mirror of
https://git.yoctoproject.org/poky
synced 2026-02-11 03:03:02 +01:00
553a8e2ab3
Upstream-Status: Backport [5a19e21605]
Reference:
https://access.redhat.com/security/cve/cve-2022-49043
(From OE-Core rev: 82b6c943bb6435171d1924cbebe794b901eb3705)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
39 lines
1.1 KiB
Diff
39 lines
1.1 KiB
Diff
From 5a19e21605398cef6a8b1452477a8705cb41562b Mon Sep 17 00:00:00 2001
|
|
From: Nick Wellnhofer <wellnhofer@aevum.de>
|
|
Date: Wed, 2 Nov 2022 16:13:27 +0100
|
|
Subject: [PATCH] malloc-fail: Fix use-after-free in xmlXIncludeAddNode
|
|
|
|
Found with libFuzzer, see #344.
|
|
|
|
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b]
|
|
CVE: CVE-2022-49043
|
|
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
|
|
---
|
|
xinclude.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/xinclude.c b/xinclude.c
|
|
index e5fdf0f..36fa8ec 100644
|
|
--- a/xinclude.c
|
|
+++ b/xinclude.c
|
|
@@ -612,14 +612,15 @@ xmlXIncludeAddNode(xmlXIncludeCtxtPtr ctxt, xmlNodePtr cur) {
|
|
}
|
|
URL = xmlSaveUri(uri);
|
|
xmlFreeURI(uri);
|
|
- xmlFree(URI);
|
|
if (URL == NULL) {
|
|
xmlXIncludeErr(ctxt, cur, XML_XINCLUDE_HREF_URI,
|
|
"invalid value URI %s\n", URI);
|
|
if (fragment != NULL)
|
|
xmlFree(fragment);
|
|
+ xmlFree(URI);
|
|
return(-1);
|
|
}
|
|
+ xmlFree(URI);
|
|
|
|
if (xmlStrEqual(URL, ctxt->doc->URL))
|
|
local = 1;
|
|
--
|
|
2.25.1
|
|
|