kc3-lang/libxml2

Browse

Commit a436374994c47b12d5de1b8b1d191a098fa23594

Nick Wellnhofer 2018-07-30T12:54:38

Fix nullptr deref with XPath logic ops If the XPath stack is corrupted, for example by a misbehaving extension function, the "and" and "or" XPath operators could dereference NULL pointers. Check that the XPath stack isn't empty and optimize the logic operators slightly. Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5 Also see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 https://bugzilla.redhat.com/show_bug.cgi?id=1595985 This is CVE-2018-14404. Thanks to Guy Inbar for the report. 


          

          

        

        


    

  





 kmx.io    
 mail    
 discord

kmxgit v0.4.0