| libxml2: Patch for CVE-2018-14404 |
| |
| See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817 for more details. |
| |
| diff --git a/xpath.c b/xpath.c |
| index f440696..87cfda2 100644 |
| --- a/xpath.c |
| +++ b/xpath.c |
| @@ -13297,9 +13297,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) |
| return(0); |
| } |
| xmlXPathBooleanFunction(ctxt, 1); |
| - arg1 = valuePop(ctxt); |
| - arg1->boolval &= arg2->boolval; |
| - valuePush(ctxt, arg1); |
| + if (ctxt->value != NULL) |
| + ctxt->value->boolval &= arg2->boolval; |
| xmlXPathReleaseObject(ctxt->context, arg2); |
| return (total); |
| case XPATH_OP_OR: |
| @@ -13323,9 +13322,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op) |
| return(0); |
| } |
| xmlXPathBooleanFunction(ctxt, 1); |
| - arg1 = valuePop(ctxt); |
| - arg1->boolval |= arg2->boolval; |
| - valuePush(ctxt, arg1); |
| + if (ctxt->value != NULL) |
| + ctxt->value->boolval |= arg2->boolval; |
| xmlXPathReleaseObject(ctxt->context, arg2); |
| return (total); |
| case XPATH_OP_EQUAL: |