From f190c6d27f4a7a3236e121802969115151aefb49 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Thu, 16 Aug 2012 15:51:35 +0800
Subject: [PATCH] Hardening of code checking node types in EXSLT
To: libvir-list@redhat.com
Followup on CVE-2012-2870
Signed-off-by: Daniel Veillard <veillard@redhat.com>
---
libexslt/functions.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/libexslt/functions.c b/libexslt/functions.c
index 51f7d44..5326b9b 100644
--- a/libexslt/functions.c
+++ b/libexslt/functions.c
@@ -391,10 +391,9 @@ exsltFuncFunctionComp (xsltStylesheetPtr style, xmlNodePtr inst) {
xmlHashTablePtr data;
exsltFuncFunctionData *func;
- if ((style == NULL) || (inst == NULL))
+ if ((style == NULL) || (inst == NULL) || (inst->type != XML_ELEMENT_NODE))
return;
-
{
xmlChar *qname;
@@ -478,6 +477,9 @@ exsltFuncResultComp (xsltStylesheetPtr style, xmlNodePtr inst,
xmlChar *sel;
exsltFuncResultPreComp *ret;
+ if ((style == NULL) || (inst == NULL) || (inst->type != XML_ELEMENT_NODE))
+ return (NULL);
+
/*
* "Validity" checking
*/
--
1.7.11.4
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
media
>
main-src
>
by-pkgid
>
d41e7febba7533a5711c18660c676cc9
>
files
>
16
