We have some news to share for the request index beta feature. We’ve added more options to sort your requests, counters to the individual filters and documentation for the search functionality. Checkout the blog post for more details.

Overview

File libxml2-CVE-2025-9714-4.patch of Package libxml2.42447

From 012f8e92847a4e5ff684e7bd8e81a0b1ad104e32 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Sat, 20 Apr 2019 17:01:19 +0200
Subject: [PATCH] Limit recursion depth in xmlXPathOptimizeExpression

---
 xpath.c | 33 +++++++++++++++++++++++++--------
 1 file changed, 25 insertions(+), 8 deletions(-)

Index: libxml2-2.9.7/xpath.c
===================================================================
--- libxml2-2.9.7.orig/xpath.c
+++ libxml2-2.9.7/xpath.c
@@ -14901,8 +14901,12 @@ xmlXPathTryStreamCompile(xmlXPathContext
 #endif /* XPATH_STREAMING */
 
 static void
-xmlXPathOptimizeExpression(xmlXPathCompExprPtr comp, xmlXPathStepOpPtr op)
+xmlXPathOptimizeExpression(xmlXPathParserContextPtr pctxt,
+                           xmlXPathStepOpPtr op)
 {
+    xmlXPathCompExprPtr comp = pctxt->comp;
+    xmlXPathContextPtr ctxt;
+
     /*
     * Try to rewrite "descendant-or-self::node()/foo" to an optimized
     * internal representation.
@@ -14958,10 +14962,18 @@ xmlXPathOptimizeExpression(xmlXPathCompE
         return;
 
     /* Recurse */
+    ctxt = pctxt->context;
+    if (ctxt != NULL) {
+        if (ctxt->depth >= ctxt->maxDepth)
+            return;
+        ctxt->depth += 1;
+    }
     if (op->ch1 != -1)
-        xmlXPathOptimizeExpression(comp, &comp->steps[op->ch1]);
+        xmlXPathOptimizeExpression(pctxt, &comp->steps[op->ch1]);
     if (op->ch2 != -1)
-	xmlXPathOptimizeExpression(comp, &comp->steps[op->ch2]);
+	xmlXPathOptimizeExpression(pctxt, &comp->steps[op->ch2]);
+    if (ctxt != NULL)
+        ctxt->depth -= 1;
 }
 
 /**
@@ -15011,6 +15023,11 @@ xmlXPathCtxtCompile(xmlXPathContextPtr c
 	comp = NULL;
     } else {
 	comp = pctxt->comp;
+	if ((comp->nbStep > 1) && (comp->last >= 0)) {
+            if (ctxt != NULL)
+                ctxt->depth = 0;
+	    xmlXPathOptimizeExpression(pctxt, &comp->steps[comp->last]);
+	}
 	pctxt->comp = NULL;
     }
     xmlXPathFreeParserContext(pctxt);
@@ -15021,9 +15038,6 @@ xmlXPathCtxtCompile(xmlXPathContextPtr c
 	comp->string = xmlStrdup(str);
 	comp->nb = 0;
 #endif
-	if ((comp->nbStep > 1) && (comp->last >= 0)) {
-	    xmlXPathOptimizeExpression(comp, &comp->steps[comp->last]);
-	}
     }
     return(comp);
 }
@@ -15189,9 +15203,12 @@ xmlXPathEvalExpr(xmlXPathParserContextPt
         if (*ctxt->cur != 0)
             XP_ERROR(XPATH_EXPR_ERROR);
 
-	if ((ctxt->comp->nbStep > 1) && (ctxt->comp->last >= 0))
-	    xmlXPathOptimizeExpression(ctxt->comp,
+	if ((ctxt->comp->nbStep > 1) && (ctxt->comp->last >= 0)) {
+            if (ctxt->context != NULL)
+                ctxt->context->depth = 0;
+	    xmlXPathOptimizeExpression(ctxt,
 		&ctxt->comp->steps[ctxt->comp->last]);
+        }
     }
 
     xmlXPathRunEval(ctxt, 0);
openSUSE Build Service is sponsored by
Places