From e8bef20a134227bfe79f6d0d7a36b096a40946b7 Mon Sep 17 00:00:00 2001 From: Saleem Abdulrasool Date: Fri, 6 Sep 2024 15:12:54 -0700 Subject: [PATCH] _CFXMLInterface: account for possible `nullptr` return `xmlSplitQName2` may return `nullptr` for the result, which when passed to `CFStringCreateWithCString` would attempt to perform `strlen(nullptr)` which is ill-defined. When updating libxml2 on Windows, we would perform an invalid memory access due to the `strlen` invocation inside `CFStringCreateWithCString`. Protect against this case, returning `NULL` instead. --- Sources/_CFXMLInterface/CFXMLInterface.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Sources/_CFXMLInterface/CFXMLInterface.c b/Sources/_CFXMLInterface/CFXMLInterface.c index 1c54de3ec9..f334524ee6 100644 --- a/Sources/_CFXMLInterface/CFXMLInterface.c +++ b/Sources/_CFXMLInterface/CFXMLInterface.c @@ -1073,7 +1073,10 @@ CFStringRef _CFXMLNodeCopyPrefix(_CFXMLNodePtr node) { xmlChar* result = NULL; xmlChar* unused = xmlSplitQName2(_getQName((xmlNodePtr)node), &result); - CFStringRef resultString = __CFSwiftXMLParserBridgeCF.CFStringCreateWithCString(NULL, (const char*)result, kCFStringEncodingUTF8); + CFStringRef resultString = NULL; + if (result) { + __CFSwiftXMLParserBridgeCF.CFStringCreateWithCString(NULL, (const char*)result, kCFStringEncodingUTF8); + } xmlFree(result); xmlFree(unused);