[xslt] Re: A test that succeeds in libxslt-1.0.23 gets a seg fault in libxslt-1.0.24

From: Jean Anderson <jta bristowhill com>
To: xslt gnome org
Subject: [xslt] Re: A test that succeeds in libxslt-1.0.23 gets a seg fault in libxslt-1.0.24
Date: Thu, 06 Feb 2003 15:56:59 -0800

Way back on January 20 I pinged this list with this problem.Today I 
finally got around to logging a bug with a reproduction on 
libxslt-1.0.25 (http://bugzilla.gnome.org/show_bug.cgi?id=105418).

This bit of libxslt code seems to have changed quite a lot between 
libxslt-1.0.23 and libxslt-1.0.24, so I don't know what the "right" fix 
is in this case, but wanted to run my initial fix by folks for a sanity 
check to see if I'm going to end up with some worse problem down the road.

The source of the problem is with this code in 
xsltDocumentFunctionLoadDocument() in functions.c:



     if (xsltdoc == NULL) {                  /* functions.c line 141 */
         if ((URI == NULL) ||
             (URI[0] = '#') ||
             (xmlStrEqual(tctxt->style->doc->URL, URI))) {
             doc = tctxt->style->doc;
         } else {
             valuePush(ctxt, xmlXPathNewNodeSet(NULL));

             if (fragment != NULL)
                 xmlFree(fragment);

             return;
         }
     }
     doc = xsltdoc->doc;                    /* functions.c line 155 */


If the URI passed into the function points to a file that does not 
exist, the code reaches line 141 and xsltdoc is NULL. By the time 
execution reaches line 155, xsltdoc is still NULL and the assignment 
gets a seg fault.

My quick fix is to call xsltTransformError if xsltdoc is NULL:

[jta@gertie libxslt]$ diff functions.c functions.c.orig
111,113d110
<     xmlChar *newURI;
<
<     newURI=xmlStrdup(URI);
158,168d154
<
<     if (xsltdoc == NULL) {
<     xsltTransformError(xsltXPathGetTransformContext(ctxt), NULL, NULL,
<         "Can't Open File: %s\n",
<     newURI);
<
<     valuePush(ctxt, xmlXPathNewNodeSet(NULL));
<     return;
<     }
<     xmlFree(newURI);
<

I added a newURI variable that xmlStrdup's URI  because if you call 
xsltTransformError with URI, a # sign ends up in the first character of 
the filename; for example, #oofile.xml instead of foofile.xml.

So here's the old libxslt.1.0.23 behavior:

    $ xsltproc test.xsl test-bad.xml
    warning: failed to load external entity "foofile.xml"
    warning: failed to load external entity "foo_file.xml"

    Can't Open File: foofile.xml
    Can't Open File: foo%5Ffile.xml

And here's the new libxslt.1.0.25 behavior with the changes listed above:

    $ xsltproc test.xsl test-bad.xml
    warning: failed to load external entity "foofile.xml"
    runtime error: file test.xsl line 8 element variable
    Can't Open File: foofile.xml
    warning: failed to load external entity "foo_file.xml"
    runtime error: file test.xsl line 8 element variable
    Can't Open File: foo_file.xml
    no result for test-bad.xml

What concerns me is my quick fix changes the behavior. In 
libxslt-1.0.23, the xsltApplyStylesheetUser call results in ctxt->state 
set to XSLT_STATE_OK.With my fix in libxslt-1.0.25, ctxt->state != 
XSLT_STATE_OK. --I immediately noticed the difference in output in my tests.

any thoughts? can anyone suggest a better quick fix?

thanks,

  -jean

Follow-Ups:
- [xslt] Re: Fix for 105418 [xsltDocumentFunctionLoadDocument seg faults iffile doesn't exist]
  - From: Jean Anderson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]