shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-12-25 23:21:26 +03:00
Code

xpath: Ignore entity ref nodes when computing node hash

Browse Source 
XPath queries only work reliably if entities are substituted.
Nevertheless, it's possible to query a document with entity reference
nodes. xmllint even deletes entities when the `--dropdtd` option is
passed, resulting in dangling pointers, so it's best to skip entity
reference nodes to avoid a use-after-free.

Fixes #550.
This commit is contained in:
Nick Wellnhofer 2023-05-30 12:30:27 +02:00
parent e2f21c22d3
commit 6273df6c6d
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
xpath.c
View File

@ -6382,11 +6382,12 @@ xmlXPathNodeValHash(xmlNodePtr node) {
/*
* Skip to next node
*/
if ((tmp->children != NULL) && (tmp->type != XML_DTD_NODE)) {
if (tmp->children->type != XML_ENTITY_DECL) {
tmp = tmp->children;
continue;
}
if ((tmp->children != NULL) &&
(tmp->type != XML_DTD_NODE) &&
(tmp->type != XML_ENTITY_REF_NODE) &&
(tmp->children->type != XML_ENTITY_DECL)) {
tmp = tmp->children;
continue;
}
if (tmp == node)
break;