From 6548ba11b8a0da9d2b052774f9aa068ab5f5929c Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Fri, 13 Dec 2024 16:37:40 +0100 Subject: [PATCH] parser: Fix argument checks in xmlCtxtParse* - Raise invalid argument error. - Free input stream if ctxt is NULL. --- HTMLparser.c | 40 ++++++++++++++++++++++++++----------- parser.c | 56 ++++++++++++++++++++++++++++++++++++++-------------- 2 files changed, 70 insertions(+), 26 deletions(-) diff --git a/HTMLparser.c b/HTMLparser.c index 59c01162..43c5bee3 100644 --- a/HTMLparser.c +++ b/HTMLparser.c @@ -5887,8 +5887,11 @@ htmlCtxtParseDocument(htmlParserCtxtPtr ctxt, xmlParserInputPtr input) { htmlDocPtr ret; - if ((ctxt == NULL) || (input == NULL)) + if ((ctxt == NULL) || (input == NULL)) { + xmlFatalErr(ctxt, XML_ERR_ARGUMENT, NULL); + xmlFreeInputStream(input); return(NULL); + } /* assert(ctxt->inputNr == 0); */ while (ctxt->inputNr > 0) @@ -5937,7 +5940,7 @@ htmlReadDoc(const xmlChar *str, const char *url, const char *encoding, { htmlParserCtxtPtr ctxt; xmlParserInputPtr input; - htmlDocPtr doc; + htmlDocPtr doc = NULL; ctxt = htmlNewParserCtxt(); if (ctxt == NULL) @@ -5948,7 +5951,8 @@ htmlReadDoc(const xmlChar *str, const char *url, const char *encoding, input = xmlCtxtNewInputFromString(ctxt, url, (const char *) str, encoding, XML_INPUT_BUF_STATIC); - doc = htmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = htmlCtxtParseDocument(ctxt, input); htmlFreeParserCtxt(ctxt); return(doc); @@ -5972,7 +5976,7 @@ htmlReadFile(const char *filename, const char *encoding, int options) { htmlParserCtxtPtr ctxt; xmlParserInputPtr input; - htmlDocPtr doc; + htmlDocPtr doc = NULL; ctxt = htmlNewParserCtxt(); if (ctxt == NULL) @@ -5982,7 +5986,8 @@ htmlReadFile(const char *filename, const char *encoding, int options) input = xmlCtxtNewInputFromUrl(ctxt, filename, NULL, encoding, 0); - doc = htmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = htmlCtxtParseDocument(ctxt, input); htmlFreeParserCtxt(ctxt); return(doc); @@ -6009,7 +6014,7 @@ htmlReadMemory(const char *buffer, int size, const char *url, { htmlParserCtxtPtr ctxt; xmlParserInputPtr input; - htmlDocPtr doc; + htmlDocPtr doc = NULL; if (size < 0) return(NULL); @@ -6023,7 +6028,8 @@ htmlReadMemory(const char *buffer, int size, const char *url, input = xmlCtxtNewInputFromMemory(ctxt, url, buffer, size, encoding, XML_INPUT_BUF_STATIC); - doc = htmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = htmlCtxtParseDocument(ctxt, input); htmlFreeParserCtxt(ctxt); return(doc); @@ -6051,7 +6057,7 @@ htmlReadFd(int fd, const char *url, const char *encoding, int options) { htmlParserCtxtPtr ctxt; xmlParserInputPtr input; - htmlDocPtr doc; + htmlDocPtr doc = NULL; ctxt = htmlNewParserCtxt(); if (ctxt == NULL) @@ -6061,7 +6067,8 @@ htmlReadFd(int fd, const char *url, const char *encoding, int options) input = xmlCtxtNewInputFromFd(ctxt, url, fd, encoding, 0); - doc = htmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = htmlCtxtParseDocument(ctxt, input); htmlFreeParserCtxt(ctxt); return(doc); @@ -6089,7 +6096,7 @@ htmlReadIO(xmlInputReadCallback ioread, xmlInputCloseCallback ioclose, { htmlParserCtxtPtr ctxt; xmlParserInputPtr input; - htmlDocPtr doc; + htmlDocPtr doc = NULL; ctxt = htmlNewParserCtxt(); if (ctxt == NULL) @@ -6100,7 +6107,8 @@ htmlReadIO(xmlInputReadCallback ioread, xmlInputCloseCallback ioclose, input = xmlCtxtNewInputFromIO(ctxt, url, ioread, ioclose, ioctx, encoding, 0); - doc = htmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = htmlCtxtParseDocument(ctxt, input); htmlFreeParserCtxt(ctxt); return(doc); @@ -6134,6 +6142,8 @@ htmlCtxtReadDoc(htmlParserCtxtPtr ctxt, const xmlChar *str, input = xmlCtxtNewInputFromString(ctxt, URL, (const char *) str, encoding, 0); + if (input == NULL) + return(NULL); return(htmlCtxtParseDocument(ctxt, input)); } @@ -6165,6 +6175,8 @@ htmlCtxtReadFile(htmlParserCtxtPtr ctxt, const char *filename, htmlCtxtUseOptions(ctxt, options); input = xmlCtxtNewInputFromUrl(ctxt, filename, NULL, encoding, 0); + if (input == NULL) + return(NULL); return(htmlCtxtParseDocument(ctxt, input)); } @@ -6199,6 +6211,8 @@ htmlCtxtReadMemory(htmlParserCtxtPtr ctxt, const char *buffer, int size, input = xmlCtxtNewInputFromMemory(ctxt, URL, buffer, size, encoding, XML_INPUT_BUF_STATIC); + if (input == NULL) + return(NULL); return(htmlCtxtParseDocument(ctxt, input)); } @@ -6233,6 +6247,8 @@ htmlCtxtReadFd(htmlParserCtxtPtr ctxt, int fd, htmlCtxtUseOptions(ctxt, options); input = xmlCtxtNewInputFromFd(ctxt, URL, fd, encoding, 0); + if (input == NULL) + return(NULL); return(htmlCtxtParseDocument(ctxt, input)); } @@ -6269,6 +6285,8 @@ htmlCtxtReadIO(htmlParserCtxtPtr ctxt, xmlInputReadCallback ioread, input = xmlCtxtNewInputFromIO(ctxt, URL, ioread, ioclose, ioctx, encoding, 0); + if (input == NULL) + return(NULL); return(htmlCtxtParseDocument(ctxt, input)); } diff --git a/parser.c b/parser.c index bc92df10..dbf17964 100644 --- a/parser.c +++ b/parser.c @@ -11780,6 +11780,12 @@ xmlCtxtParseDtd(xmlParserCtxtPtr ctxt, xmlParserInputPtr input, const xmlChar *publicId, const xmlChar *systemId) { xmlDtdPtr ret = NULL; + if ((ctxt == NULL) || (input == NULL)) { + xmlFatalErr(ctxt, XML_ERR_ARGUMENT, NULL); + xmlFreeInputStream(input); + return(NULL); + } + if (xmlCtxtPushInput(ctxt, input) < 0) { xmlFreeInputStream(input); return(NULL); @@ -12808,7 +12814,7 @@ xmlCreateFileParserCtxt(const char *filename) xmlDocPtr xmlSAXParseFileWithData(xmlSAXHandlerPtr sax, const char *filename, int recovery, void *data) { - xmlDocPtr ret; + xmlDocPtr ret = NULL; xmlParserCtxtPtr ctxt; xmlParserInputPtr input; @@ -12829,7 +12835,8 @@ xmlSAXParseFileWithData(xmlSAXHandlerPtr sax, const char *filename, else input = xmlCtxtNewInputFromUrl(ctxt, filename, NULL, NULL, 0); - ret = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + ret = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(ret); @@ -13063,7 +13070,7 @@ xmlCreateMemoryParserCtxt(const char *buffer, int size) { xmlDocPtr xmlSAXParseMemoryWithData(xmlSAXHandlerPtr sax, const char *buffer, int size, int recovery, void *data) { - xmlDocPtr ret; + xmlDocPtr ret = NULL; xmlParserCtxtPtr ctxt; xmlParserInputPtr input; @@ -13085,7 +13092,8 @@ xmlSAXParseMemoryWithData(xmlSAXHandlerPtr sax, const char *buffer, input = xmlCtxtNewInputFromMemory(ctxt, NULL, buffer, size, NULL, XML_INPUT_BUF_STATIC); - ret = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + ret = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(ret); @@ -13824,8 +13832,11 @@ xmlCtxtParseDocument(xmlParserCtxtPtr ctxt, xmlParserInputPtr input) { xmlDocPtr ret = NULL; - if ((ctxt == NULL) || (input == NULL)) + if ((ctxt == NULL) || (input == NULL)) { + xmlFatalErr(ctxt, XML_ERR_ARGUMENT, NULL); + xmlFreeInputStream(input); return(NULL); + } /* assert(ctxt->inputNr == 0); */ while (ctxt->inputNr > 0) @@ -13877,7 +13888,7 @@ xmlReadDoc(const xmlChar *cur, const char *URL, const char *encoding, { xmlParserCtxtPtr ctxt; xmlParserInputPtr input; - xmlDocPtr doc; + xmlDocPtr doc = NULL; ctxt = xmlNewParserCtxt(); if (ctxt == NULL) @@ -13888,7 +13899,8 @@ xmlReadDoc(const xmlChar *cur, const char *URL, const char *encoding, input = xmlCtxtNewInputFromString(ctxt, URL, (const char *) cur, encoding, XML_INPUT_BUF_STATIC); - doc = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(doc); @@ -13912,7 +13924,7 @@ xmlReadFile(const char *filename, const char *encoding, int options) { xmlParserCtxtPtr ctxt; xmlParserInputPtr input; - xmlDocPtr doc; + xmlDocPtr doc = NULL; ctxt = xmlNewParserCtxt(); if (ctxt == NULL) @@ -13931,7 +13943,8 @@ xmlReadFile(const char *filename, const char *encoding, int options) else input = xmlCtxtNewInputFromUrl(ctxt, filename, NULL, encoding, 0); - doc = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(doc); @@ -13958,7 +13971,7 @@ xmlReadMemory(const char *buffer, int size, const char *url, { xmlParserCtxtPtr ctxt; xmlParserInputPtr input; - xmlDocPtr doc; + xmlDocPtr doc = NULL; if (size < 0) return(NULL); @@ -13972,7 +13985,8 @@ xmlReadMemory(const char *buffer, int size, const char *url, input = xmlCtxtNewInputFromMemory(ctxt, url, buffer, size, encoding, XML_INPUT_BUF_STATIC); - doc = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(doc); @@ -13999,7 +14013,7 @@ xmlReadFd(int fd, const char *URL, const char *encoding, int options) { xmlParserCtxtPtr ctxt; xmlParserInputPtr input; - xmlDocPtr doc; + xmlDocPtr doc = NULL; ctxt = xmlNewParserCtxt(); if (ctxt == NULL) @@ -14009,7 +14023,8 @@ xmlReadFd(int fd, const char *URL, const char *encoding, int options) input = xmlCtxtNewInputFromFd(ctxt, URL, fd, encoding, 0); - doc = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(doc); @@ -14036,7 +14051,7 @@ xmlReadIO(xmlInputReadCallback ioread, xmlInputCloseCallback ioclose, { xmlParserCtxtPtr ctxt; xmlParserInputPtr input; - xmlDocPtr doc; + xmlDocPtr doc = NULL; ctxt = xmlNewParserCtxt(); if (ctxt == NULL) @@ -14047,7 +14062,8 @@ xmlReadIO(xmlInputReadCallback ioread, xmlInputCloseCallback ioclose, input = xmlCtxtNewInputFromIO(ctxt, URL, ioread, ioclose, ioctx, encoding, 0); - doc = xmlCtxtParseDocument(ctxt, input); + if (input != NULL) + doc = xmlCtxtParseDocument(ctxt, input); xmlFreeParserCtxt(ctxt); return(doc); @@ -14084,6 +14100,8 @@ xmlCtxtReadDoc(xmlParserCtxtPtr ctxt, const xmlChar *str, input = xmlCtxtNewInputFromString(ctxt, URL, (const char *) str, encoding, XML_INPUT_BUF_STATIC); + if (input == NULL) + return(NULL); return(xmlCtxtParseDocument(ctxt, input)); } @@ -14113,6 +14131,8 @@ xmlCtxtReadFile(xmlParserCtxtPtr ctxt, const char *filename, xmlCtxtUseOptions(ctxt, options); input = xmlCtxtNewInputFromUrl(ctxt, filename, NULL, encoding, 0); + if (input == NULL) + return(NULL); return(xmlCtxtParseDocument(ctxt, input)); } @@ -14150,6 +14170,8 @@ xmlCtxtReadMemory(xmlParserCtxtPtr ctxt, const char *buffer, int size, input = xmlCtxtNewInputFromMemory(ctxt, URL, buffer, size, encoding, XML_INPUT_BUF_STATIC); + if (input == NULL) + return(NULL); return(xmlCtxtParseDocument(ctxt, input)); } @@ -14187,6 +14209,8 @@ xmlCtxtReadFd(xmlParserCtxtPtr ctxt, int fd, xmlCtxtUseOptions(ctxt, options); input = xmlCtxtNewInputFromFd(ctxt, URL, fd, encoding, 0); + if (input == NULL) + return(NULL); return(xmlCtxtParseDocument(ctxt, input)); } @@ -14227,6 +14251,8 @@ xmlCtxtReadIO(xmlParserCtxtPtr ctxt, xmlInputReadCallback ioread, input = xmlCtxtNewInputFromIO(ctxt, URL, ioread, ioclose, ioctx, encoding, 0); + if (input == NULL) + return(NULL); return(xmlCtxtParseDocument(ctxt, input)); }