diff -up xmlsec1-1.2.29/src/c14n.c.orig xmlsec1-1.2.29/src/c14n.c --- xmlsec1-1.2.29/src/c14n.c.orig 2024-05-10 13:47:12.698153446 +0200 +++ xmlsec1-1.2.29/src/c14n.c 2024-05-10 18:30:35.148285625 +0200 @@ -233,7 +233,10 @@ xmlSecTransformC14NPushXml(xmlSecTransfo /* we are using a semi-hack here: we know that xmlSecPtrList keeps * all pointers in the big array */ nsList = xmlSecTransformC14NGetNsList(transform); - xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1); + if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) { + xmlOutputBufferClose(buf); + xmlSecAssert2(0, -1); + }; ret = xmlSecTransformC14NExecute(transform->id, nodes, (xmlChar**)(nsList->data), buf); if(ret < 0) { @@ -297,7 +300,10 @@ xmlSecTransformC14NPopBin(xmlSecTransfor /* we are using a semi-hack here: we know that xmlSecPtrList keeps * all pointers in the big array */ nsList = xmlSecTransformC14NGetNsList(transform); - xmlSecAssert2(xmlSecPtrListCheckId(nsList, xmlSecStringListId), -1); + if (! xmlSecPtrListCheckId(nsList, xmlSecStringListId)) { + xmlOutputBufferClose(buf); + xmlSecAssert2(0, -1); + } ret = xmlSecTransformC14NExecute(transform->id, transform->inNodes, (xmlChar**)(nsList->data), buf); if(ret < 0) { @@ -737,4 +743,3 @@ xmlSecTransformId xmlSecTransformRemoveXmlTagsC14NGetKlass(void) { return(&xmlSecTransformRemoveXmlTagsC14NKlass); } - diff -up xmlsec1-1.2.29/src/gcrypt/asymkeys.c.orig xmlsec1-1.2.29/src/gcrypt/asymkeys.c --- xmlsec1-1.2.29/src/gcrypt/asymkeys.c.orig 2024-05-10 18:47:45.800368678 +0200 +++ xmlsec1-1.2.29/src/gcrypt/asymkeys.c 2024-05-13 09:11:08.784351577 +0200 @@ -198,6 +198,9 @@ done: gcry_sexp_release(priv_key); } + /* Adopt functions assume ownership thus the caller would expect this to be released */ + gcry_sexp_release(key_pair); + /* done */ return(res); } @@ -292,11 +295,11 @@ xmlSecGCryptAsymKeyDataGenerate(xmlSecKe } ret = xmlSecGCryptAsymKeyDataAdoptKey(data, key_pair); + key_pair = NULL; /* now owned by data */ if(ret < 0) { xmlSecInternalError("xmlSecGCryptAsymKeyDataAdopt", NULL); goto done; } - key_pair = NULL; /* now owned by data */ /* success */ res = 0; diff -up xmlsec1-1.2.29/src/parser.c.orig xmlsec1-1.2.29/src/parser.c --- xmlsec1-1.2.29/src/parser.c.orig 2024-05-10 13:46:59.217160842 +0200 +++ xmlsec1-1.2.29/src/parser.c 2024-05-10 17:28:22.848994008 +0200 @@ -368,7 +368,6 @@ xmlDocPtr xmlSecParseFile(const char *filename) { xmlParserCtxtPtr ctxt; xmlDocPtr res = NULL; - char *directory = NULL; int ret; xmlSecAssert2(filename != NULL, NULL); @@ -385,23 +384,15 @@ xmlSecParseFile(const char *filename) { /* crashes on x64 xmlCtxtUseOptions (ctxt, XML_PARSE_HUGE); */ /* todo: set directories from current doc? */ - if ((ctxt->directory == NULL) && (directory == NULL)) { - directory = xmlParserGetDirectory(filename); - if(directory == NULL) { + if (ctxt->directory == NULL) { + ctxt->directory = xmlParserGetDirectory(filename); + if(ctxt->directory == NULL) { xmlSecXmlError2("xmlParserGetDirectory", NULL, "filename=%s", xmlSecErrorsSafeString(filename)); xmlFreeParserCtxt(ctxt); return(NULL); } } - if ((ctxt->directory == NULL) && (directory != NULL)) { - ctxt->directory = (char *) xmlStrdup(BAD_CAST directory); - if(ctxt->directory == NULL) { - xmlSecStrdupError(BAD_CAST directory, NULL); - xmlFreeParserCtxt(ctxt); - return(NULL); - } - } /* required for c14n! */ ctxt->loadsubset = XML_DETECT_IDS | XML_COMPLETE_ATTRS; @@ -559,7 +550,7 @@ xmlSecParseMemory(const xmlSecByte *buff if(ctxt->myDoc != NULL) { xmlFreeDoc(ctxt->myDoc); ctxt->myDoc = NULL; - } + } xmlFreeParserCtxt(ctxt); return(NULL); } @@ -580,4 +571,3 @@ xmlSecParseMemory(const xmlSecByte *buff xmlFreeParserCtxt(ctxt); return(res); } -