					}
++					else
++					{
++						// TIXML_UTF_LEAD_0 (239) is the start character of a 3 byte sequence, so
++						// there is something wrong here. Just advance the pointer to evade infinite loops
++						++p;
++					}
+ 				}
+ 				else
+ 				{
diff -Nru tinyxml-2.6.2/debian/patches/series tinyxml-2.6.2/debian/patches/series
--- tinyxml-2.6.2/debian/patches/series	2011-05-19 08:42:07.000000000 +0000
+++ tinyxml-2.6.2/debian/patches/series	2022-10-20 14:32:49.000000000 +0000
@@ -1,2 +1,3 @@
 enforce-use-stl.patch
 entity-encoding.patch
+CVE-2021-42260.patch