Roger Leigh created XERCESC-2219:
------------------------------------
Summary: XMLReader constructor: memory leak when
refreshRawBuffer() throws
Key: XERCESC-2219
URL: https://issues.apache.org/jira/browse/XERCESC-2219
Project: Xerces-C++
Issue Type: Bug
Affects Versions: 3.2.3
Reporter: Roger Leigh
Assignee: Roger Leigh
See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37529 on GDAL
The backtrace of the exception that caused the memory leak was:
{noformat}
Catchpoint 1 (exception thrown), 0x00007ffff5547672 in __cxa_throw () from
/lib/x86_64-linux-gnu/libstdc++.so.6
(gdb) bt
0 0x00007ffff5547672 in __cxa_throw () from
/lib/x86_64-linux-gnu/libstdc++.so.6
1 0x00007ffff24447c4 in xercesc_4_0::PosixFileMgr::fileRead (this=<optimized
out>, f=<optimized out>, byteCount=<optimized out>, buffer=<optimized out>,
manager=0x5555556df730)
at xercesc/util/FileManagers/PosixFileMgr.cpp:160
2 0x00007ffff24e6ec2 in xercesc_4_0::XMLReader::refreshRawBuffer
(this=0x5555557e49f8) at xercesc/internal/XMLReader.cpp:1891
3 0x00007ffff24e70d4 in xercesc_4_0::XMLReader::XMLReader
(this=0x5555557e49f8, pubId=<optimized out>, sysId=0x555555750920 u"/",
streamToAdopt=0x55555574e838, from=<optimized out>,
type=xercesc_4_0::XMLReader::Type_General,
source=xercesc_4_0::XMLReader::Source_External, throwAtEnd=false,
calculateSrcOfs=false, lowWaterMark=100,
version=xercesc_4_0::XMLReader::XMLV1_0,
manager=0x5555556df730) at xercesc/internal/XMLReader.cpp:130
4 0x00007ffff24ced75 in xercesc_4_0::ReaderMgr::createReader
(this=this@entry=0x5555557896d8, src=...,
refFrom=refFrom@entry=xercesc_4_0::XMLReader::RefFrom_NonLiteral,
type=type@entry=xercesc_4_0::XMLReader::Type_General,
source=source@entry=xercesc_4_0::XMLReader::Source_External, calcSrcOfs=false,
lowWaterMark=100) at ./xercesc/sax/InputSource.hpp:314
5 0x00007ffff24cb0af in xercesc_4_0::IGXMLScanner::scanReset
(this=0x555555789608, src=...) at xercesc/internal/IGXMLScanner2.cpp:1286
6 0x00007ffff24c36e9 in xercesc_4_0::IGXMLScanner::scanDocument
(this=0x555555789608, src=...) at xercesc/internal/IGXMLScanner.cpp:198
7 0x00007ffff250abaf in xercesc_4_0::AbstractDOMParser::parse
(this=0x7fffffffc2d0, source=...) at xercesc/parsers/AbstractDOMParser.cpp:545
8 0x00007ffff24cbdbe in xercesc_4_0::IGXMLScanner::resolveSchemaGrammar
(this=0x555555792f78, loc=0x5555557dd694 u"/", uri=0x555555737180 u"`",
ignoreLoadSchema=<optimized out>)
at xercesc/internal/IGXMLScanner2.cpp:1895
0x00007ffff24cce7c in xercesc_4_0::IGXMLScanner::parseSchemaLocation
(this=0x555555792f78, schemaLocationStr=<optimized out>,
ignoreLoadSchema=false) at ./xercesc/framework/XMLBuffer.hpp:171
10 0x00007ffff24cd182 in
xercesc_4_0::IGXMLScanner::scanRawAttrListforNameSpaces
(this=this@entry=0x555555792f78, attCount=attCount@entry=9) at
xercesc/internal/IGXMLScanner2.cpp:1649
11 0x00007ffff24c22cb in xercesc_4_0::IGXMLScanner::scanStartTagNS
(this=0x555555792f78, gotData=@0x7fffffffc91f: true) at
xercesc/internal/IGXMLScanner.cpp:2213
12 0x00007ffff24c3522 in xercesc_4_0::IGXMLScanner::scanContent
(this=0x555555792f78) at xercesc/internal/IGXMLScanner.cpp:890
13 0x00007ffff24c3760 in xercesc_4_0::IGXMLScanner::scanDocument
(this=0x555555792f78, src=...) at xercesc/internal/IGXMLScanner.cpp:217
14 0x00007ffff25158e3 in xercesc_4_0::SAX2XMLReaderImpl::parse
(this=0x555555731828, source=...) at xercesc/parsers/SAX2XMLReaderImpl.cpp:409
{noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org
