Overview

File libxml2-CVE-2025-9714-5.patch of Package libxml2.41582

From 14ed63b7d09fce1a78f925e0a1d668c12e011fec Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Wed, 8 May 2019 12:00:51 +0200
Subject: [PATCH] Limit recursion depth in xmlXPathCompOpEvalPredicate

---
 xpath.c | 4 ++++
 1 file changed, 4 insertions(+)

Index: libxml2-2.9.7/xpath.c
===================================================================
--- libxml2-2.9.7.orig/xpath.c
+++ libxml2-2.9.7/xpath.c
@@ -11755,8 +11755,12 @@ xmlXPathCompOpEvalPredicate(xmlXPathPars
 	    * TODO: raise an internal error.
 	    */
 	}
+        if (ctxt->context->depth >= ctxt->context->maxDepth)
+            XP_ERROR(XPATH_RECURSION_LIMIT_EXCEEDED);
+        ctxt->context->depth += 1;
 	contextSize = xmlXPathCompOpEvalPredicate(ctxt,
 	    &comp->steps[op->ch1], set, contextSize, hasNsNodes);
+        ctxt->context->depth -= 1;
 	CHECK_ERROR0;
 	if (contextSize <= 0)
 	    return(0);
openSUSE Build Service is sponsored by
Places