Here is the test case for the reference after free problem. I compiled the attached program using gcc -c -g `xml2-config --cflags` xptest.c gcc xptest.o `xml2-config --libs` -o xptest running the compiled program gave me the following results :- The XML file is constructed so that the first two cases produce the same output $ ./xptest xptest.xml '//token' <token>12345</token> <token>abcdefg</token> <token>67890</token> <token>zyx</token> <token>xyzzy</token> <token>plugh</token> $ ./xptest xptest.xml 'xp:tokenize(//string)' <token>12345</token> <token>abcdefg</token> <token>67890</token> <token>zyx</token> <token>xyzzy</token> <token>plugh</token> Next verify the filter gives expected results $ ./xptest xptest.xml '//token[position() mod 2 = 1]' <token>12345</token> <token>67890</token> <token>xyzzy</token>confidence check that filter works as expected on the value of a function returning a node-set
$ ./xptest xptest.xml 'xp:node-set(//token)[position() mod 2 = 1]' <token>12345</token> <token>67890</token> <token>xyzzy</token>so far so good, the next case should produce the same output as the previous one.
$ ./xptest xptest.xml 'xp:tokenize(//string)[position() mod 2 = 1]' xmlEncodeEntitiesReentrant : input not UTF-8 <Ø&6 Ø&6@> <text>&6@&6@</text> </Ø&6 Ø&6@> <À&6 À&6@> <text>&6@&6 H</text> </À&6 À&6@> <Ø&6 Ø&6@> <text>&6@&6 h</text> </Ø&6 Ø&6@> In this case output was corrupt - could just as easily have been a SIGSEGV.Two possibilities: node persistence should be managed differently than in the test program. Since this is copied from libexslt, libexslt is buggy as is my code that is based on that methodology.
Otherwise, libexslt does persistence management as intended and libxml2's XPath evaluation is buggy as outlined in my original message,
Brian Stafford
Attachment:
xptest.xml
Description: Text Data
Attachment:
xptest.c
Description: Text Data