1From a800b7e058b09031aba92949eecf2c76fa030635 Mon Sep 17 00:00:00 2001 2From: Nick Wellnhofer <wellnhofer@aevum.de> 3Date: Thu, 4 May 2023 12:47:00 +0200 4Subject: [PATCH] regexp: Fix null deref in xmlFAFinishReduceEpsilonTransitions 5 6Short-lived regression found by OSS-Fuzz. 7 8Reference:https://github.com/GNOME/libxml2/commit/a800b7e058b09031aba92949eecf2c76fa030635 9Conflict:NA 10 11--- 12 xmlregexp.c | 2 ++ 13 1 file changed, 2 insertions(+) 14 15diff --git a/xmlregexp.c b/xmlregexp.c 16index 185fcda..b0111e2 100644 17--- a/xmlregexp.c 18+++ b/xmlregexp.c 19@@ -1896,6 +1896,8 @@ xmlFAFinishReduceEpsilonTransitions(xmlRegParserCtxtPtr ctxt, int tonr) { 20 xmlRegStatePtr to; 21 22 to = ctxt->states[tonr]; 23+ if (to == NULL) 24+ return; 25 if ((to->mark == XML_REGEXP_MARK_START) || 26 (to->mark == XML_REGEXP_MARK_NORMAL)) 27 return; 28-- 292.27.0 30 31