[libxml2] Fix null deref in xmlStringGetNodeList

From: Nick Wellnhofer <nwellnhof src gnome org>
To: commits-list gnome org
Cc:
Subject: [libxml2] Fix null deref in xmlStringGetNodeList
Date: Fri, 18 Dec 2020 13:33:36 +0000 (UTC)

commit 1d73f07d67e32d8eaccd85bc46c5d277a1dc00c9
Author: Nick Wellnhofer <wellnhofer aevum de>
Date:   Fri Dec 18 00:55:00 2020 +0100

    Fix null deref in xmlStringGetNodeList
    
    Check for malloc failure to avoid null deref.
    
    Found with libFuzzer.

 tree.c | 4 ++++
 1 file changed, 4 insertions(+)
---
diff --git a/tree.c b/tree.c
index 64572d9f..2130d55d 100644
--- a/tree.c
+++ b/tree.c
@@ -1649,6 +1649,10 @@ xmlStringGetNodeList(const xmlDoc *doc, const xmlChar *value) {
 
     if (!xmlBufIsEmpty(buf)) {
        node = xmlNewDocText(doc, NULL);
+        if (node == NULL) {
+            xmlBufFree(buf);
+            return(NULL);
+        }
        node->content = xmlBufDetach(buf);
 
        if (last == NULL) {

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]