On 12/01/2021 10:42, zhuyan (M) wrote:
In the function xmlRegStatePush, if xmlMalloc or xmlRealloc fails,
Yes, there are many issues that arise from poor handling of malloc failures.
Fortunately, similar issues can be found quite effectively by changing the
fuzzers to inject malloc failures.
In the function xmlRegStatePush, if xmlMalloc or xmlRealloc fails, the
parameter to will not be added to ctxt->states and will not be managed. If
xmlRegStatePush does not determine the return value, the input parameter to
will not be released.
Signed-off-by: Qing Wu
Signed-off-by: Yan Zhu
-