We have some news to share for the request index beta feature. We’ve added more options to sort your requests, counters to the individual filters and documentation for the search functionality. Checkout the blog post for more details.

Overview

File libxml2-CVE-2025-8732.patch of Package libxml2.42447

From 473846e5ff17cfabffca3d21655baadd5585d7c2 Mon Sep 17 00:00:00 2001
From: Nathan <nathan.shain@echohq.com>
Date: Wed, 10 Sep 2025 18:11:50 +0300
Subject: [PATCH] fix: Prevent infinite recursion in xmlCatalogListXMLResolve

---
 catalog.c                      | 29 +++++++++++++++++++++--------
 test/catalogs/recursive.script |  0
 test/catalogs/recursive.sgml   |  1 +
 3 files changed, 22 insertions(+), 8 deletions(-)
 create mode 100644 test/catalogs/recursive.script
 create mode 100644 test/catalogs/recursive.sgml

Index: libxml2-2.9.7/catalog.c
===================================================================
--- libxml2-2.9.7.orig/catalog.c
+++ libxml2-2.9.7/catalog.c
@@ -92,7 +92,7 @@ unsigned long __stdcall GetModuleFileNam
 #endif
 
 static xmlChar *xmlCatalogNormalizePublic(const xmlChar *pubID);
-static int xmlExpandCatalog(xmlCatalogPtr catal, const char *filename);
+static int xmlExpandCatalog(xmlCatalogPtr catal, const char *filename, int depth);
 
 /************************************************************************
  *									*
@@ -2315,6 +2315,7 @@ xmlGetSGMLCatalogEntryType(const xmlChar
  * @file:  the filepath for the catalog
  * @super:  should this be handled as a Super Catalog in which case
  *          parsing is not recursive
+ * @depth:  the current depth of the catalog
  *
  * Parse an SGML catalog content and fill up the @catal hash table with
  * the new entries found.
@@ -2323,13 +2324,19 @@ xmlGetSGMLCatalogEntryType(const xmlChar
  */
 static int
 xmlParseSGMLCatalog(xmlCatalogPtr catal, const xmlChar *value,
-	            const char *file, int super) {
+	            const char *file, int super, int depth) {
     const xmlChar *cur = value;
     xmlChar *base = NULL;
     int res;
 
     if ((cur == NULL) || (file == NULL))
         return(-1);
+
+    /* Check recursion depth */
+    if (depth > MAX_CATAL_DEPTH) {
+        return(-1);
+    }
+
     base = xmlStrdup((const xmlChar *) file);
 
     while ((cur != NULL) && (cur[0] != 0)) {
@@ -2506,7 +2513,7 @@ xmlParseSGMLCatalog(xmlCatalogPtr catal,
 
 		    filename = xmlBuildURI(sysid, base);
 		    if (filename != NULL) {
-			xmlExpandCatalog(catal, (const char *)filename);
+			xmlExpandCatalog(catal, (const char *)filename, depth);
 			xmlFree(filename);
 		    }
 		}
@@ -2656,7 +2663,7 @@ xmlLoadSGMLSuperCatalog(const char *file
 	return(NULL);
     }
 
-    ret = xmlParseSGMLCatalog(catal, content, filename, 1);
+    ret = xmlParseSGMLCatalog(catal, content, filename, 1, 0);
     xmlFree(content);
     if (ret < 0) {
 	xmlFreeCatalog(catal);
@@ -2702,7 +2709,7 @@ xmlLoadACatalog(const char *filename)
 	    xmlFree(content);
 	    return(NULL);
 	}
-        ret = xmlParseSGMLCatalog(catal, content, filename, 0);
+        ret = xmlParseSGMLCatalog(catal, content, filename, 0, 0);
 	if (ret < 0) {
 	    xmlFreeCatalog(catal);
 	    xmlFree(content);
@@ -2725,6 +2732,7 @@ xmlLoadACatalog(const char *filename)
  * xmlExpandCatalog:
  * @catal:  a catalog
  * @filename:  a file path
+ * @depth  the current depth of the catalog
  *
  * Load the catalog and expand the existing catal structure.
  * This can be either an XML Catalog or an SGML Catalog
@@ -2732,13 +2740,17 @@ xmlLoadACatalog(const char *filename)
  * Returns 0 in case of success, -1 in case of error
  */
 static int
-xmlExpandCatalog(xmlCatalogPtr catal, const char *filename)
+xmlExpandCatalog(xmlCatalogPtr catal, const char *filename, int depth)
 {
     int ret;
 
     if ((catal == NULL) || (filename == NULL))
 	return(-1);
 
+    /* Check recursion depth */
+    if (depth > MAX_CATAL_DEPTH) {
+       return(-1);
+    }
 
     if (catal->type == XML_SGML_CATALOG_TYPE) {
 	xmlChar *content;
@@ -2747,7 +2759,7 @@ xmlExpandCatalog(xmlCatalogPtr catal, co
 	if (content == NULL)
 	    return(-1);
 
-        ret = xmlParseSGMLCatalog(catal, content, filename, 0);
+        ret = xmlParseSGMLCatalog(catal, content, filename, 0, depth + 1);
 	if (ret < 0) {
 	    xmlFree(content);
 	    return(-1);
@@ -3217,7 +3229,7 @@ xmlLoadCatalog(const char *filename)
 	return(0);
     }
 
-    ret = xmlExpandCatalog(xmlDefaultCatalog, filename);
+    ret = xmlExpandCatalog(xmlDefaultCatalog, filename, 0);
     xmlRMutexUnlock(xmlCatalogMutex);
     return(ret);
 }
Index: libxml2-2.9.7/test/catalogs/recursive.sgml
===================================================================
--- /dev/null
+++ libxml2-2.9.7/test/catalogs/recursive.sgml
@@ -0,0 +1 @@
+CATALOG recursive.sgml
openSUSE Build Service is sponsored by
Places