Fixes CVE-2014-9130 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130 Upstream source: https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2 # HG changeset patch # User Kirill Simonov # Date 1417197312 21600 # Node ID 2b9156756423e967cfd09a61d125d883fca6f4f2 # Parent 053f53a381ff6adbbc93a31ab7fdee06a16c8a33 Removed invalid simple key assertion (thank to Jonathan Gray). diff --git a/src/scanner.c b/src/scanner.c --- a/src/scanner.c +++ b/src/scanner.c @@ -1106,13 +1106,6 @@ && parser->indent == (ptrdiff_t)parser->mark.column); /* - * A simple key is required only when it is the first token in the current - * line. Therefore it is always allowed. But we add a check anyway. - */ - - assert(parser->simple_key_allowed || !required); /* Impossible. */ - - /* * If the current position may start a simple key, save it. */