Fix CVE-2021-3537 (#1957285)
Resolves: #1957285 Resolves: CVE-2021-3537
This commit is contained in:
David King
parent
86430a8e54
commit
8431385faa
44
libxml2-2.9.10-CVE-2021-3537.patch
Normal file
44
libxml2-2.9.10-CVE-2021-3537.patch
Normal file
@ -0,0 +1,44 @@
|
||||
From babe75030c7f64a37826bb3342317134568bef61 Mon Sep 17 00:00:00 2001
|
||||
From: Nick Wellnhofer <wellnhofer@aevum.de>
|
||||
Date: Sat, 1 May 2021 16:53:33 +0200
|
||||
Subject: [PATCH] Propagate error in xmlParseElementChildrenContentDeclPriv
|
||||
|
||||
Check return value of recursive calls to
|
||||
xmlParseElementChildrenContentDeclPriv and return immediately in case
|
||||
of errors. Otherwise, struct xmlElementContent could contain unexpected
|
||||
null pointers, leading to a null deref when post-validating documents
|
||||
which aren't well-formed and parsed in recovery mode.
|
||||
|
||||
Fixes #243.
|
||||
---
|
||||
parser.c | 7 +++++++
|
||||
1 file changed, 7 insertions(+)
|
||||
|
||||
diff --git a/parser.c b/parser.c
|
||||
index b42e6043..73c27edd 100644
|
||||
--- a/parser.c
|
||||
+++ b/parser.c
|
||||
@@ -6208,6 +6208,8 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
|
||||
SKIP_BLANKS;
|
||||
cur = ret = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
|
||||
depth + 1);
|
||||
+ if (cur == NULL)
|
||||
+ return(NULL);
|
||||
SKIP_BLANKS;
|
||||
GROW;
|
||||
} else {
|
||||
@@ -6341,6 +6343,11 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
|
||||
SKIP_BLANKS;
|
||||
last = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
|
||||
depth + 1);
|
||||
+ if (last == NULL) {
|
||||
+ if (ret != NULL)
|
||||
+ xmlFreeDocElementContent(ctxt->myDoc, ret);
|
||||
+ return(NULL);
|
||||
+ }
|
||||
SKIP_BLANKS;
|
||||
} else {
|
||||
elem = xmlParseName(ctxt);
|
||||
--
|
||||
GitLab
|
||||
|
||||
@ -28,6 +28,8 @@ Patch9: libxml2-2.9.10-CVE-2021-3516.patch
|
||||
Patch10: libxml2-2.9.10-CVE-2021-3517.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1957029
|
||||
Patch11: libxml2-2.9.10-CVE-2021-3518.patch
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1957285
|
||||
Patch12: libxml2-2.9.10-CVE-2021-3537.patch
|
||||
|
||||
BuildRequires: gcc
|
||||
BuildRequires: make
|
||||
@ -163,6 +165,7 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz
|
||||
- Fix CVE-2021-3516 (#1956969)
|
||||
- Fix CVE-2021-3517 (#1957002)
|
||||
- Fix CVE-2021-3518 (#1957029)
|
||||
- Fix CVE-2021-3537 (#1957285)
|
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.9.10-11
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
Loading…
Reference in New Issue
Block a user