mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-28 12:29:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f65b24e9ca0918a4ede70ea48ed8b7cc4620f07f
poky/meta/recipes-core/libxml/libxml2/fix-CVE-2019-19956.patch
Rahul Chauhan 26ef016a3c libxml2: Fix CVE-2019-19956 
(From OE-Core rev: 2be6ab4249c4f49c9ffcd9bb8fea964c8c5d449c)

Signed-off-by: Rahul Chauhan <rahulk@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-02-21 09:44:05 +00:00

39 lines
1.1 KiB
Diff
Raw Blame History

From 3cd2b25ddb04740be2880cfd78d60038452228b1 Mon Sep 17 00:00:00 2001
From: Zhipeng Xie <xiezhipeng1@huawei.com>
Date: Wed, 7 Aug 2019 17:39:17 +0800
Subject: [PATCH] Fix memory leak in xmlParseBalancedChunkMemoryRecover
When doc is NULL, namespace created in xmlTreeEnsureXMLDecl
is bind to newDoc->oldNs, in this case, set newDoc->oldNs to
NULL and free newDoc will cause a memory leak.
Found with libFuzzer.
Closes #82.
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549]
CVE: CVE-2019-19956
Signed-off-by: Rahul Chauhan <rahulk@mvista.com>
---
parser.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/parser.c b/parser.c
index b7ecd65..491f5c9 100644
--- a/parser.c
+++ b/parser.c
@@ -13899,7 +13899,8 @@ xmlParseBalancedChunkMemoryRecover(xmlDocPtr doc, xmlSAXHandlerPtr sax,
xmlFreeParserCtxt(ctxt);
newDoc->intSubset = NULL;
newDoc->extSubset = NULL;
- newDoc->oldNs = NULL;
+ if(doc != NULL)
+ newDoc->oldNs = NULL;
xmlFreeDoc(newDoc);
return(ret);
--
2.7.4
Reference in New Issue View Git Blame Copy Permalink