$NetBSD$

deal with CVE-2009-2625.

--- src/expat/lib/xmltok_impl.c.orig	2009-03-06 12:17:57.000000000 +0000
+++ src/expat/lib/xmltok_impl.c
@@ -1741,7 +1741,7 @@ PREFIX(updatePosition)(const ENCODING *e
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \