Daniel Garcia
3f2db54b5c
security update OBS-URL: https://build.opensuse.org/request/show/1330962 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libxml2?expand=0&rev=258
34 lines
1.0 KiB
Diff
34 lines
1.0 KiB
Diff
From 160c8a43ba37dfb07ebe6446fbad9d0973d9279d Mon Sep 17 00:00:00 2001
|
|
From: Daniel Garcia Moreno <daniel.garcia@suse.com>
|
|
Date: Thu, 23 Oct 2025 07:41:19 +0200
|
|
Subject: [PATCH] shell: free cmdline before continue
|
|
|
|
This patch frees the cmdline when it's not empty but it doesn't contain
|
|
any actual character.
|
|
|
|
If the cmdline is just whitespaces or \r and \n, the loop continues
|
|
without freeing the cmdline string, so it's a leak.
|
|
|
|
Fix https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009
|
|
---
|
|
shell.c | 5 ++++-
|
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
|
Index: libxml2-2.14.5/shell.c
|
|
===================================================================
|
|
--- libxml2-2.14.5.orig/shell.c
|
|
+++ libxml2-2.14.5/shell.c
|
|
@@ -1176,8 +1176,11 @@ xmllintShell(xmlDocPtr doc, const char *
|
|
command[i++] = *cur++;
|
|
}
|
|
command[i] = 0;
|
|
- if (i == 0)
|
|
+ if (i == 0) {
|
|
+ free(cmdline);
|
|
+ cmdline = NULL;
|
|
continue;
|
|
+ }
|
|
|
|
/*
|
|
* Parse the argument
|