From bf0c46743621b01896c1bdf6f51ed1a0f01aa2b6 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Thu, 16 Aug 2012 15:51:35 +0800
Subject: [PATCH] Hardening of code checking node types in EXSLT
To: libvir-list@redhat.com
Followup on CVE-2012-2870
Signed-off-by: Daniel Veillard <veillard@redhat.com>
---
libexslt/functions.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libexslt/functions.c b/libexslt/functions.c
index 13fd06e..4c68cea 100644
--- a/libexslt/functions.c
+++ b/libexslt/functions.c
@@ -459,10 +459,9 @@ exsltFuncFunctionComp (xsltStylesheetPtr style, xmlNodePtr inst) {
xmlHashTablePtr data;
exsltFuncFunctionData *func;
- if ((style == NULL) || (inst == NULL))
+ if ((style == NULL) || (inst == NULL) || (inst->type != XML_ELEMENT_NODE))
return;
-
{
xmlChar *qname;
@@ -546,6 +545,9 @@ exsltFuncResultComp (xsltStylesheetPtr style, xmlNodePtr inst,
xmlChar *sel;
exsltFuncResultPreComp *ret;
+ if ((style == NULL) || (inst == NULL) || (inst->type != XML_ELEMENT_NODE))
+ return (NULL);
+
/*
* "Validity" checking
*/
--
1.7.11.4
distrib
>
Mageia
>
1
>
i586
>
media
>
core-updates-src
>
by-pkgid
>
5780ad04c9d8a2eca24752c57efbca09
>
files
>
8
