Bug 632811 – htmlCtxtReset() does not reset ctxt->disableSAX

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 632811 - htmlCtxtReset() does not reset ctxt->disableSAX


Summary:	htmlCtxtReset() does not reset ctxt->disableSAX


Status:	RESOLVED FIXED

Product:	libxml2
Classification:	Platform
Component:	general
Version:	git master
Hardware:	Other All

Importance:	Normal major
Target Milestone:	---
Assigned To:	Daniel Veillard
QA Contact:	libxml QA maintainers

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2010-10-21 17:34 UTC by Stefan Behnel
Modified:	2010-10-28 09:53 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Stefan Behnel 2010-10-21 17:34:55 UTC

When the HTML parser runs into a serious problem, it sets ctxt->disableSAX and stops parsing. However, calling htmlCtxtReset() afterwards does not reset this flag, so subsequent parser runs that reuse the context fail to build a document.

Comment 1 Stefan Behnel 2010-10-21 17:59:36 UTC

Thinking about this some more, this can actually lead to DoS, e.g. in a web crawler that parses broken HTML pages and reuses the context for performance reasons.

Increasing the importance a bit.

Comment 2 Daniel Veillard 2010-10-28 09:53:04 UTC

Okay, right, trivial. Fix pushed !

 thanks  !

Daniel