From 8902c0c4d71638aa8b1cc18197fae0f72d34d199 Mon Sep 17 00:00:00 2001
From: wangzhe <wanglan.wz@alibaba-inc.com>
Date: Tue, 18 Feb 2025 15:42:15 +0800
Subject: [PATCH] [CVE] fix for CVE-2022-49043

to #18887
fix for CVE-2022-49043
Project: TC2024080204

Signed-off-by: wangzhe <wanglan.wz@alibaba-inc.com>
---
 libxml2-2.9.13-CVE-2022-49043.patch | 34 +++++++++++++++++++++++++++++
 libxml2.spec                        |  7 +++++-
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 libxml2-2.9.13-CVE-2022-49043.patch

diff --git a/libxml2-2.9.13-CVE-2022-49043.patch b/libxml2-2.9.13-CVE-2022-49043.patch
new file mode 100644
index 0000000..e39b0eb
--- /dev/null
+++ b/libxml2-2.9.13-CVE-2022-49043.patch
@@ -0,0 +1,34 @@
+From 6bb146a3ea24a9bacfad6fe67268f0404af37d9c Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Wed, 2 Nov 2022 16:13:27 +0100
+Subject: [PATCH] malloc-fail: Fix use-after-free in xmlXIncludeAddNode
+
+Found with libFuzzer, see #344.
+---
+ xinclude.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/xinclude.c b/xinclude.c
+index 2a0614d7..e32b3419 100644
+--- a/xinclude.c
++++ b/xinclude.c
+@@ -614,14 +614,15 @@ xmlXIncludeAddNode(xmlXIncludeCtxtPtr ctxt, xmlNodePtr cur) {
+     }
+     URL = xmlSaveUri(uri);
+     xmlFreeURI(uri);
+-    xmlFree(URI);
+     if (URL == NULL) {
+ 	xmlXIncludeErr(ctxt, cur, XML_XINCLUDE_HREF_URI,
+ 	               "invalid value URI %s\n", URI);
+ 	if (fragment != NULL)
+ 	    xmlFree(fragment);
++        xmlFree(URI);
+ 	return(-1);
+     }
++    xmlFree(URI);
+ 
+     /*
+      * If local and xml then we need a fragment
+-- 
+2.48.1
+
diff --git a/libxml2.spec b/libxml2.spec
index 5266c52..04221e3 100644
--- a/libxml2.spec
+++ b/libxml2.spec
@@ -1,4 +1,4 @@
-%define anolis_release .0.3
+%define anolis_release .0.4
 
 %if 0%{?rhel} > 7
 # Disable python2 build by default
@@ -67,6 +67,8 @@ Patch23:        libxml2-2.9.7-CVE-2023-39615.patch
 
 # upstream fix:https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a66b176055d25ee635bf328c7b35b381db0b71d
 Patch24:        libxml2-2.9.7-CVE-2024-25062.patch
+# https://gitlab.gnome.org/GNOME/libxml2/-/commit/5a19e21605398cef6a8b1452477a8705cb41562b
+Patch25:        libxml2-2.9.13-CVE-2022-49043.patch
 
 # Add by Anolis
 Patch1000:	0001-modify-home-page.patch
@@ -242,6 +244,9 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz
 %{python3_sitearch}/libxml2mod.so
 
 %changelog
+* Tue Feb 18 2025 wangzhe <wanglan.wz@alibaba-inc.com> - 2.9.7-18.0.4
+- Fix CVE-2022-49043
+
 * Fri Jun 07 2024 Kai Song <songkai01@inspur.com> - 2.9.7-18.0.3
 - Fix CVE-2024-25062
 
-- 
Gitee