153aa9179Sopenharmony_ciFrom e15838ab5454514e53981585c71cd20bb1537d01 Mon Sep 17 00:00:00 2001 253aa9179Sopenharmony_ciFrom: Nick Wellnhofer <wellnhofer@aevum.de> 353aa9179Sopenharmony_ciDate: Sun, 5 Mar 2023 14:09:14 +0100 453aa9179Sopenharmony_ciSubject: [PATCH] malloc-fail: Fix null deref in xmlSchemaParseWildcardNs 553aa9179Sopenharmony_ci 653aa9179Sopenharmony_ciFound with libFuzzer, see #344. 753aa9179Sopenharmony_ci 853aa9179Sopenharmony_ciReference:https://github.com/GNOME/libxml2/commit/e15838ab5454514e53981585c71cd20bb1537d01 953aa9179Sopenharmony_ciConflict:NA 1053aa9179Sopenharmony_ci--- 1153aa9179Sopenharmony_ci xmlschemas.c | 2 ++ 1253aa9179Sopenharmony_ci 1 file changed, 2 insertions(+) 1353aa9179Sopenharmony_ci 1453aa9179Sopenharmony_cidiff --git a/xmlschemas.c b/xmlschemas.c 1553aa9179Sopenharmony_ciindex 9ace2b7..dd79d2e 100644 1653aa9179Sopenharmony_ci--- a/xmlschemas.c 1753aa9179Sopenharmony_ci+++ b/xmlschemas.c 1853aa9179Sopenharmony_ci@@ -6867,6 +6867,8 @@ xmlSchemaParseWildcardNs(xmlSchemaParserCtxtPtr ctxt, 1953aa9179Sopenharmony_ci */ 2053aa9179Sopenharmony_ci attr = xmlSchemaGetPropNode(node, "namespace"); 2153aa9179Sopenharmony_ci ns = xmlSchemaGetNodeContent(ctxt, (xmlNodePtr) attr); 2253aa9179Sopenharmony_ci+ if (ns == NULL) 2353aa9179Sopenharmony_ci+ return (-1); 2453aa9179Sopenharmony_ci if ((attr == NULL) || (xmlStrEqual(ns, BAD_CAST "##any"))) 2553aa9179Sopenharmony_ci wildc->any = 1; 2653aa9179Sopenharmony_ci else if (xmlStrEqual(ns, BAD_CAST "##other")) { 2753aa9179Sopenharmony_ci-- 2853aa9179Sopenharmony_ci2.27.0 2953aa9179Sopenharmony_ci 30