[Expat-bugs] [ expat-Bugs-618199 ] storeRawNames fix for localPart
SourceForge.net
noreply at sourceforge.net
Sat Mar 15 13:28:24 EST 2003
Bugs item #618199, was opened at 2002-10-03 12:53
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=618199&group_id=10127
Category: None
Group: Test Required
Status: Pending
Resolution: Fixed
Priority: 5
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Fred L. Drake, Jr. (fdrake)
Summary: storeRawNames fix for localPart
Initial Comment:
When storing the raw names after processing a buffer, the pointer to
the local-name structure is not updated with the rest of the name
structures. This leads to segfaults on my machine. Also when run
through valgrind, it reports invalid read accesses.
Supplied is a tiny fix for this problem.
----------------------------------------------------------------------
Comment By: Jeremy Kloth (jkloth)
Date: 2003-03-15 14:28
Message:
Logged In: YES
user_id=38980
To reproduce the segfault, I think the following steps are needed:
1. A finished call to XML_ParseBuffer with some tags still open,
2. The during next call to XML_ParseBuffer, a tag needs to be closed
and then a new tag started that is longer than the previously closed
tag (enough to overflow the previous allocation)
Or, run the tests through a memory verification tool (valgrind) and the
read of free'd (realloc'ed really) memory shows up.
Hope this helps.
----------------------------------------------------------------------
Comment By: Fred L. Drake, Jr. (fdrake)
Date: 2003-03-12 15:48
Message:
Logged In: YES
user_id=3066
I'm trying to create a test case that exercises this with
Expat 1.95.5, but don't see a lot of information that causes
me to think I can reasonably do so. Starting with a buffer
that gets freed before a second call to XML_Parse() isn't
sufficiet on Linux.
Has anyone else been able to reproduce this? Perhaps the
original submitter is monitoring this report and can provide
more information. (The bug is fixed in 1.95.6 and CVS, but
a regression test still seems like a good idea, though isn't
critical at this point.)
----------------------------------------------------------------------
Comment By: Fred L. Drake, Jr. (fdrake)
Date: 2002-10-07 14:02
Message:
Logged In: YES
user_id=3066
For the record: This was committed as lib/xmlparse.c 1.91.
Converting to a bug report that needs a regression test
written for it. Will assign to me. (The "new" bug is the
lack of a corresponding test.)
----------------------------------------------------------------------
Comment By: Karl Waclawek (kwaclaw)
Date: 2002-10-03 13:25
Message:
Logged In: YES
user_id=290026
Good catch!
Will apply your patch.
Thanks,
Karl
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=618199&group_id=10127
More information about the Expat-bugs
mailing list