malloc-fail: Stop using XPath stack frames

There's too much code which assumes that if ctxt->value is non-null, a value can be successfully popped off the stack. This assumption can break with stack frames when malloc fails. Instead of trying to fix all call sites, remove the stack frame logic. It only offered very little protection against misbehaving extension functions. We already check the stack size after a function call which should be enough. Found by OSS-Fuzz.
author: Nick Wellnhofer <wellnhofer@aevum.de> 2023-03-13 17:11:27 +0100
committer: Nick Wellnhofer <wellnhofer@aevum.de> 2023-03-13 17:11:27 +0100
commit: 483793940c476483eb7ca1873100bf58a2441478 (patch)
tree: 7f6c3a46bbb4140345e3f355dae924e23c1f4159 /include
parent: 457fc622d5e8e3734d9c294c81d6c1babb9c5dd5 (diff)
download: libxml2-483793940c476483eb7ca1873100bf58a2441478.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/include/libxml/xpath.h b/include/libxml/xpath.h
index 8a70ddc2..b57985a2 100644
--- a/include/libxml/xpath.h
+++ b/include/libxml/xpath.h
@@ -400,7 +400,7 @@ struct _xmlXPathParserContext {
     int xptr;				/* it this an XPointer expression */
     xmlNodePtr         ancestor;	/* used for walking preceding axis */
 
-    int              valueFrame;        /* used to limit Pop on the stack */
+    int              valueFrame;        /* unused */
 };
 
 /************************************************************************
author	Nick Wellnhofer <wellnhofer@aevum.de>	2023-03-13 17:11:27 +0100
committer	Nick Wellnhofer <wellnhofer@aevum.de>	2023-03-13 17:11:27 +0100
commit	483793940c476483eb7ca1873100bf58a2441478 (patch)
tree	7f6c3a46bbb4140345e3f355dae924e23c1f4159 /include
parent	457fc622d5e8e3734d9c294c81d6c1babb9c5dd5 (diff)
download	libxml2-483793940c476483eb7ca1873100bf58a2441478.tar.gz