1From 31844c74df39c3b88735ef884c33c41da9d52795 Mon Sep 17 00:00:00 2001 2From: Nick Wellnhofer <wellnhofer@aevum.de> 3Date: Sun, 5 Mar 2023 14:10:08 +0100 4Subject: [PATCH] malloc-fail: Fix null deref in xmlSchemaParseUnion 5 6Found with libFuzzer, see #344. 7 8Reference:https://github.com/GNOME/libxml2/commit/31844c74df39c3b88735ef884c33c41da9d52795 9Conflict:NA 10--- 11 xmlschemas.c | 2 ++ 12 1 file changed, 2 insertions(+) 13 14diff --git a/xmlschemas.c b/xmlschemas.c 15index 06bf664..5b93937 100644 16--- a/xmlschemas.c 17+++ b/xmlschemas.c 18@@ -9006,6 +9006,8 @@ xmlSchemaParseUnion(xmlSchemaParserCtxtPtr ctxt, xmlSchemaPtr schema, 19 xmlSchemaQNameRefPtr ref; 20 21 cur = xmlSchemaGetNodeContent(ctxt, (xmlNodePtr) attr); 22+ if (cur == NULL) 23+ return (-1); 24 type->base = cur; 25 do { 26 while (IS_BLANK_CH(*cur)) 27-- 282.27.0 29 30