From 2e63656ec673eae38b15edb42feace6c28605679 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Sun, 7 Jul 2024 19:21:46 +0200 Subject: [PATCH] parser: Check return value of inputPush inputPush typically doesn't fail because we pre-allocate the input table. The return value should be checked nevertheless. --- HTMLparser.c | 24 ++++++++++++++++++++---- catalog.c | 6 +++++- parser.c | 47 ++++++++++++++++++++++++++++++++++++++--------- xinclude.c | 5 ++++- xmlreader.c | 5 ++++- xmlschemas.c | 6 +++++- 6 files changed, 76 insertions(+), 17 deletions(-) diff --git a/HTMLparser.c b/HTMLparser.c index e1c1d5ed..6d5bdd8a 100644 --- a/HTMLparser.c +++ b/HTMLparser.c @@ -5033,7 +5033,11 @@ htmlCreateMemoryParserCtxtInternal(const char *url, return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -5086,7 +5090,11 @@ htmlCreateDocParserCtxt(const xmlChar *str, const char *url, return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -5815,7 +5823,11 @@ htmlCreatePushParserCtxt(htmlSAXHandlerPtr sax, void *user_data, return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } if (encoding != NULL) xmlSwitchEncodingName(ctxt, encoding); @@ -5921,7 +5933,11 @@ htmlCreateFileParserCtxt(const char *filename, const char *encoding) xmlFreeParserCtxt(ctxt); return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } diff --git a/catalog.c b/catalog.c index 006b4aa1..51cd97ba 100644 --- a/catalog.c +++ b/catalog.c @@ -903,7 +903,11 @@ xmlParseCatalogFile(const char *filename) { inputStream->buf = buf; xmlBufResetInput(buf->buffer, inputStream); - inputPush(ctxt, inputStream); + if (inputPush(ctxt, inputStream) < 0) { + xmlFreeInputStream(inputStream); + xmlFreeParserCtxt(ctxt); + return(NULL); + } ctxt->valid = 0; ctxt->validate = 0; diff --git a/parser.c b/parser.c index 2443c393..a26a9b6c 100644 --- a/parser.c +++ b/parser.c @@ -7951,7 +7951,10 @@ xmlLoadEntityContent(xmlParserCtxtPtr ctxt, xmlEntityPtr entity) { xmlBufResetInput(input->buf->buffer, input); - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + goto error; + } xmlDetectEncoding(ctxt); @@ -11698,7 +11701,11 @@ xmlCreatePushParserCtxt(xmlSAXHandlerPtr sax, void *user_data, xmlFreeParserCtxt(ctxt); return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -11752,7 +11759,11 @@ xmlCreateIOParserCtxt(xmlSAXHandlerPtr sax, void *user_data, xmlFreeParserCtxt(ctxt); return (NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -12686,8 +12697,10 @@ xmlCreateEntityParserCtxt(const xmlChar *URL, const xmlChar *ID, if (input == NULL) goto error; - if (inputPush(ctxt, input) < 0) + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); goto error; + } xmlFree(uri); return(ctxt); @@ -12735,7 +12748,11 @@ xmlCreateURLParserCtxt(const char *filename, int options) xmlFreeParserCtxt(ctxt); return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -12915,7 +12932,8 @@ xmlSetupParserForBuffer(xmlParserCtxtPtr ctxt, const xmlChar* buffer, input = xmlNewInputString(ctxt, filename, (const char *) buffer, NULL, 0); if (input == NULL) return; - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) + xmlFreeInputStream(input); } /** @@ -13002,7 +13020,11 @@ xmlCreateMemoryParserCtxt(const char *buffer, int size) { xmlFreeParserCtxt(ctxt); return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -13188,7 +13210,11 @@ xmlCreateDocParserCtxt(const xmlChar *str) { xmlFreeParserCtxt(ctxt); return(NULL); } - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + xmlFreeParserCtxt(ctxt); + return(NULL); + } return(ctxt); } @@ -13407,7 +13433,10 @@ xmlCtxtResetPush(xmlParserCtxtPtr ctxt, const char *chunk, if (input == NULL) return(1); - inputPush(ctxt, input); + if (inputPush(ctxt, input) < 0) { + xmlFreeInputStream(input); + return(1); + } if (encoding != NULL) xmlSwitchEncodingName(ctxt, encoding); diff --git a/xinclude.c b/xinclude.c index c7a0645c..2c0fb646 100644 --- a/xinclude.c +++ b/xinclude.c @@ -351,7 +351,10 @@ xmlXIncludeParseFile(xmlXIncludeCtxtPtr ctxt, const char *URL) { if (inputStream == NULL) goto error; - inputPush(pctxt, inputStream); + if (inputPush(pctxt, inputStream) < 0) { + xmlFreeInputStream(inputStream); + goto error; + } xmlParseDocument(pctxt); diff --git a/xmlreader.c b/xmlreader.c index e132710a..9518d410 100644 --- a/xmlreader.c +++ b/xmlreader.c @@ -4988,7 +4988,10 @@ xmlTextReaderSetup(xmlTextReaderPtr reader, inputStream->buf = buf; xmlBufResetInput(buf->buffer, inputStream); - inputPush(reader->ctxt, inputStream); + if (inputPush(reader->ctxt, inputStream) < 0) { + xmlFreeInputStream(inputStream); + return(-1); + } reader->cur = 0; } } diff --git a/xmlschemas.c b/xmlschemas.c index 143ae2cd..f86e3e4a 100644 --- a/xmlschemas.c +++ b/xmlschemas.c @@ -28806,7 +28806,11 @@ xmlSchemaValidateStream(xmlSchemaValidCtxtPtr ctxt, ret = -1; goto done; } - inputPush(pctxt, inputStream); + if (inputPush(pctxt, inputStream) < 0) { + xmlFreeInputStream(inputStream); + ret = -1; + goto done; + } ctxt->enc = enc;