diff options
Diffstat (limited to 'meta/recipes-core/libxml/libxml2/CVE-2023-39615-0001.patch')
-rw-r--r-- | meta/recipes-core/libxml/libxml2/CVE-2023-39615-0001.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-core/libxml/libxml2/CVE-2023-39615-0001.patch b/meta/recipes-core/libxml/libxml2/CVE-2023-39615-0001.patch new file mode 100644 index 0000000000..9689cec67d --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2023-39615-0001.patch | |||
@@ -0,0 +1,36 @@ | |||
1 | From d0c3f01e110d54415611c5fa0040cdf4a56053f9 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Wellnhofer <wellnhofer@aevum.de> | ||
3 | Date: Sat, 6 May 2023 17:47:37 +0200 | ||
4 | Subject: [PATCH] parser: Fix old SAX1 parser with custom callbacks | ||
5 | |||
6 | For some reason, xmlCtxtUseOptionsInternal set the start and end element | ||
7 | SAX handlers to the internal DOM builder functions when XML_PARSE_SAX1 | ||
8 | was specified. This means that custom SAX handlers could never work with | ||
9 | that flag because these functions would receive the wrong user data | ||
10 | argument and crash immediately. | ||
11 | |||
12 | Fixes #535. | ||
13 | |||
14 | Upstream-Status: Backport from [https://gitlab.gnome.org/GNOME/libxml2/-/commit/d0c3f01e110d54415611c5fa0040cdf4a56053f9] | ||
15 | CVE: CVE-2023-39615 | ||
16 | Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> | ||
17 | --- | ||
18 | parser.c | 2 -- | ||
19 | 1 file changed, 2 deletions(-) | ||
20 | |||
21 | diff --git a/parser.c b/parser.c | ||
22 | index 6e09208..7814e6e 100644 | ||
23 | --- a/parser.c | ||
24 | +++ b/parser.c | ||
25 | @@ -15156,8 +15156,6 @@ xmlCtxtUseOptionsInternal(xmlParserCtxtPtr ctxt, int options, const char *encodi | ||
26 | } | ||
27 | #ifdef LIBXML_SAX1_ENABLED | ||
28 | if (options & XML_PARSE_SAX1) { | ||
29 | - ctxt->sax->startElement = xmlSAX2StartElement; | ||
30 | - ctxt->sax->endElement = xmlSAX2EndElement; | ||
31 | ctxt->sax->startElementNs = NULL; | ||
32 | ctxt->sax->endElementNs = NULL; | ||
33 | ctxt->sax->initialized = 1; | ||
34 | -- | ||
35 | 2.24.4 | ||
36 | |||