Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
python-libxml2-python
libxml2-CVE-2023-28484-1.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-CVE-2023-28484-1.patch of Package python-libxml2-python
From 647e072ea0a2f12687fa05c172f4c4713fdb0c4f Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Fri, 7 Apr 2023 11:46:35 +0200 Subject: [PATCH] [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType Fix a null pointer dereference when parsing (invalid) XML schemas. Thanks to Robby Simpson for the report! Fixes #491. --- result/schemas/issue491_0_0.err | 1 + test/schemas/issue491_0.xml | 1 + test/schemas/issue491_0.xsd | 18 ++++++++++++++++++ xmlschemas.c | 2 +- 4 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 result/schemas/issue491_0_0.err create mode 100644 test/schemas/issue491_0.xml create mode 100644 test/schemas/issue491_0.xsd diff --git a/result/schemas/issue491_0_0.err b/result/schemas/issue491_0_0.err new file mode 100644 index 00000000..9b2bb969 --- /dev/null +++ b/result/schemas/issue491_0_0.err @@ -0,0 +1 @@ +./test/schemas/issue491_0.xsd:8: element complexType: Schemas parser error : complex type 'ChildType': The content type of both, the type and its base type, must either 'mixed' or 'element-only'. diff --git a/test/schemas/issue491_0.xml b/test/schemas/issue491_0.xml new file mode 100644 index 00000000..e2b2fc2e --- /dev/null +++ b/test/schemas/issue491_0.xml @@ -0,0 +1 @@ +<Child xmlns="http://www.test.com">5</Child> diff --git a/test/schemas/issue491_0.xsd b/test/schemas/issue491_0.xsd new file mode 100644 index 00000000..81702649 --- /dev/null +++ b/test/schemas/issue491_0.xsd @@ -0,0 +1,18 @@ +<?xml version='1.0' encoding='UTF-8'?> +<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns="http://www.test.com" targetNamespace="http://www.test.com" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xs:complexType name="BaseType"> + <xs:simpleContent> + <xs:extension base="xs:int" /> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="ChildType"> + <xs:complexContent> + <xs:extension base="BaseType"> + <xs:sequence> + <xs:element name="bad" type="xs:int" minOccurs="0" maxOccurs="1"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + <xs:element name="Child" type="ChildType" /> +</xs:schema> diff --git a/xmlschemas.c b/xmlschemas.c index 152b7c3f..eec24a95 100644 --- a/xmlschemas.c +++ b/xmlschemas.c @@ -18619,7 +18619,7 @@ xmlSchemaFixupComplexType(xmlSchemaParserCtxtPtr pctxt, "allowed to appear inside other model groups", NULL, NULL); - } else if (! dummySequence) { + } else if ((!dummySequence) && (baseType->subtypes != NULL)) { xmlSchemaTreeItemPtr effectiveContent = (xmlSchemaTreeItemPtr) type->subtypes; /* -- GitLab
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor