2025

2024

2023

2022

List overview

[PATCH 0/1] MR9279: msxml3: Fix use-after-free of dom attributes.

Yuxuan Shui (＠yshui)

25 Oct 2025 25 Oct '25

3:59 a.m.

In domelem_removeAttributeNode, we call xmlRemoveProp if attributeNode is NULL. Doing this frees the xmlNodePtr, leaving a dangling pointer. Which later in domattr_Release causes a use-after-free.

Found by ASan.

-- https://gitlab.winehq.org/wine/wine/-/merge_requests/9279

Back to the thread

Back to the list