From 162ad19cfcb15718195bfa0f8a7471b9678f33a4 Mon Sep 17 00:00:00 2001
From: Matthew Dillon <dillon@apollo.backplane.com>
Date: Tue, 23 Feb 2010 09:39:50 -0800
Subject: [PATCH] contrib/expat - Apply two vendor fixes for CVE-2009-3720.

Taken-from: FreeBSD
---
 contrib/expat/lib/xmlparse.c    | 1 -
 contrib/expat/lib/xmltok_impl.c | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/contrib/expat/lib/xmlparse.c b/contrib/expat/lib/xmlparse.c
index 94e31de9da..e111460d0a 100755
--- a/contrib/expat/lib/xmlparse.c
+++ b/contrib/expat/lib/xmlparse.c
@@ -3725,7 +3725,6 @@ doProlog(XML_Parser parser,
         return XML_ERROR_NO_ELEMENTS;
       default:
         tok = -tok;
-        next = end;
         break;
       }
     }
diff --git a/contrib/expat/lib/xmltok_impl.c b/contrib/expat/lib/xmltok_impl.c
index 1268819252..16dfb85f03 100755
--- a/contrib/expat/lib/xmltok_impl.c
+++ b/contrib/expat/lib/xmltok_impl.c
@@ -1744,7 +1744,7 @@ PREFIX(updatePosition)(const ENCODING *enc,
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \
-- 
2.41.0