github/electron
1
1
Fork 0
mirror of https://github.com/electron/electron.git synced 2026-04-10 03:01:51 -04:00
Code Issues Packages Projects Releases Wiki Activity

chore: cherry-pick 1 change from Release-1-M122 (#41487)

Browse Source 
Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
This commit is contained in:
Pedro Pontes
2024-03-03 23:46:12 -08:00
committed by GitHub
parent 945f1c7262
commit dc19cd2c9d
2 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
patches/chromium/.patches
View File

@@ -145,4 +145,5 @@ enable_partition_alloc_ref_count_size.patch
ensure_an_axcontext_before_painting.patch
safely_crash_on_dangling_profile.patch
prevent_mojotrap_event_re-ordering.patch
m122_cherry_pick_cve-2024-25062_libxml_fix.patch
allowlist_devtools_for_file_access_permission.patch

41
patches/chromium/m122_cherry_pick_cve-2024-25062_libxml_fix.patch Normal file
View File

@@ -0,0 +1,41 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Joey Arhar <jarhar@chromium.org>
Date: Wed, 21 Feb 2024 21:06:46 +0000
Subject: M122: cherry pick CVE-2024-25062 libxml fix
This patch cherry picks the CVE-2024-25062 fix from libxml:
https://gitlab.gnome.org/GNOME/libxml2/-/commit/1a66b176055d25ee635bf328c7b35b381db0b71d
Bug: 325094430
Change-Id: I526ee718269ed8700b90885630b67f00f2f95089
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5310037
Auto-Submit: Joey Arhar <jarhar@chromium.org>
Commit-Queue: David Baron <dbaron@chromium.org>
Reviewed-by: David Baron <dbaron@chromium.org>
Commit-Queue: Joey Arhar <jarhar@chromium.org>
Cr-Commit-Position: refs/branch-heads/6261@{#913}
Cr-Branched-From: 9755d9d81e4a8cb5b4f76b23b761457479dbb06b-refs/heads/main@{#1250580}
diff --git a/third_party/libxml/README.chromium b/third_party/libxml/README.chromium
index 33cfec99e14c5090f6f9ac504689f2c2b482806c..a9a90fccb30f049e544923b5e4e28c67e63794f5 100644
--- a/third_party/libxml/README.chromium
+++ b/third_party/libxml/README.chromium
@@ -36,5 +36,6 @@ Modifications:
- LIBXML_XINCLUDE_ENABLED
- LIBXML_XPTR_ENABLED
- LIBXML_ZLIB_ENABLED
+- Cherry picked fix for CVE-2024-25062
This import was generated by the chromium/roll.py script.
diff --git a/third_party/libxml/src/xmlreader.c b/third_party/libxml/src/xmlreader.c
index c04cb11311c2af03608f62b54f8d6ae58a6c1d93..9ce8a148b6806f39e5ce14e114bac1af767f5a50 100644
--- a/third_party/libxml/src/xmlreader.c
+++ b/third_party/libxml/src/xmlreader.c
@@ -1378,6 +1378,7 @@ node_found:
* Handle XInclude if asked for
*/
if ((reader->xinclude) && (reader->in_xinclude == 0) &&
+ (reader->state != XML_TEXTREADER_BACKTRACK) &&
(reader->node != NULL) &&
(reader->node->type == XML_ELEMENT_NODE) &&
(reader->node->ns != NULL) &&