File libxml2-CVE-2026-1757.patch of Package libxml2

From 160c8a43ba37dfb07ebe6446fbad9d0973d9279d Mon Sep 17 00:00:00 2001
From: Daniel Garcia Moreno <daniel.garcia@suse.com>
Date: Thu, 23 Oct 2025 07:41:19 +0200
Subject: [PATCH] shell: free cmdline before continue

This patch frees the cmdline when it's not empty but it doesn't contain
any actual character.

If the cmdline is just whitespaces or \r and \n, the loop continues
without freeing the cmdline string, so it's a leak.

Fix https://gitlab.gnome.org/GNOME/libxml2/-/issues/1009
---
 shell.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Index: libxml2-2.14.5/shell.c
===================================================================
--- libxml2-2.14.5.orig/shell.c
+++ libxml2-2.14.5/shell.c
@@ -1176,8 +1176,11 @@ xmllintShell(xmlDocPtr doc, const char *
             command[i++] = *cur++;
         }
         command[i] = 0;
-        if (i == 0)
+        if (i == 0) {
+            free(cmdline);
+            cmdline = NULL;
             continue;
+        }
 
         /*
          * Parse the argument
Places

File libxml2-CVE-2026-1757.patch of Package libxml2

Places
