[Expat-discuss] core dump with namespaces and external entities

Fri, 27 Sep 2002 10:54:43 -0600

---------------------- multipart/mixed attachment
Attached is a little python script which causes a segfault on my machine.  I 
have narrowed the problem down to the xmlns attribute defined in the DTD.  It 
only dumps core if, in the DTD, the name is 'xmlns'.  Any other name works 
fine.

I've tested this with expat 1.95.2 and 1.95.4 using pyexpat from python 2.2.1 
and with 1.95.5 using PyXML from CVS.

This is the back trace:
#0  lookup (table=0x815be2c, name=0x0, createSize=0) at 
extensions/expat/lib/xmlparse.c:5175
5175      while (*s)
(gdb) bt
#0  lookup (table=0x815be2c, name=0x0, createSize=0) at 
extensions/expat/lib/xmlparse.c:5175
#1  0x4018f294 in dtdCopy (newDtd=0x815bdf0, oldDtd=0x8153ef0, 
parser=0x815bc90) at extensions/expat/lib/xmlparse.c:5011
#2  0x401896d4 in XML_ExternalEntityParserCreate (oldParser=0x8153d90, 
context=0x815d6e4 "xml=http://www.w3.org/XML/1998/namespace\fen", 
encodingName=0x0)
    at extensions/expat/lib/xmlparse.c:960
#3  0x40187547 in xmlparse_ExternalEntityParserCreate (self=0x8110d1c, 
args=0x812aff4) at extensions/pyexpat.c:1054
#4  0x080d4507 in PyCFunction_Call (func=0x8128cd8, arg=0x812aff4, kw=0x0) at 
Objects/methodobject.c:90
#5  0x08076e01 in eval_frame (f=0x8138b24) at Python/ceval.c:2004
#6  0x08077806 in PyEval_EvalCodeEx (co=0x815e168, globals=0x40, locals=0x0, 
args=0x815d1d2, argcount=4, kws=0x0, kwcount=0, defs=0x0, defcount=0, 
closure=0x0)
    at Python/ceval.c:2585
#7  0x080c79a6 in function_call (func=0x811d694, arg=0x81137dc, kw=0x0) at 
Objects/funcobject.c:374
#8  0x080b5a3e in PyObject_Call (func=0x0, arg=0x81137dc, kw=0x0) at 
Objects/abstract.c:1684
#9  0x080784ea in PyEval_CallObjectWithKeywords (func=0x811d694, 
arg=0x81137dc, kw=0x0) at Python/ceval.c:3049
#10 0x401886d0 in call_with_frame (c=0x0, func=0x811d694, args=0x81137dc) at 
extensions/pyexpat.c:335
#11 0x401868ef in my_ExternalEntityRefHandler (parser=0x2, context=0x815d7c8 
"xml=http://www.w3.org/XML/1998/namespace\fen", base=0x0, systemId=0x811b960 
"en.xml", publicId=0x0)
    at extensions/pyexpat.c:791
#12 0x4018a90a in doContent (parser=0x8153d90, startTagLevel=0, 
enc=0x401a9e40, s=0x8159c78 "&en;\n</i18n>\n\t", end=0x8159c85 "\t", 
nextPtr=0x0)
    at extensions/expat/lib/xmlparse.c:1948
#13 0x4018be82 in doProlog (parser=0x8153d90, enc=0x401a9e40, s=0x8159c3b 
"<i18n 
xmlns=\"http://docbook.sourceforge.net/xmlns/l10n/1.0\">\n&en;\n</i18n>\n\t",
    end=0x8159c85 "\t", tok=1075383520, next=0x8159c3b "<i18n 
xmlns=\"http://docbook.sourceforge.net/xmlns/l10n/1.0\">\n&en;\n</i18n>\n\t", 
nextPtr=0x0)
    at extensions/expat/lib/xmlparse.c:1691
#14 0x40190cba in prologInitProcessor (parser=0x8153d90,
    s=0x8159be0 "<?xml version='1.0'?>\n<!DOCTYPE i18n SYSTEM \"l10n.dtd\" [\n  
<!ENTITY en SYSTEM \"en.xml\">\n]>\n<i18n 
xmlns=\"http://docbook.sourceforge.net/xmlns/l10n/1.0\">\n&en;\n</i18n>\n\t", 
end=0x8159c85 "\t", nextPtr=0x0) at extensions/expat/lib/xmlparse.c:3095
#15 0x40190848 in XML_Parse (parser=0x8153d90,
    s=0x815cf74 "<?xml version='1.0'?>\n<!DOCTYPE i18n SYSTEM \"l10n.dtd\" [\n  
<!ENTITY en SYSTEM \"en.xml\">\n]>\n<i18n 
xmlns=\"http://docbook.sourceforge.net/xmlns/l10n/1.0\">\n&en;\n</i18n>\n", 
len=0, isFinal=1) at extensions/expat/lib/xmlparse.c:1394
#16 0x40186f16 in xmlparse_Parse (self=0x8110d1c, args=0x815ddfc) at 
extensions/pyexpat.c:809
#17 0x080d4507 in PyCFunction_Call (func=0x8112b20, arg=0x815ddfc, kw=0x0) at 
Objects/methodobject.c:90
#18 0x08076e01 in eval_frame (f=0x8121594) at Python/ceval.c:2004
#19 0x08077806 in PyEval_EvalCodeEx (co=0x815e5e0, globals=0x2, 
locals=0x811a634, args=0x815bc7c, argcount=0, kws=0x0, kwcount=0, defs=0x0, 
defcount=0, closure=0x0)
    at Python/ceval.c:2585
#20 0x08079b65 in PyEval_EvalCode (co=0x815e5e0, globals=0x811a634, 
locals=0x811a634) at Python/ceval.c:483
#21 0x0809e759 in run_node (n=0x812b690, filename=0xbffff87c "parse.py", 
globals=0x811a634, locals=0x811a634, flags=0xbffff688) at 
Python/pythonrun.c:1079
#22 0x0809e6ce in PyRun_FileExFlags (fp=0x810adc8, filename=0xbffff87c 
"parse.py", start=257, globals=0x811a634, locals=0x811a634, closeit=1, 
flags=0xbffff688)
    at Python/pythonrun.c:1057
#23 0x0809dfe3 in PyRun_SimpleFileExFlags (fp=0xbffff688, filename=0xbffff87c 
"parse.py", closeit=-1073743748, flags=0xbffff688) at Python/pythonrun.c:685
#24 0x080531ac in Py_Main (argc=-1073743748, argv=0xbffff714) at 
Modules/main.c:364
#25 0x08052d17 in main (argc=2, argv=0xbffff714) at Modules/python.c:10
#26 0x40078082 in __libc_start_main () from /lib/i686/libc.so.6

Jeremy Kloth
---------------------- multipart/mixed attachment
A non-text attachment was scrubbed...
Name: parse.py
Type: text/x-python
Size: 810 bytes
Desc: not available
Url : http://mail.libexpat.org/pipermail-21/expat-discuss/attachments/20020927/cd598881/parse.py

---------------------- multipart/mixed attachment--