1From 755344013e161ab7c982290c6c78903bd9bd300e Mon Sep 17 00:00:00 2001 2From: Nick Wellnhofer <wellnhofer@aevum.de> 3Date: Mon, 30 Jan 2023 15:40:23 +0100 4Subject: [PATCH] malloc-fail: Record malloc failure in xmlXPathCompLiteral 5 6Avoid OOB array access. 7 8Found with libFuzzer, see #344. 9 10Reference:https://github.com/GNOME/libxml2/commit/755344013e161ab7c982290c6c78903bd9bd300e 11Conflict:NA 12--- 13 xpath.c | 5 ++++- 14 1 file changed, 4 insertions(+), 1 deletion(-) 15 16diff --git a/xpath.c b/xpath.c 17index fcbc7e3..fe0e1e2 100644 18--- a/xpath.c 19+++ b/xpath.c 20@@ -10245,7 +10245,10 @@ xmlXPathCompLiteral(xmlXPathParserContextPtr ctxt) { 21 } else { 22 XP_ERROR(XPATH_START_LITERAL_ERROR); 23 } 24- if (ret == NULL) return; 25+ if (ret == NULL) { 26+ xmlXPathPErrMemory(ctxt, NULL); 27+ return; 28+ } 29 lit = xmlXPathCacheNewString(ctxt->context, ret); 30 if (lit == NULL) { 31 ctxt->error = XPATH_MEMORY_ERROR; 32-- 332.27.0 34 35