-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Daniel Veillard wrote:
> Can you make sure no patch was applied on SuSE rpms, I doubt it but
> that may happen. Maybe someone from SuSe is monitoting that list and can
> act on this problem (thanks in advance !)
Hello Petr and Daniel!
I'm maintainer of libxml2 in SuSE. Our libxml2-2.6.27 has 4 patches, I'm
attaching relevant one (null-retval.patch). This was a patch for older
bug I reported earlier: http://bugzilla.gnome.org/show_bug.cgi?id=400242
- - and was fixed in CVS by William M. Brac.
GDB output of testcase with debuginfo installed:
(gdb) r --shell test.xml
Starting program: /usr/bin/xmllint --shell test.xml
/ > xpath *[ a=name(concat(""))]
XPath error : Invalid number of arguments
XPath error : Invalid type
xmlXPathEval: 3 object left on the stack
Program received signal SIGSEGV, Segmentation fault.
0x00002b2102bb5d4b in xmlXPathFreeNodeSet (obj=0x6660f0) at xpath.c:4059
4059 if ((obj->nodeTab[i] != NULL) &&
Valgrind output is attached in libxml2-valgrind.txt.
- --
Best Regards / S pozdravom,
Pavol RUSNAK SUSE LINUX, s.r.o
Package Maintainer Lihovarska 1060/12
PGP 0xA6917144 19000 Praha 9, CR
prusnak[at]suse.cz http://www.suse.cz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFGE7R9ASE5C6aRcUQRAjbdAJwLfnHVa5xjkkHmYuF1pjefprA2kwCfc+9m
wsPg2e6tiNmFoY9D9or6WEo=
=Vw1l
-----END PGP SIGNATURE-----
==13912== Memcheck, a memory error detector. ==13912== Copyright (C) 2002-2007, and GNU GPL'd, by Julian Seward et al. ==13912== Using LibVEX rev 1732, a library for dynamic binary translation. ==13912== Copyright (C) 2004-2007, and GNU GPL'd, by OpenWorks LLP. ==13912== Using valgrind-3.2.3, a dynamic binary instrumentation framework. ==13912== Copyright (C) 2000-2007, and GNU GPL'd, by Julian Seward et al. ==13912== For more details, rerun with: -v ==13912== XPath error : Invalid number of arguments XPath error : Invalid type ==13912== Invalid read of size 4 ==13912== at 0x55374BA: xmlXPathFreeObject (xpath.c:5331) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097190 is 0 bytes inside a block of size 72 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 4 ==13912== at 0x55374F5: xmlXPathFreeObject (xpath.c:5332) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x40971A0 is 16 bytes inside a block of size 72 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 8 ==13912== at 0x5537520: xmlXPathFreeObject (xpath.c:5343) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097198 is 8 bytes inside a block of size 72 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 8 ==13912== at 0x5536D1C: xmlXPathFreeNodeSet (xpath.c:4054) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097210 is 8 bytes inside a block of size 16 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 4 ==13912== at 0x5536D23: xmlXPathFreeNodeSet (xpath.c:4058) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097208 is 0 bytes inside a block of size 16 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 8 ==13912== at 0x5536D29: xmlXPathFreeNodeSet (xpath.c:4058) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097210 is 8 bytes inside a block of size 16 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 8 ==13912== at 0x5536D42: xmlXPathFreeNodeSet (xpath.c:4059) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097248 is 0 bytes inside a block of size 80 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x5536D73: xmlXPathFreeNodeSet (xpath.c:4062) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid read of size 4 ==13912== at 0x5536D3C: xmlXPathFreeNodeSet (xpath.c:4058) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097208 is 0 bytes inside a block of size 16 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid free() / delete / delete[] ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x5536D73: xmlXPathFreeNodeSet (xpath.c:4062) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097248 is 0 bytes inside a block of size 80 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x5536D73: xmlXPathFreeNodeSet (xpath.c:4062) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid free() / delete / delete[] ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097208 is 0 bytes inside a block of size 16 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x553752D: xmlXPathFreeObject (xpath.c:5344) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== Invalid free() / delete / delete[] ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x5544BBD: xmlXPathEval (xpath.c:14823) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== Address 0x4097190 is 0 bytes inside a block of size 72 free'd ==13912== at 0x4C2286B: free (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x55450EF: xmlXPathCompOpEvalPredicate (xpath.c:11586) ==13912== by 0x5546198: xmlXPathNodeCollectAndTest (xpath.c:12376) ==13912== by 0x5543644: xmlXPathCompOpEval (xpath.c:13241) ==13912== by 0x5542FF7: xmlXPathCompOpEval (xpath.c:13719) ==13912== by 0x55447FD: xmlXPathRunEval (xpath.c:14287) ==13912== by 0x5544B71: xmlXPathEval (xpath.c:14801) ==13912== by 0x55353DA: xmlShell (debugXML.c:2989) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) xmlXPathEval: 3 object left on the stack ==13912== ==13912== ERROR SUMMARY: 11 errors from 11 contexts (suppressed: 2 from 1) ==13912== malloc/free: in use at exit: 279,777 bytes in 250 blocks. ==13912== malloc/free: 743 allocs, 496 frees, 334,050 bytes allocated. ==13912== For counts of detected errors, rerun with: -v ==13912== searching for