From 00a07906ad96266b52b9182ba9c5fd3d35bb1735 Mon Sep 17 00:00:00 2001
From: Miguel Company <miguelcompany@eprosima.com>
Date: Fri, 3 Dec 2021 23:55:56 +0100
Subject: [PATCH] Fix oss-fuzz 40243 (#2339)

* Refs 12736. Added regression test.

Signed-off-by: Miguel Company <MiguelCompany@eprosima.com>

* Refs 12736. Fixed issue.

Signed-off-by: Miguel Company <MiguelCompany@eprosima.com>

* Refs 13161. Apply suggestion.

Signed-off-by: Miguel Company <MiguelCompany@eprosima.com>
(cherry picked from commit fc4fade0a61487977da02f38c7430d23e01b7e5d)
---
 src/cpp/rtps/xmlparser/XMLDynamicParser.cpp   |   4 ++++
 test/unittest/xmlparser/XMLParserTests.cpp    |   7 +++++++
 test/unittest/xmlparser/regressions/12736.xml | Bin 0 -> 118 bytes
 3 files changed, 11 insertions(+)
 create mode 100644 test/unittest/xmlparser/regressions/12736.xml

diff --git a/src/cpp/rtps/xmlparser/XMLDynamicParser.cpp b/src/cpp/rtps/xmlparser/XMLDynamicParser.cpp
index 15a1488c065..f995fdbd9ce 100644
--- a/src/cpp/rtps/xmlparser/XMLDynamicParser.cpp
+++ b/src/cpp/rtps/xmlparser/XMLDynamicParser.cpp
@@ -606,6 +606,10 @@ XMLP_ret XMLParser::parseXMLBitmaskDynamicType(
     }
 
     const char* name = p_root->Attribute(NAME);
+    if (nullptr == name)
+    {
+        return XMLP_ret::XML_ERROR;
+    }
     p_dynamictypebuilder_t typeBuilder =
             types::DynamicTypeBuilderFactory::get_instance()->create_bitmask_builder(bit_bound);
     typeBuilder->set_name(name);
diff --git a/test/unittest/xmlparser/XMLParserTests.cpp b/test/unittest/xmlparser/XMLParserTests.cpp
index 804a3639876..2fa4e0650e5 100644
--- a/test/unittest/xmlparser/XMLParserTests.cpp
+++ b/test/unittest/xmlparser/XMLParserTests.cpp
@@ -50,6 +50,13 @@ using eprosima::fastrtps::xmlparser::XMLParser;
 using eprosima::fastdds::dds::Log;
 using eprosima::fastdds::dds::LogConsumer;
 
+TEST_F(XMLParserTests, regressions)
+{
+    std::unique_ptr<BaseNode> root;
+
+    EXPECT_EQ(XMLP_ret::XML_ERROR, XMLParser::loadXML("regressions/12736.xml", root));
+}
+
 TEST_F(XMLParserTests, NoFile)
 {
     std::unique_ptr<BaseNode> root;
diff --git a/test/unittest/xmlparser/regressions/12736.xml b/test/unittest/xmlparser/regressions/12736.xml
new file mode 100644
index 0000000000000000000000000000000000000000..c0ced7bae818009437c1a36379bb5d4c01474c5c
GIT binary patch
literal 118
zcmXp?uqml5NG(>d1JibP+wcOQQhhtSVw<GQlHA1NY<;``|Ly+U=!1*^ik1K+5dy__
VTnr2h|A3f*aoaYiP7sgb5&)}#G?xGX

literal 0
HcmV?d00001