[xml] C14N issue with digital signature due to pointer comparison


I'm getting some trouble to verify a XML signature because the xmlC14NProcessNamespacesAxis() function does a xmlNsPtr pointer comparison to decide whether a sub node belongs to the same default namespace as an ancestor. But if the sub node has been manipulated by program (in my case) to point to another xmlNsPtr with same values, the canonicalization process breaks. Wouldn't it be better to check the namespace href values instead as in following patch ?

diff --git a/lib-xmlsoft-libxml2/src/c14n.c b/lib-xmlsoft-libxml2/src/c14n.c
index 9c3cad2..f73e709 100644
--- a/lib-xmlsoft-libxml2/src/c14n.c
+++ b/lib-xmlsoft-libxml2/src/c14n.c
@@ -623,7 +623,7 @@ xmlC14NProcessNamespacesAxis(xmlC14NCtxPtr ctx, xmlNodePtr cur, int visible)
     for(ns = n->nsDef; ns != NULL; ns = ns->next) {
         tmp = xmlSearchNs(cur->doc, cur, ns->prefix);

- if((tmp == ns) && !xmlC14NIsXmlNs(ns) && xmlC14NIsVisible(ctx, ns, cur)) { + if((xmlStrEqual(tmp->href,ns->href)) && (xmlStrEqual(tmp->prefix,ns->prefix)) && !xmlC14NIsXmlNs(ns) && xmlC14NIsVisible(ctx, ns, cur)) { already_rendered = xmlC14NVisibleNsStackFind(ctx->ns_rendered, ns);
         if(visible) {
                 xmlC14NVisibleNsStackAdd(ctx->ns_rendered, ns, cur);


Software Engineer - Web Services
Four J's Development Tools - http://www.4js.com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]