Projects
Mega:24.09
libxml2
_service:tar_scm:backport-CVE-2024-40896.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-CVE-2024-40896.patch of Package libxml2
From ae8f0ac0a2900219c3d762ae0b513e199dcf19a5 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer <wellnhofer@aevum.de> Date: Sat, 6 Jul 2024 01:03:46 +0200 Subject: [PATCH] [CVE-2024-40896] Fix XXE protection in downstream code Some users set an entity's children manually in the getEntity SAX callback to restrict entity expansion. This stopped working after renaming the "checked" member of xmlEntity, making at least one downstream project and its dependants susceptible to XXE attacks. See #761. --- parser.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/parser.c b/parser.c index 4feb21a28..8fe0a064d 100644 --- a/parser.c +++ b/parser.c @@ -7148,6 +7148,14 @@ xmlParseReference(xmlParserCtxtPtr ctxt) { return; } + /* + * Some users try to parse entities on their own and used to set + * the renamed "checked" member. Fix the flags to cover this + * case. + */ + if (((ent->flags & XML_ENT_PARSED) == 0) && (ent->children != NULL)) + ent->flags |= XML_ENT_PARSED; + /* * The first reference to the entity trigger a parsing phase * where the ent->children is filled with the result from -- GitLab
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2