pointers to 250 not-freed blocks. ==13912== checked 398,072 bytes. ==13912== ==13912== ==13912== 14 bytes in 2 blocks are still reachable in loss record 1 of 10 ==13912== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x5CCC911: strdup (in /lib64/libc-2.5.so) ==13912== by 0x529C2F6: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== ==13912== 26 bytes in 1 blocks are still reachable in loss record 2 of 10 ==13912== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x529A1AF: _nc_home_terminfo (in /lib64/libncurses.so.5.6) ==13912== by 0x5299E54: _nc_next_db (in /lib64/libncurses.so.5.6) ==13912== by 0x52A01C4: _nc_read_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x529C0BF: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== ==13912== ==13912== 83 bytes in 1 blocks are still reachable in loss record 3 of 10 ==13912== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x529D4C7: _nc_tparm_analyze (in /lib64/libncurses.so.5.6) ==13912== by 0x529D6ED: tparm (in /lib64/libncurses.so.5.6) ==13912== by 0x52A06BC: (within /lib64/libncurses.so.5.6) ==13912== by 0x52A09AA: _nc_trim_sgr0 (in /lib64/libncurses.so.5.6) ==13912== by 0x529CAC6: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== ==13912== ==13912== 160 bytes in 1 blocks are still reachable in loss record 4 of 10 ==13912== at 0x4C21F7F: calloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x529FE64: _nc_read_termtype (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0071: _nc_read_file_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0231: _nc_read_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x529C0BF: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== ==13912== ==13912== 180 bytes in 1 blocks are still reachable in loss record 5 of 10 ==13912== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x529FFBB: _nc_read_termtype (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0071: _nc_read_file_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0231: _nc_read_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x529C0BF: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== ==13912== ==13912== 208 bytes in 1 blocks are still reachable in loss record 6 of 10 ==13912== at 0x4C21F7F: calloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x529C0A5: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== ==13912== 1,024 bytes in 1 blocks are still reachable in loss record 7 of 10 ==13912== at 0x4C22D57: realloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x4E5272A: xrealloc (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3FC8F: rl_add_funmap_entry (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3FCCF: rl_initialize_funmap (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C42C: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== ==13912== 1,409 bytes in 1 blocks are still reachable in loss record 8 of 10 ==13912== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x529F9B4: _nc_read_termtype (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0071: _nc_read_file_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0231: _nc_read_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x529C0BF: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== ==13912== ==13912== 3,601 bytes in 4 blocks are still reachable in loss record 9 of 10 ==13912== at 0x4C22D57: realloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x5299F0A: _nc_doalloc (in /lib64/libncurses.so.5.6) ==13912== by 0x529FD8E: _nc_read_termtype (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0071: _nc_read_file_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x52A0231: _nc_read_entry (in /lib64/libncurses.so.5.6) ==13912== by 0x529C0BF: _nc_setupterm (in /lib64/libncurses.so.5.6) ==13912== by 0x529C969: tgetent (in /lib64/libncurses.so.5.6) ==13912== by 0x4E4F709: _rl_init_terminal_io (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C416: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== ==13912== ==13912== 273,072 bytes in 237 blocks are still reachable in loss record 10 of 10 ==13912== at 0x4C22C56: malloc (in /usr/lib64/valgrind/amd64-linux/vgpreload_memcheck.so) ==13912== by 0x4E52765: xmalloc (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3C5CA: rl_initialize (in /lib64/libreadline.so.5.2) ==13912== by 0x4E3D276: readline (in /lib64/libreadline.so.5.2) ==13912== by 0x407765: xmlShellReadline (xmllint.c:781) ==13912== by 0x5534618: xmlShell (debugXML.c:2847) ==13912== by 0x406B41: parseAndPrintFile (xmllint.c:2310) ==13912== by 0x408E12: main (xmllint.c:3499) ==13912== ==13912== LEAK SUMMARY: ==13912== definitely lost: 0 bytes in 0 blocks. ==13912== possibly lost: 0 bytes in 0 blocks. ==13912== still reachable: 279,777 bytes in 250 blocks. ==13912== suppressed: 0 bytes in 0 blocks.
--- xpath.c
+++ xpath.c
@@ -14543,6 +14543,8 @@
xmlXPathInit();
pctxt = xmlXPathNewParserContext(str, ctxt);
+ if (pctxt == NULL)
+ return NULL;
xmlXPathCompileExpr(pctxt, 1);
if( pctxt->error != XPATH_EXPRESSION_OK )
@@ -14794,6 +14796,8 @@
xmlXPathInit();
ctxt = xmlXPathNewParserContext(str, ctx);
+ if (ctxt == NULL)
+ return NULL;
xmlXPathEvalExpr(ctxt);
if (ctxt->value == NULL) {
@@ -14854,6 +14858,8 @@
xmlXPathInit();
pctxt = xmlXPathNewParserContext(str, ctxt);
+ if (pctxt == NULL)
+ return NULL;
xmlXPathEvalExpr(pctxt);
if ((*pctxt->cur != 0) || (pctxt->error != XPATH_EXPRESSION_OK)) {
Attachment:
libxml2-valgrind.txt.sig
Description: PGP signature
Attachment:
libxml2-2.6.27-null-retval.patch.sig
Description: PGP signature