[libxml2] Fix xmlSetTreeDoc with entity references
- From: Nick Wellnhofer <nwellnhof src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libxml2] Fix xmlSetTreeDoc with entity references
- Date: Mon, 7 Feb 2022 21:31:22 +0000 (UTC)
commit 57b3abd592373ad9e4aacdbf41e00612afb2ccf7
Author: Nick Wellnhofer <wellnhofer aevum de>
Date: Mon Feb 7 22:09:25 2022 +0100
Fix xmlSetTreeDoc with entity references
The children member of entity reference nodes points to the entity
declaration and must never be followed when traversing a tree. In
the worst case, this could lead to an infinite loop.
It's somewhat unclear how moving entity references to other documents
should work exactly. For now we simply set the children pointer to NULL
to avoid a reference to the original document.
Fixes #42.
tree.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
---
diff --git a/tree.c b/tree.c
index 96d3f324..9d94aa42 100644
--- a/tree.c
+++ b/tree.c
@@ -2856,8 +2856,15 @@ xmlSetTreeDoc(xmlNodePtr tree, xmlDocPtr doc) {
prop = prop->next;
}
}
- if (tree->children != NULL)
+ if (tree->type == XML_ENTITY_REF_NODE) {
+ /*
+ * Clear 'children' which points to the entity declaration
+ * from the original document.
+ */
+ tree->children = NULL;
+ } else if (tree->children != NULL) {
xmlSetListDoc(tree->children, doc);
+ }
tree->doc = doc;
}
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
