rpms/libxml2
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix CVE-2019-20388 (#1799736)

Browse Source
This commit is contained in:
David King 2020-02-10 16:08:44 +00:00
parent 614242a7b1
commit b5284f318d
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
libxml2-2.9.10-CVE-2019-20388.patch Normal file
View File

@ -0,0 +1,33 @@
From 6088a74bcf7d0c42e24cff4594d804e1d3c9fbca Mon Sep 17 00:00:00 2001
From: Zhipeng Xie <xiezhipeng1@huawei.com>
Date: Tue, 20 Aug 2019 16:33:06 +0800
Subject: [PATCH] Fix memory leak in xmlSchemaValidateStream
When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun
alloc a new schema for ctxt->schema and set vctxt->xsiAssemble
to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize
vctxt->xsiAssemble to 0 again which cause the alloced schema
can not be freed anymore.
Found with libFuzzer.
Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>
---
xmlschemas.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/xmlschemas.c b/xmlschemas.c
index 301c8449..39d92182 100644
--- a/xmlschemas.c
+++ b/xmlschemas.c
@@ -28090,7 +28090,6 @@ xmlSchemaPreRun(xmlSchemaValidCtxtPtr vctxt) {
vctxt->nberrors = 0;
vctxt->depth = -1;
vctxt->skipDepth = -1;
- vctxt->xsiAssemble = 0;
vctxt->hasKeyrefs = 0;
#ifdef ENABLE_IDC_NODE_TABLES_TEST
vctxt->createIDCNodeTables = 1;
--
2.24.1

7
libxml2.spec
View File

@ -1,6 +1,6 @@
Name: libxml2 Name: libxml2
Version: 2.9.10 Version: 2.9.10
Release: 3%{?dist} Release: 4%{?dist}
Summary: Library providing XML and HTML support Summary: Library providing XML and HTML support
License: MIT License: MIT
@ -11,6 +11,8 @@ Patch0: libxml2-multilib.patch
# See: https://bugzilla.gnome.org/show_bug.cgi?id=789714 # See: https://bugzilla.gnome.org/show_bug.cgi?id=789714
Patch1: libxml2-2.9.8-python3-unicode-errors.patch Patch1: libxml2-2.9.8-python3-unicode-errors.patch
Patch2: https://gitlab.gnome.org/GNOME/libxml2/commit/0815302dee2b78139832c2080348086a0564836b.patch#/fix-relaxed-approach-to-nested-documents.patch Patch2: https://gitlab.gnome.org/GNOME/libxml2/commit/0815302dee2b78139832c2080348086a0564836b.patch#/fix-relaxed-approach-to-nested-documents.patch
# https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68
Patch3: libxml2-2.9.10-CVE-2019-20388.patch
BuildRequires: gcc BuildRequires: gcc
BuildRequires: make BuildRequires: make
@ -139,6 +141,9 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz
%{python3_sitearch}/libxml2mod.so %{python3_sitearch}/libxml2mod.so
%changelog %changelog
* Mon Feb 10 2020 David King <amigadave@amigadave.com> - 2.9.10-4
- Fix CVE-2019-20388 (#1799736)
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.10-3 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.10-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild