[xml] Patch: avoid potential double memory free
- From: Brian Stafford <brian stafford office-logic com>
- To: Daniel Veillard <veillard redhat com>, xml gnome org
- Subject: [xml] Patch: avoid potential double memory free
- Date: Fri, 26 Jul 2002 15:24:28 +0100
Hi all,
the following short patch avoids a potential double free or referencing memory
after its freed when code like the following, extracted from testC14n.c, is
called
xmlXPathRegisterNs(ctx, ns->prefix, ns->href)
ns->href in the above would be freed when the xpath context is destroyed.
This can cause a SEGV later on when ns->href is referenced or mode likely when
xmlFreeDoc is called. The patch duplicates the string to avoid this. Since
xpointer.c expects the original semantic, an extra call to xmlFree is added to
avoid a leak.
Regards
Brian Stafford
Index: xpath.c
===================================================================
RCS file: /cvs/gnome/gnome-xml/xpath.c,v
retrieving revision 1.201
diff -u -r1.201 xpath.c
--- xpath.c 19 Jul 2002 08:32:00 -0000 1.201
+++ xpath.c 26 Jul 2002 14:14:58 -0000
@@ -2825,7 +2825,7 @@
ctxt->nsHash = xmlHashCreate(10);
if (ctxt->nsHash == NULL)
return(-1);
- return(xmlHashUpdateEntry(ctxt->nsHash, prefix, (void *) ns_uri,
+ return(xmlHashUpdateEntry(ctxt->nsHash, prefix, (void *)xmlStrdup(ns_uri),
(xmlHashDeallocator)xmlFree));
}
Index: xpointer.c
===================================================================
RCS file: /cvs/gnome/gnome-xml/xpointer.c,v
retrieving revision 1.42
diff -u -r1.42 xpointer.c
--- xpointer.c 18 Mar 2002 19:37:04 -0000 1.42
+++ xpointer.c 26 Jul 2002 14:15:01 -0000
@@ -1020,6 +1020,7 @@
}
xmlXPathRegisterNs(ctxt->context, prefix, URI);
+ xmlFree(URI);
CUR_PTR = left;
#endif /* XPTR_XMLNS_SCHEME */
} else {
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
