Upstream-Status: Backport CVE: CVE-2017-8872 Signed-off-by: Ross Burton From 123234f2cfcd9e9b9f83047eee1dc17b4c3f4407 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Tue, 11 Sep 2018 14:52:07 +0200 Subject: [PATCH] Free input buffer in xmlHaltParser This avoids miscalculation of available bytes. Thanks to Yunho Kim for the report. Closes: #26 --- parser.c | 5 +++++ result/errors/759573.xml.err | 17 +++++++---------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/parser.c b/parser.c index ca9fde2c..5813a664 100644 --- a/parser.c +++ b/parser.c @@ -12462,7 +12462,12 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) { ctxt->input->free((xmlChar *) ctxt->input->base); ctxt->input->free = NULL; } + if (ctxt->input->buf != NULL) { + xmlFreeParserInputBuffer(ctxt->input->buf); + ctxt->input->buf = NULL; + } ctxt->input->cur = BAD_CAST""; + ctxt->input->length = 0; ctxt->input->base = ctxt->input->cur; ctxt->input->end = ctxt->input->cur; } diff --git a/result/errors/759573.xml.err b/result/errors/759573.xml.err index 554039f6..38ef5c40 100644 --- a/result/errors/759573.xml.err +++ b/result/errors/759573.xml.err @@ -21,14 +21,11 @@ Entity: line 1: ^ ./test/errors/759573.xml:1: parser error : internal error: xmlParseInternalSubset: error detected in Markup declaration -