lib/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-10-26 00:37:43 +03:00
Code Activity

Fix memory leak in xmlParseElementMixedContentDecl

Browse Source 
Free parsed content if malloc fails to avoid a memory leak.

Found with libFuzzer.
This commit is contained in:
Nick Wellnhofer
2020-12-18 12:14:52 +01:00
parent 1d73f07d67
commit 45da175c14
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
parser.c
View File

@@ -6082,14 +6082,20 @@ xmlParseElementMixedContentDecl(xmlParserCtxtPtr ctxt, int inputchk) {
NEXT; NEXT;
if (elem == NULL) { if (elem == NULL) {
ret = xmlNewDocElementContent(ctxt->myDoc, NULL, XML_ELEMENT_CONTENT_OR); ret = xmlNewDocElementContent(ctxt->myDoc, NULL, XML_ELEMENT_CONTENT_OR);
if (ret == NULL) return(NULL); if (ret == NULL) {
xmlFreeDocElementContent(ctxt->myDoc, cur);
return(NULL);
}
ret->c1 = cur; ret->c1 = cur;
if (cur != NULL) if (cur != NULL)
cur->parent = ret; cur->parent = ret;
cur = ret; cur = ret;
} else { } else {
n = xmlNewDocElementContent(ctxt->myDoc, NULL, XML_ELEMENT_CONTENT_OR); n = xmlNewDocElementContent(ctxt->myDoc, NULL, XML_ELEMENT_CONTENT_OR);
if (n == NULL) return(NULL); if (n == NULL) {
xmlFreeDocElementContent(ctxt->myDoc, ret);
return(NULL);
}
n->c1 = xmlNewDocElementContent(ctxt->myDoc, elem, XML_ELEMENT_CONTENT_ELEMENT); n->c1 = xmlNewDocElementContent(ctxt->myDoc, elem, XML_ELEMENT_CONTENT_ELEMENT);
if (n->c1 != NULL) if (n->c1 != NULL)
n->c1->parent = n; n->c1->parent = n;