From c95cc523df56653e70fc2acffafbb48c441e4cf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=92=8B=E5=AE=8F=E5=8D=9A?= <xdhbj0022@163.com>
Date: Tue, 6 Feb 2024 17:33:21 +0800
Subject: [PATCH] fix CVE-2024-25062

---
 dependency/libxml2/CVE-2024-25062.patch | 11 +++++++++++
 dependency/libxml2/build_component.sh   |  1 +
 2 files changed, 12 insertions(+)
 create mode 100644 dependency/libxml2/CVE-2024-25062.patch

diff --git a/dependency/libxml2/CVE-2024-25062.patch b/dependency/libxml2/CVE-2024-25062.patch
new file mode 100644
index 000000000..682d9096f
--- /dev/null
+++ b/dependency/libxml2/CVE-2024-25062.patch
@@ -0,0 +1,11 @@
+diff -Naur a/xmlreader.c b/xmlreader.c
+--- a/xmlreader.c	2024-02-06 17:29:16.285516854 +0800
++++ b/xmlreader.c	2024-02-06 17:28:15.592980289 +0800
+@@ -1586,6 +1586,7 @@
+      * Handle XInclude if asked for
+      */
+     if ((reader->xinclude) && (reader->in_xinclude == 0) &&
++        (reader->state != XML_TEXTREADER_BACKTRACK) &&
+         (reader->node != NULL) &&
+ 	(reader->node->type == XML_ELEMENT_NODE) &&
+ 	(reader->node->ns != NULL) &&
diff --git a/dependency/libxml2/build_component.sh b/dependency/libxml2/build_component.sh
index 0d9a0641f..e340d74f1 100644
--- a/dependency/libxml2/build_component.sh
+++ b/dependency/libxml2/build_component.sh
@@ -31,6 +31,7 @@ function build_component()
     patch -p1 < ../CVE-2023-28484.patch
     patch -p1 < ../CVE-2023-29469.patch
     patch -p1 < ../CVE-2023-45322.patch
+    patch -p1 < ../CVE-2024-25062.patch
     tmp_cpus=$(grep -w processor /proc/cpuinfo|wc -l)
     ./autogen.sh
     chmod +x configure        
-- 
Gitee