fix CVE-2022-49043

backport-CVE-2022-49043-malloc-fail-Fix-use-after-free-in-xmlXIncludeAddNode.patch

@@ -0,0 +1,34 @@
+From 5a19e21605398cef6a8b1452477a8705cb41562b Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 2 Nov 2022 16:13:27 +0100
+Subject: [PATCH] malloc-fail: Fix use-after-free in xmlXIncludeAddNode
+
+Found with libFuzzer, see #344.
+---
+ xinclude.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/xinclude.c b/xinclude.c
+index b9a79d7..67926ec 100644
+--- a/xinclude.c
++++ b/xinclude.c
+@@ -614,14 +614,15 @@ xmlXIncludeAddNode(xmlXIncludeCtxtPtr ctxt, xmlNodePtr cur) {
+     }
+     URL = xmlSaveUri(uri);
+     xmlFreeURI(uri);
+-    xmlFree(URI);
+     if (URL == NULL) {
+ 	xmlXIncludeErr(ctxt, cur, XML_XINCLUDE_HREF_URI,
+ 	               "invalid value URI %s\n", URI);
+ 	if (fragment != NULL)
+ 	    xmlFree(fragment);
++	xmlFree(URI);
+ 	return(-1);
+     }
++    xmlFree(URI);
+ 
+     /*
+      * If local and xml then we need a fragment
+-- 
+2.33.0
+

libxml2.spec

@@ -1,7 +1,7 @@
 Summary: Library providing XML and HTML support
 Name: libxml2
 Version: 2.9.10
-Release: 41
+Release: 42
 License: MIT
 Group: Development/Libraries
 Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
@@ -137,6 +137,7 @@ Patch124:backport-CVE-2023-45322.patch
 Patch125:backport-CVE-2024-25062.patch
 Patch126:backport-CVE-2022-2309.patch
 Patch127:backport-CVE-2024-34459.patch
+Patch128:backport-CVE-2022-49043-malloc-fail-Fix-use-after-free-in-xmlXIncludeAddNode.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-root
 BuildRequires: python2-devel
@@ -328,6 +329,12 @@ rm -fr %{buildroot}
 
 
 %changelog
+* Tue Feb 11 2025 Linux_zhang <zhangruifang@h-partners.com> - 2.9.10-42
+- Type:CVE
+- CVE:CVE-2022-49043
+- SUG:NA
+- DESC:fix CVE-2022-49043
+
 * Tue May 14 2024 cenhuilin <cenhuilin@kylinos.cn> - 2.9.10-41
 - Type:CVE
 - CVE:CVE-2024-34459