1From ec471ee3202d4434b695e652e1fd5e0dfc592d1b Mon Sep 17 00:00:00 2001
2From: Nick Wellnhofer <wellnhofer@aevum.de>
3Date: Wed, 2 Nov 2022 15:58:31 +0100
4Subject: [PATCH 07/28] malloc-fail: Fix memory leak in xmlNewDocNodeEatName
5
6Found with libFuzzer, see #344.
7
8Reference: https://github.com/GNOME/libxml2/commit/dd50cfeb61c4f74ffc1dca1e818e01cf478e366d
9Conflict: NA
10---
11 tree.c | 5 +++--
12 1 file changed, 3 insertions(+), 2 deletions(-)
13
14diff --git a/tree.c b/tree.c
15index 6a8c2ea..bb85220 100644
16--- a/tree.c
17+++ b/tree.c
18@@ -2385,8 +2385,9 @@ xmlNewDocNodeEatName(xmlDocPtr doc, xmlNsPtr ns,
19 	}
20     } else {
21         /* if name don't come from the doc dictionary free it here */
22-        if ((name != NULL) && (doc != NULL) &&
23-	    (!(xmlDictOwns(doc->dict, name))))
24+        if ((name != NULL) &&
25+            ((doc == NULL) || (doc->dict == NULL) ||
26+	     (!(xmlDictOwns(doc->dict, name)))))
27 	    xmlFree(name);
28     }
29     return(cur);
30-- 
312.27.0
32
33