代码拉取完成,页面将自动刷新
同步操作将从 src-openEuler/libxml2 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
From 3f18e7486d5feb8ae41911ce3c122e05641a4c3d Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Sat, 11 Jul 2020 14:34:57 +0200
Subject: [PATCH] Reset HTML parser input before reporting error
Avoid use-after-free, similar to 13ba5b61. Also make sure that
xmlBufSetInputBaseCur sets valid pointers in case of buffer errors.
Found by OSS-Fuzz.
diff --git a/HTMLparser.c b/HTMLparser.c
index 9b12dd1..1dea794 100644
--- a/HTMLparser.c
+++ b/HTMLparser.c
@@ -6150,12 +6150,12 @@ htmlParseChunk(htmlParserCtxtPtr ctxt, const char *chunk, int size,
int res;
res = xmlParserInputBufferPush(ctxt->input->buf, size, chunk);
+ xmlBufSetInputBaseCur(ctxt->input->buf->buffer, ctxt->input, base, cur);
if (res < 0) {
ctxt->errNo = XML_PARSER_EOF;
ctxt->disableSAX = 1;
return (XML_PARSER_EOF);
}
- xmlBufSetInputBaseCur(ctxt->input->buf->buffer, ctxt->input, base, cur);
#ifdef DEBUG_PUSH
xmlGenericError(xmlGenericErrorContext, "HPP: pushed %d\n", size);
#endif
diff --git a/buf.c b/buf.c
index 8ad18a1..24368d3 100644
--- a/buf.c
+++ b/buf.c
@@ -1334,8 +1334,12 @@ xmlBufGetInputBase(xmlBufPtr buf, xmlParserInputPtr input) {
int
xmlBufSetInputBaseCur(xmlBufPtr buf, xmlParserInputPtr input,
size_t base, size_t cur) {
- if ((input == NULL) || (buf == NULL) || (buf->error))
+ if (input == NULL)
+ return(-1);
+ if ((buf == NULL) || (buf->error)) {
+ input->base = input->cur = input->end = BAD_CAST "";
return(-1);
+ }
CHECK_COMPAT(buf)
input->base = &buf->content[base];
input->cur = input->base + cur;
--
1.8.3.1
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。