[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[xml] Patch for xmlAddChild

From: Kris Breuker <kris b-lex nl>
To: xml gnome org
Subject: [xml] Patch for xmlAddChild
Date: Wed, 31 Dec 2008 12:36:20 +0100

Hello,

The xmlAddChild documentation says: "If there is an attribute with equalname, it is first destroyed."However, when the attribute which is replaced is the only attribute,libxml crashes. I believe this is because the code assumes there areattributes left after the original attribute is destroyed: it readsparent->properties to find the last attribute in the list, butparent->properties is set to NULL when the only property is destroyed byxmlUnlinkNode.

I think the attached patch should fix this. Could someone take a look at it?

Thanks,
Kris Breuker

--- tree.c	Mon Sep  1 09:17:20 2008
+++ tree_patched.c	Wed Dec 31 12:31:10 2008
@@ -3309,25 +3309,27 @@
     if (cur->type == XML_ATTRIBUTE_NODE) {
 		if (parent->type != XML_ELEMENT_NODE)
 			return(NULL);
-	if (parent->properties == NULL) {
-	    parent->properties = (xmlAttrPtr) cur;
-	} else {
+	if (parent->properties != NULL) {
 	    /* check if an attribute with the same name exists */
-	    xmlAttrPtr lastattr;
+	    xmlAttrPtr oldattr;
 
 	    if (cur->ns == NULL)
-		lastattr = xmlHasNsProp(parent, cur->name, NULL);
+		oldattr = xmlHasNsProp(parent, cur->name, NULL);
 	    else
-		lastattr = xmlHasNsProp(parent, cur->name, cur->ns->href);
-	    if ((lastattr != NULL) && (lastattr != (xmlAttrPtr) cur) && (lastattr->type != XML_ATTRIBUTE_DECL)) {
+		oldattr = xmlHasNsProp(parent, cur->name, cur->ns->href);
+	    if ((oldattr != NULL) && (oldattr != (xmlAttrPtr) cur) && (oldattr->type != XML_ATTRIBUTE_DECL)) {
 		/* different instance, destroy it (attributes must be unique) */
-			xmlUnlinkNode((xmlNodePtr) lastattr);
-		xmlFreeProp(lastattr);
+			xmlUnlinkNode((xmlNodePtr) oldattr);
+		xmlFreeProp(oldattr);
 	    }
-		if (lastattr == (xmlAttrPtr) cur)
+		if (oldattr == (xmlAttrPtr) cur)
 			return(cur);
+	}
+	if (parent->properties == NULL) {
+	    parent->properties = (xmlAttrPtr) cur;
+	} else {
 	    /* find the end */
-	    lastattr = parent->properties;
+	    xmlAttrPtr lastattr = parent->properties;
 	    while (lastattr->next != NULL) {
 		lastattr = lastattr->next;
 	    }

Follow-Ups:
- Re: [xml] Patch for xmlAddChild
  - From: Rob Richards

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]