archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix GH-17223: Memory leak in libxml encoding handling

Browse source 
This was a bug in both libxml and PHP.
We follow up with the same change as done in GNOME/libxml@b3871dd138.

Changing away from `xmlOutputBufferCreateFilenameDefault` is not
possible yet because this is a stable branch and would break BC.

Closes GH-17254.
This commit is contained in:
Niels Dossche 2024-12-24 14:07:53 +01:00
parent 99a14b805e
commit 7be950f3f6
No known key found for this signature in database
GPG key ID: B8A8AD166DF0E2E5
3 changed files with 23 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

11
ext/libxml/libxml.c
View file

@ -590,11 +590,11 @@ php_libxml_output_buffer_create_filename(const char *URI,
char *unescaped = NULL;
if (URI == NULL)
return(NULL);
goto err;
if (strstr(URI, "%00")) {
php_error_docref(NULL, E_WARNING, "URI must not contain percent-encoded NUL bytes");
return NULL;
goto err;
}
puri = xmlParseURI(URI);
@ -615,7 +615,7 @@ php_libxml_output_buffer_create_filename(const char *URI,
}
if (context == NULL) {
return(NULL);
goto err;
}
/* Allocate the Output buffer front-end. */
@ -627,6 +627,11 @@ php_libxml_output_buffer_create_filename(const char *URI,
}
return(ret);
err:
/* Similarly to __xmlOutputBufferCreateFilename we should also close the encoder on failure. */
xmlCharEncCloseFunc(encoder);
return NULL;
}
static void _php_libxml_free_error(void *ptr)