|
Hi, I am attaching a patch which takes
care of a double free problem which happens due to the following statement in
function xmlNewEntityInputStream:- input->filename = (char *)
entity->URI; This leads to a double free because
when the input stream is popped input->filename is freed, and when the dtd
is freed, in xmlFreeEntity, entity->URI is freed which is the same as
input->filename leading to a double free. I believe doing a xmlStrdup will
take care of the problem, and that is what I have done in the patch. Regards Ashwin |
*** parserInternals.c 2008-04-26 12:31:08.000000000 +0530
--- parserInternalsfix.c 2008-04-26 12:35:38.000000000 +0530
*************** xmlNewEntityInputStream(xmlParserCtxtPtr
*** 1399,1405 ****
if (input == NULL) {
return(NULL);
}
! input->filename = (char *) entity->URI;
input->base = entity->content;
input->cur = entity->content;
input->length = entity->length;
--- 1399,1405 ----
if (input == NULL) {
return(NULL);
}
! input->filename = xmlStrdup((char *) entity->URI);
input->base = entity->content;
input->cur = entity->content;
input->length = entity->length;