From: Simon Quigley <tsimonq2@debian.org>
Date: Tue, 26 May 2020 15:56:33 +0000 (+0100)
Subject: fix-CVE-2017-11692
X-Git-Tag: archive/raspbian/0.6.3-9+rpi1^2~8
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=59aa2bc80ce8b7c1000ab55ccb8416afde79e1fd;p=yaml-cpp.git

fix-CVE-2017-11692

commit c9460110e072df84b7dee3eb651f2ec5df75fb18
Author: Jesse Beder <jbeder@gmail.com>
Date:   Mon Jan 20 18:05:15 2020 -0600

    Fix reading empty token stack with a node with properties but no scalar.

    E.g. `!2`.


Gbp-Pq: Name fix-CVE-2017-11692.patch
---

diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp
index be82741..dd333b3 100644
--- a/src/singledocparser.cpp
+++ b/src/singledocparser.cpp
@@ -79,6 +79,12 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) {
   if (!anchor_name.empty())
     eventHandler.OnAnchor(mark, anchor_name);
 
+  // after parsing properties, an empty node is again a possibility
+  if (m_scanner.empty()) {
+    eventHandler.OnNull(mark, anchor);
+    return;
+  }
+
   const Token& token = m_scanner.peek();
 
   if (token.type == Token::PLAIN_SCALAR && IsNullString(token.value)) {
diff --git a/test/integration/load_node_test.cpp b/test/integration/load_node_test.cpp
index 4f4f28e..0e0dd6b 100644
--- a/test/integration/load_node_test.cpp
+++ b/test/integration/load_node_test.cpp
@@ -257,5 +257,10 @@ TEST(NodeTest, LoadTagWithParenthesis) {
     EXPECT_EQ(node.as<std::string>(), "foo");
 }
 
+TEST(NodeTest, LoadTagWithNullScalar) {
+  Node node = Load("!2");
+  EXPECT_TRUE(node.IsNull());
+}
+
 }  // namespace
 }  // namespace YAML