| author | Petr Sumbera <petr.sumbera@oracle.com> |
| Mon, 16 Nov 2015 01:42:29 -0800 | |
| changeset 5123 | eb9265af2135 |
| permissions | -rw-r--r-- |
|
5123
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
1 |
Patch origin: upstream |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
2 |
Patch status: will be part of next version |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
3 |
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
4 |
https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617 |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
5 |
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
6 |
From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
7 |
From: Daniel Veillard <[email protected]> |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
8 |
Date: Thu, 29 Oct 2015 19:33:23 +0800 |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
9 |
Subject: Fix for type confusion in preprocessing attributes |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
10 |
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
11 |
CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
12 |
We need to check that the parent node is an element before dereferencing |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
13 |
its namespace |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
14 |
--- |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
15 |
libxslt/preproc.c | 3 ++- |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
16 |
1 file changed, 2 insertions(+), 1 deletion(-) |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
17 |
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
18 |
diff --git a/libxslt/preproc.c b/libxslt/preproc.c |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
19 |
index 0eb80a0..7f69325 100644 |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
20 |
--- a/libxslt/preproc.c |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
21 |
+++ b/libxslt/preproc.c |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
22 |
@@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) {
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
23 |
} else if (IS_XSLT_NAME(inst, "attribute")) {
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
24 |
xmlNodePtr parent = inst->parent; |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
25 |
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
26 |
- if ((parent == NULL) || (parent->ns == NULL) || |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
27 |
+ if ((parent == NULL) || |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
28 |
+ (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
29 |
((parent->ns != inst->ns) && |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
30 |
(!xmlStrEqual(parent->ns->href, inst->ns->href))) || |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
31 |
(!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) {
|
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
32 |
-- |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
33 |
cgit v0.11.2 |
|
eb9265af2135
22134245 problem in LIBRARY/LIBXSLT
Petr Sumbera <petr.sumbera@oracle.com>
parents:
diff
changeset
|
34 |