# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
# http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmltok_impl.c?r1=1.13&r2=1.15&view=patch

--- xmltok_impl.c	2006/11/26 17:34:46	1.13
+++ xmltok_impl.c	2008/06/13 13:18:44	1.15
@@ -1744,7 +1744,7 @@
                        const char *end,
                        POSITION *pos)
 {
-  while (ptr != end) {
+  while (ptr < end) {
     switch (BYTE_TYPE(enc, ptr)) {
 #define LEAD_CASE(n) \
     case BT_LEAD ## n: \