From 7ca19df892ca22d9314e95d59ce2abdeff46b617 Mon Sep 17 00:00:00 2001 From: Daniel Veillard Date: Thu, 29 Oct 2015 19:33:23 +0800 Subject: [PATCH] Fix for type confusion in preprocessing attributes CVE-2015-7995 http://www.openwall.com/lists/oss-security/2015/10/27/10 We need to check that the parent node is an element before dereferencing its namespace --- libxslt/preproc.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libxslt/preproc.c b/libxslt/preproc.c index 0eb80a0..7f69325 100644 --- a/libxslt/preproc.c +++ b/libxslt/preproc.c @@ -2249,7 +2249,8 @@ xsltStylePreCompute(xsltStylesheetPtr style, xmlNodePtr inst) { } else if (IS_XSLT_NAME(inst, "attribute")) { xmlNodePtr parent = inst->parent; - if ((parent == NULL) || (parent->ns == NULL) || + if ((parent == NULL) || + (parent->type != XML_ELEMENT_NODE) || (parent->ns == NULL) || ((parent->ns != inst->ns) && (!xmlStrEqual(parent->ns->href, inst->ns->href))) || (!xmlStrEqual(parent->name, BAD_CAST "attribute-set"))) { -- 2.6.3 uix/refs/?id=e921993c25626541385f191f0463cad8e5e5c5c7'>refslogtreecommitdiff
path: root/tests/elpa.scm
AgeCommit message (Expand)Author
2018-03-18tests: elpa: Don't actually download files....* tests/elpa.scm (eval-test-with-elpa): Mock 'url-fetch'. Ludovic Courtès
2018-03-18import: elpa: Adjust test for HTTPS URLs....This is a followup to 44dd3d579db3aa467e41d0b431029e46cae8e12d. * tests/elpa.scm (eval-test-with-elpa): Use https. Ludovic Courtès
2016-04-03build: Add a Guile custom test driver using SRFI-64....Before that '.log' files for scheme tests were fragmented and not included in test-suite.log. This unifies the semantics of SRFI-64 API with Automake test suite. * build-aux/test-driver.scm: New file. * Makefile.am (SCM_LOG_DRIVER, AM_SCM_LOG_DRIVER_FLAGS): New variables. (SCM_LOG_COMPILER, AM_SCM_LOG_FLAGS): Delete variables. (AM_TESTS_ENVIRONMENT): Set GUILE_AUTO_COMPILE to 0. * test-env.in: Silence guix-daemon. * doc/guix.texi (Running the Test Suite): Describe how to display the detailed results. Bug reports require only 'test-suite.log' file. * tests/base32.scm, tests/build-utils.scm, tests/builders.scm, tests/challenge.scm, tests/cpan.scm, tests/cpio.scm, tests/cran.scm, tests/cve.scm, tests/derivations.scm, tests/elpa.scm, tests/file-systems.scm, tests/gem.scm, tests/gexp.scm, tests/gnu-maintenance.scm, tests/grafts.scm, tests/graph.scm, tests/gremlin.scm, tests/hackage.scm, tests/hash.scm, tests/import-utils.scm, tests/lint.scm, tests/monads.scm, tests/nar.scm, tests/packages.scm, tests/pk-crypto.scm, tests/pki.scm, tests/profiles.scm, tests/publish.scm, tests/pypi.scm, tests/records.scm, tests/scripts-build.scm, tests/scripts.scm, tests/services.scm, tests/sets.scm, tests/size.scm, tests/snix.scm, tests/store.scm, tests/substitute.scm, tests/syscalls.scm, tests/system.scm, tests/ui.scm, tests/union.scm, tests/upstream.scm, tests/utils.scm: Don't exit at the end of test groups. * tests/containers.scm: Likewise. Use 'test-skip' instead of exiting with error code 77. Mathieu Lirzin