[libxml2] Fix timeout when handling recursive entities
- From: Nick Wellnhofer <nwellnhof src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libxml2] Fix timeout when handling recursive entities
- Date: Fri, 18 Dec 2020 13:33:36 +0000 (UTC)
commit 79301d3d5e553d46fc3201f48dcec3a93068c5a2
Author: Nick Wellnhofer <wellnhofer aevum de>
Date: Fri Dec 18 12:50:21 2020 +0100
Fix timeout when handling recursive entities
Abort parsing early to avoid an almost infinite loop in certain error
cases involving recursive entities.
Found with libFuzzer.
parser.c | 1 +
result/errors/rec_ext_ent.xml.ent | 178 +++++++-------------------------------
2 files changed, 30 insertions(+), 149 deletions(-)
---
diff --git a/parser.c b/parser.c
index 43b88358..a7bdc7f3 100644
--- a/parser.c
+++ b/parser.c
@@ -7158,6 +7158,7 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
ent->checked |= 1;
if (ret == XML_ERR_ENTITY_LOOP) {
xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL);
+ xmlHaltParser(ctxt);
xmlFreeNodeList(list);
return;
}
diff --git a/result/errors/rec_ext_ent.xml.ent b/result/errors/rec_ext_ent.xml.ent
index 30dd2854..d8ccec14 100644
--- a/result/errors/rec_ext_ent.xml.ent
+++ b/result/errors/rec_ext_ent.xml.ent
@@ -1,243 +1,123 @@
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-test/errors/rec_ext.ent:1: parser error : Entity 'e' failed to parse
+test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
test/errors/rec_ext.ent:1: parser error : Detected an entity reference loop
<ent>&e; &e; &e; &e;</ent>
^
-test/errors/rec_ext.ent:2: parser error : chunk is not well balanced
-
-^
-./test/errors/rec_ext_ent.xml:4: parser error : Entity 'e' failed to parse
+./test/errors/rec_ext_ent.xml:4: parser error : Detected an entity reference loop
<doc>&e; &e; &e; &e;</doc>
^
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
