diff options
| author | Nick Wellnhofer <wellnhofer@aevum.de> | 2023-01-22 11:28:46 +0100 |
|---|---|---|
| committer | Nick Wellnhofer <wellnhofer@aevum.de> | 2023-01-24 11:32:15 +0100 |
| commit | b3b53dcce479a825fd34095744028711e9bd741a (patch) | |
| tree | 9fb899dd7486ae5791ece55d621935537e6ffd85 /SAX2.c | |
| parent | 33d4a0fe4068c101a0fcbc968dae509db1d94322 (diff) | |
| download | libxml2-b3b53dcce479a825fd34095744028711e9bd741a.tar.gz | |
malloc-fail: Fix null deref in xmlSAX2Text
Found with libFuzzer, see #344.
Diffstat (limited to 'SAX2.c')
| -rw-r--r-- | SAX2.c | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -2655,7 +2655,8 @@ xmlSAX2Text(xmlParserCtxtPtr ctxt, const xmlChar *ch, int len, /* Mixed content, first time */ if (type == XML_TEXT_NODE) { lastChild = xmlSAX2TextNode(ctxt, ch, len); - lastChild->doc = ctxt->myDoc; + if (lastChild != NULL) + lastChild->doc = ctxt->myDoc; } else lastChild = xmlNewCDataBlock(ctxt->myDoc, ch, len); if (lastChild != NULL) { |