Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CVE-2022-43680] Fix overeager DTD destruction (fixes #649) #650

Merged
merged 3 commits into from Oct 24, 2022
Merged

[CVE-2022-43680] Fix overeager DTD destruction (fixes #649) #650

merged 3 commits into from Oct 24, 2022
+62 −0

Conversation

hartwork
Copy link
Member

Fixes #649

Alternative patch + reproducer test case

@hartwork hartwork added the bug label Sep 21, 2022
@hartwork hartwork added this to the 2.5.0 milestone Sep 21, 2022
@hartwork hartwork changed the title Fix overeager DTD destruction (fixes #649) [W.I.P.] Fix overeager DTD destruction (fixes #649) Sep 21, 2022
@hartwork hartwork force-pushed the issue-649-fix-overeager-dtd-destruction branch from 8b252a4 to 912af44 Compare September 21, 2022 01:55
@hartwork hartwork changed the title [W.I.P.] Fix overeager DTD destruction (fixes #649) Fix overeager DTD destruction (fixes #649) Sep 21, 2022
@hartwork hartwork mentioned this pull request Sep 21, 2022
Closed
@hartwork hartwork force-pushed the issue-649-fix-overeager-dtd-destruction branch from 912af44 to 36f9ffb Compare October 7, 2022 17:30
@hartwork
Copy link
Member Author

hartwork commented Oct 7, 2022

Related: #616 (comment)

@RMJ10
Copy link
Contributor

RMJ10 commented Oct 17, 2022

Review time:

A short and neat fix, I like it! I can't find any other places in the code where there might be a similar problem due to parser->m_isParamEntity being False, so this should do the job nicely.

@hartwork
Copy link
Member Author

@RMJ10 excellent, thank you!

@hartwork hartwork force-pushed the issue-649-fix-overeager-dtd-destruction branch 2 times, most recently from dcb0deb to 0648f8a Compare October 19, 2022 17:23
@hartwork hartwork changed the title Fix overeager DTD destruction (fixes #649) [Use CVE-2022-43680] Fix overeager DTD destruction (fixes #649) Oct 24, 2022
@hartwork hartwork changed the title [Use CVE-2022-43680] Fix overeager DTD destruction (fixes #649) [CVE-2022-43680] Fix overeager DTD destruction (fixes #649) Oct 24, 2022
@hartwork hartwork force-pushed the issue-649-fix-overeager-dtd-destruction branch from 0648f8a to eedc5f6 Compare October 24, 2022 12:59
@hartwork hartwork merged commit 56967f8 into master Oct 24, 2022
@hartwork hartwork deleted the issue-649-fix-overeager-dtd-destruction branch October 24, 2022 14:45
@CamberLoid CamberLoid mentioned this pull request Nov 3, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug security
Projects
None yet
Milestone
2.5.0
Development

Successfully merging this pull request may close these issues.

[CVE-2022-43680] XML_ParserFree may free parser->m_dtd memory in out-of-memory situations when it should not
2 participants
@hartwork @RMJ10