mirror of
https://fuchsia.googlesource.com/third_party/libxml2
synced 2024-07-11 23:12:43 +00:00
[CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking
Fixes a use-after-free if XML Reader if used with DTD validation and XInclude expansion. Fixes #604.
This commit is contained in:
parent
8b9b972aaa
commit
9272197088
|
@ -1378,6 +1378,7 @@ node_found:
|
|||
* Handle XInclude if asked for
|
||||
*/
|
||||
if ((reader->xinclude) && (reader->in_xinclude == 0) &&
|
||||
(reader->state != XML_TEXTREADER_BACKTRACK) &&
|
||||
(reader->node != NULL) &&
|
||||
(reader->node->type == XML_ELEMENT_NODE) &&
|
||||
(reader->node->ns != NULL) &&
|
||||
|
|
Loading…
Reference in New Issue
Block a user