[xml] xml freeing the same string twice

From: Wolfgang Rohdewald <wolfgang rohdewald de>
To: xml gnome org
Subject: [xml] xml freeing the same string twice
Date: Tue, 5 Apr 2011 06:29:54 +0200

Hi,

meinproc4.exe (from KDE on windows) always crashes.
using libxml2-2.7.7

I think I found one problem causing this in

xmlSAX2TextNode

using the xmlDict for short strings and such for
avoiding malloc/free on them. So it sets the
text node content (ret->content) to the string
from that dict.

but later in xmlFreeNode it frees that string

so if a dict entry is used twice it will be 
freed twice - this is what actually happens

I can avoid the segfault by disabling the code
in xmlSAX2TextNode() at 

if (ctxt->dictNames)


so how would a correct patch look like? put a 
flag into the node saying that content must not
be freed when freeing the node and free strings
when they are removed from the dict?

-- 
Wolfgang

Follow-Ups:
- Re: [xml] xml freeing the same string twice
  - From: Nikolay Sivov

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]