commit | c1d1f7121194036608bf555f08d3062a36fd344b | [log] [tgz] |
---|---|---|
author | Nick Wellnhofer <wellnhofer@aevum.de> | Tue Jun 28 18:34:52 2016 +0200 |
committer | Nick Wellnhofer <wellnhofer@aevum.de> | Wed Oct 12 13:12:18 2016 +0200 |
tree | 0a67fcb3d23b1b4fd021d5ae28f4b35a86b3f784 | |
parent | 3f8a91036d338e51c059d54397a42d645f019c65 [diff] |
Disallow namespace nodes in XPointer ranges Namespace nodes must be copied to avoid use-after-free errors. But they don't necessarily have a physical representation in a document, so simply disallow them in XPointer ranges. Found with afl-fuzz. Fixes CVE-2016-4658.