29 lines
837 B
Diff
29 lines
837 B
Diff
From ea338a6ddc9b9e2699d4d15990832549156a92c0 Mon Sep 17 00:00:00 2001
|
|
From: Michael Mann <mmann78@netscape.net>
|
|
Date: Sat, 21 Jun 2025 12:11:30 -0400
|
|
Subject: [PATCH] Schematron: Fix null pointer dereference leading to DoS
|
|
|
|
(CVE-2025-49795)
|
|
|
|
Fixes #932
|
|
---
|
|
schematron.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/schematron.c b/schematron.c
|
|
index 5c1a27bf1..d33755e6d 100644
|
|
--- a/schematron.c
|
|
+++ b/schematron.c
|
|
@@ -1453,6 +1453,8 @@ xmlSchematronFormatReport(xmlSchematronValidCtxtPtr ctxt,
|
|
select = xmlGetNoNsProp(child, BAD_CAST "select");
|
|
comp = xmlXPathCtxtCompile(ctxt->xctxt, select);
|
|
eval = xmlXPathCompiledEval(comp, ctxt->xctxt);
|
|
+ if (eval == NULL)
|
|
+ return ret;
|
|
|
|
switch (eval->type) {
|
|
case XPATH_NODESET: {
|
|
--
|
|
GitLab
|
|
|