XML Writer : compare namespace declarations correctly

Apply patch from 0001-CVE-2020-25713-raptor2-malformed-input-file-can-lead.patch.1 that fixes Issue#0000650 https://bugs.librdf.org/mantis/view.php?id=650 which overwrote heap during XML writing in parse type literal content. This was detected with clang asan. Thanks to Michael Stahl / mst2 for the fix.
author: Dave Beckett <dave@dajobe.org> 2021-09-18 17:40:00 -0700
committer: Dave Beckett <dave@dajobe.org> 2021-09-18 17:40:00 -0700
commit: 4f5dbbffcc1c6cf0398bd03450453289a0979dea (patch)
tree: 7fff37cda77f6b4910ede4a5e8b8580c01d0bfd7
parent: 656ba574e21cffadc6cff7a6b34f31c33c5272a8 (diff)
download: raptor-4f5dbbffcc1c6cf0398bd03450453289a0979dea.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/raptor_xml_writer.c b/src/raptor_xml_writer.c
index 56993dc3..4426d38c 100644
--- a/src/raptor_xml_writer.c
+++ b/src/raptor_xml_writer.c
@@ -227,7 +227,7 @@ raptor_xml_writer_start_element_common(raptor_xml_writer* xml_writer,
           
           /* check it wasn't an earlier declaration too */
           for(j = 0; j < nspace_declarations_count; j++)
-            if(nspace_declarations[j].nspace == element->attributes[j]->nspace) {
+            if(nspace_declarations[j].nspace == element->attributes[i]->nspace) {
               declare_me = 0;
               break;
             }
author	Dave Beckett <dave@dajobe.org>	2021-09-18 17:40:00 -0700
committer	Dave Beckett <dave@dajobe.org>	2021-09-18 17:40:00 -0700
commit	4f5dbbffcc1c6cf0398bd03450453289a0979dea (patch)
tree	7fff37cda77f6b4910ede4a5e8b8580c01d0bfd7
parent	656ba574e21cffadc6cff7a6b34f31c33c5272a8 (diff)
download	raptor-4f5dbbffcc1c6cf0398bd03450453289a0979dea.tar.gz