[xml] C14N issue with digital signature due to pointer comparison
- From: Frank Gross <fg 4js com>
- To: xml gnome org
- Subject: [xml] C14N issue with digital signature due to pointer comparison
- Date: Wed, 12 Mar 2014 18:28:45 +0100
Hi,
I'm getting some trouble to verify a XML signature because the
xmlC14NProcessNamespacesAxis() function does a xmlNsPtr pointer
comparison to decide whether a sub node belongs to the same default
namespace as an ancestor. But if the sub node has been manipulated by
program (in my case) to point to another xmlNsPtr with same values, the
canonicalization process breaks. Wouldn't it be better to check the
namespace href values instead as in following patch ?
diff --git a/lib-xmlsoft-libxml2/src/c14n.c b/lib-xmlsoft-libxml2/src/c14n.c
index 9c3cad2..f73e709 100644
--- a/lib-xmlsoft-libxml2/src/c14n.c
+++ b/lib-xmlsoft-libxml2/src/c14n.c
@@ -623,7 +623,7 @@ xmlC14NProcessNamespacesAxis(xmlC14NCtxPtr ctx,
xmlNodePtr cur, int visible)
for(ns = n->nsDef; ns != NULL; ns = ns->next) {
tmp = xmlSearchNs(cur->doc, cur, ns->prefix);
- if((tmp == ns) && !xmlC14NIsXmlNs(ns) && xmlC14NIsVisible(ctx,
ns, cur)) {
+ if((xmlStrEqual(tmp->href,ns->href)) &&
(xmlStrEqual(tmp->prefix,ns->prefix)) && !xmlC14NIsXmlNs(ns) &&
xmlC14NIsVisible(ctx, ns, cur)) {
already_rendered = xmlC14NVisibleNsStackFind(ctx->ns_rendered,
ns);
if(visible) {
xmlC14NVisibleNsStackAdd(ctx->ns_rendered, ns, cur);
Regards,
Frank
--
Frank GROSS
Software Engineer - Web Services
Four J's Development Tools - http://www.4js.com
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
