Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP4:Update
libxslt-python
libxslt-CVE-2019-18197.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxslt-CVE-2019-18197.patch of Package libxslt-python
From 2232473733b7313d67de8836ea3b29eec6e8e285 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Sat, 17 Aug 2019 16:51:53 +0200 Subject: [PATCH] Fix dangling pointer in xsltCopyText xsltCopyText didn't reset ctxt->lasttext in some cases which could lead to various memory errors in relation with CDATA sections in input documents. Found by OSS-Fuzz. --- libxslt/transform.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libxslt/transform.c b/libxslt/transform.c index 95ebd073..d7ab0b66 100644 --- a/libxslt/transform.c +++ b/libxslt/transform.c @@ -1094,6 +1094,8 @@ xsltCopyText(xsltTransformContextPtr ctxt, xmlNodePtr target, if ((copy->content = xmlStrdup(cur->content)) == NULL) return NULL; } + + ctxt->lasttext = NULL; } else { /* * normal processing. keep counters to extend the text node -- 2.22.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor