[libxslt] Avoid infinite recursion after failed param evaluation

[Nick Wellnhofer <nwellnhof src gnome org>]

commit 7893a4685d76e22fc77c6cecec9b8771359e51bd
Author: Nick Wellnhofer <wellnhofer aevum de>
Date:   Mon Jun 6 15:27:48 2016 +0200

    Avoid infinite recursion after failed param evaluation
    
    Always mark variables as computed even if evaluation fails. This
    avoids infinite recursion and a stack overflow if a parameter whose
    evaluation failed is looked up again.
    
    Found with afl-fuzz.

 libxslt/variables.c       |    3 +--
 tests/docs/bug-194.xml    |    1 +
 tests/general/bug-194.err |    9 +++++++++
 tests/general/bug-194.xsl |    8 ++++++++
 4 files changed, 19 insertions(+), 2 deletions(-)
---
diff --git a/libxslt/variables.c b/libxslt/variables.c
index 52cd68d..e1a80ee 100644
--- a/libxslt/variables.c
+++ b/libxslt/variables.c
@@ -1803,8 +1803,7 @@ xsltBuildVariable(xsltTransformContextPtr ctxt,
     elem->tree = tree;
     elem->value = xsltEvalVariable(ctxt, elem,
        (xsltStylePreCompPtr) comp);
-    if (elem->value != NULL)
-       elem->computed = 1;
+    elem->computed = 1;
     return(elem);
 }
 
diff --git a/tests/docs/bug-194.xml b/tests/docs/bug-194.xml
new file mode 100644
index 0000000..69d62f2
--- /dev/null
+++ b/tests/docs/bug-194.xml
@@ -0,0 +1 @@
+<doc/>
diff --git a/tests/general/bug-194.err b/tests/general/bug-194.err
new file mode 100644
index 0000000..c983012
--- /dev/null
+++ b/tests/general/bug-194.err
@@ -0,0 +1,9 @@
+runtime error
+Variable 'p' has not been declared.
+xmlXPathCompiledEval: evaluation failed
+runtime error: file ./bug-194.xsl line 4 element param
+Failed to evaluate the expression of variable 'p'.
+xmlXPathCompiledEval: evaluation failed
+runtime error: file ./bug-194.xsl line 5 element param
+Failed to evaluate the expression of variable 'p2'.
+no result for ./../docs/bug-194.xml
diff --git a/tests/general/bug-194.out b/tests/general/bug-194.out
new file mode 100644
index 0000000..e69de29
diff --git a/tests/general/bug-194.xsl b/tests/general/bug-194.xsl
new file mode 100644
index 0000000..2580a75
--- /dev/null
+++ b/tests/general/bug-194.xsl
@@ -0,0 +1,8 @@
+<x:stylesheet xmlns:x="http://www.w3.org/1999/XSL/Transform"; version="1.0">
+
+<x:template match="/">
+    <x:param name="p" select="$p"/>
+    <x:param name="p2" select="$p"/>
+</x:template>
+
+</x:stylesheet>