Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:GA
libxml2.34538
libxml2-2.9.4-CVE-2017-15412.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-2.9.4-CVE-2017-15412.patch of Package libxml2.34538
From 0f3b843b3534784ef57a4f9b874238aa1fda5a73 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Thu, 1 Jun 2017 23:12:19 +0200 Subject: Fix XPath stack frame logic Move the calls to xmlXPathSetFrame and xmlXPathPopFrame around in xmlXPathCompOpEvalPositionalPredicate to make sure that the context object on the stack is actually protected. Otherwise, memory corruption can occur when calling sloppily coded XPath extension functions. Fixes bug 783160. --- xpath.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xpath.c b/xpath.c index 9481507..b816bd3 100644 --- a/xpath.c +++ b/xpath.c @@ -11932,11 +11932,11 @@ xmlXPathCompOpEvalPositionalPredicate(xmlXPathParserContextPtr ctxt, } } - frame = xmlXPathSetFrame(ctxt); valuePush(ctxt, contextObj); + frame = xmlXPathSetFrame(ctxt); res = xmlXPathCompOpEvalToBoolean(ctxt, exprOp, 1); - tmp = valuePop(ctxt); xmlXPathPopFrame(ctxt, frame); + tmp = valuePop(ctxt); if ((ctxt->error != XPATH_EXPRESSION_OK) || (res == -1)) { while (tmp != contextObj) { -- cgit v0.12
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor