lib/libxslt
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxslt synced 2025-11-08 11:02:18 +03:00
Code Activity
Files
33cd5e56328ab29ef1fd939c4632915e834bb7af
libxslt/libxslt
History
Nick Wellnhofer c7c7f1f78d [CVE-2025-24855] Fix use-after-free of XPath context node 
There are several places where the XPath context node isn't restored
after modifying it, leading to use-after-free errors with nested XPath
evaluations and dynamically allocated context nodes.

Restore XPath context node in

- xsltNumberFormatGetValue
- xsltEvalXPathPredicate
- xsltEvalXPathStringNs
- xsltComputeSortResultInternal

In some places, the transformation context node was saved and restored
which shouldn't be necessary.

Thanks to Ivan Fratric for the report!

Fixes #128.
2025-03-12 18:15:01 +01:00
..
attributes.c
malloc-fail: Fix memory leak in xsltResolveSASCallback
2023-02-26 16:55:37 +01:00
attributes.h
attributes.h needs to include xsltInternals.h
2023-04-16 10:55:39 +00:00
attrvt.c
malloc-fail: Fix use-after-free in xsltCompileAttr
2023-03-27 20:25:02 +02:00
documents.c
documents: Use xmlCtxtParseDocument if available
2024-11-17 20:46:40 +01:00
documents.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
extensions.c
extensions: always include stdlib.h
2025-02-27 16:39:41 +01:00
extensions.h
Update links
2022-02-14 22:31:18 +01:00
extra.c
Don't check for standard C89 headers
2022-03-31 01:50:51 +02:00
extra.h
Fix transform callback signatures
2017-11-29 17:33:21 +01:00
functions.c
functions: Fix unitialized variable warning
2024-07-04 17:49:25 +02:00
functions.h
Fix XPath callback signatures
2017-11-29 16:52:13 +01:00
imports.c
build: Add more missing includes
2023-09-21 16:40:57 +02:00
imports.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
keys.c
malloc-fail: Fix memory leak in xsltInitCtxtKey
2023-02-26 16:55:37 +01:00
keys.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
libxslt.3
Update links
2022-02-14 22:31:18 +01:00
libxslt.h
libxslt: Set _FILE_OFFSET_BITS to 64
2024-06-16 16:09:51 +02:00
libxslt.syms
Stop updating version script
2023-05-06 16:30:21 +02:00
Makefile.am
build: Disable plugins by default
2024-07-23 02:54:29 +02:00
namespaces.c
Don't check for standard C89 headers
2022-03-31 01:50:51 +02:00
namespaces.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
numbers.c
[CVE-2025-24855] Fix use-after-free of XPath context node
2025-03-12 18:15:01 +01:00
numbersInternals.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
pattern.c
Stop using xmlStringCurrentChar
2023-05-06 16:33:11 +02:00
pattern.h
Fix performance regression with xsl:number
2019-06-19 14:15:02 +02:00
preproc.c
xsltlocale: Make API platform-independent
2023-01-09 18:34:29 +01:00
preproc.h
Fix export of xsltExtMarker on Windows
2020-02-11 11:02:00 +01:00
security.c
transform: Handle filesystem paths after libxml2 changes
2024-07-01 13:21:14 +02:00
security.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
templates.c
[CVE-2025-24855] Fix use-after-free of XPath context node
2025-03-12 18:15:01 +01:00
templates.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
transform.c
transform: Check maximum depth when processing default templates
2023-11-06 17:51:49 +01:00
transform.h
Fix transform callback signatures
2017-11-29 17:33:21 +01:00
trio.h
Fixes bug #110023 reported by Mark Vakoc and other places where
2003-04-07 12:41:56 +00:00
triodef.h
fixed a problem in the generator where the way functions are remapped as
2003-04-26 12:06:36 +00:00
variables.c
variables: Remove debug code
2024-12-21 22:58:58 +01:00
variables.h
Store RVT ownership in 'compression' member
2022-08-31 18:03:50 +02:00
win32config.h
extensions: Don't use libxml2's "modules" feature
2024-07-23 02:08:32 +02:00
xslt.c
[CVE-2024-55549] Fix UAF related to excluded namespaces
2025-03-12 18:14:05 +01:00
xslt.h
Big space and tabs cleanup
2012-09-12 14:07:24 +08:00
xsltconfig.h.in
include: Don't define ATTRIBUTE_UNUSED in public header
2024-06-15 19:15:33 +02:00
xsltexports.h
Simplify xsltexports.h and exsltexports.h
2022-07-29 01:28:06 +02:00
xsltInternals.h
fuzz: Operation limit for stylesheet parser
2024-03-18 13:20:18 +01:00
xsltlocale.c
locale: Work around issue with FreeBSD's strxfrm_l
2024-06-21 22:58:39 +02:00
xsltlocale.h
Add extern "C" { } block to xsltlocale.h
2023-05-11 20:43:41 -07:00
xsltutils.c
[CVE-2025-24855] Fix use-after-free of XPath context node
2025-03-12 18:15:01 +01:00
xsltutils.h
Stop using xmlStringCurrentChar
2023-05-06 16:33:11 +02:00