Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
libxml2.23791
libxml2-CVE-2017-5969.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File libxml2-CVE-2017-5969.patch of Package libxml2.23791
From 94691dc884d1a8ada39f073408b4bb92fe7fe882 Mon Sep 17 00:00:00 2001 From: Daniel Veillard <veillard@redhat.com> Date: Wed, 7 Jun 2017 16:47:36 +0200 Subject: Fix NULL pointer deref in xmlDumpElementContent Can only be triggered in recovery mode. Fixes bug 758422 (CVE-2017-5969). --- valid.c | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/valid.c b/valid.c index 9b2df56..8075d3a 100644 --- a/valid.c +++ b/valid.c @@ -1172,29 +1172,33 @@ xmlDumpElementContent(xmlBufferPtr buf, xmlElementContentPtr content, int glob) xmlBufferWriteCHAR(buf, content->name); break; case XML_ELEMENT_CONTENT_SEQ: - if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || - (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) + if ((content->c1 != NULL) && + ((content->c1->type == XML_ELEMENT_CONTENT_OR) || + (content->c1->type == XML_ELEMENT_CONTENT_SEQ))) xmlDumpElementContent(buf, content->c1, 1); else xmlDumpElementContent(buf, content->c1, 0); xmlBufferWriteChar(buf, " , "); - if ((content->c2->type == XML_ELEMENT_CONTENT_OR) || - ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) && - (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))) + if ((content->c2 != NULL) && + ((content->c2->type == XML_ELEMENT_CONTENT_OR) || + ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) && + (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))) xmlDumpElementContent(buf, content->c2, 1); else xmlDumpElementContent(buf, content->c2, 0); break; case XML_ELEMENT_CONTENT_OR: - if ((content->c1->type == XML_ELEMENT_CONTENT_OR) || - (content->c1->type == XML_ELEMENT_CONTENT_SEQ)) + if ((content->c1 != NULL) && + ((content->c1->type == XML_ELEMENT_CONTENT_OR) || + (content->c1->type == XML_ELEMENT_CONTENT_SEQ))) xmlDumpElementContent(buf, content->c1, 1); else xmlDumpElementContent(buf, content->c1, 0); xmlBufferWriteChar(buf, " | "); - if ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) || - ((content->c2->type == XML_ELEMENT_CONTENT_OR) && - (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE))) + if ((content->c2 != NULL) && + ((content->c2->type == XML_ELEMENT_CONTENT_SEQ) || + ((content->c2->type == XML_ELEMENT_CONTENT_OR) && + (content->c2->ocur != XML_ELEMENT_CONTENT_ONCE)))) xmlDumpElementContent(buf, content->c2, 1); else xmlDumpElementContent(buf, content->c2, 0); -- cgit v0.12
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
