[jira] [Created] (XERCESC-2259) Segmentation fauilt in xerces parse when fgXercesDOMHasPSVIInfo is true

Tue, 14 Jan 2025 11:55:54 -0800 

Lara Blatchford created XERCESC-2259:
----------------------------------------

             Summary: Segmentation fauilt in xerces parse when 
fgXercesDOMHasPSVIInfo is true
                 Key: XERCESC-2259
                 URL: https://issues.apache.org/jira/browse/XERCESC-2259
             Project: Xerces-C++
          Issue Type: Bug
          Components: DOM
    Affects Versions: 3.2.5
         Environment: RHEL 9, x86_64
            Reporter: Lara Blatchford
         Attachments: xerces_parse_crash.zip

Our application validates against a specific set of schemas, and when a new 
schema is added to the no namespace schema list, xerces segfaults with the 
following stack trace:
{quote}{{#0  0x00007fd8817b2bca 
_ZN11xercesc_3_212IGXMLScanner12buildAttListERKNS_11RefVectorOfINS_12KVStringPairEEEmPNS_14XMLElementDeclERNS1_INS_7XMLAttrEEE
 (libxerces-c-3.2.so + 0x1b2bca)}}
{{#1  0x00007fd8817abff0 _ZN11xercesc_3_212IGXMLScanner14scanStartTagNSERb 
(libxerces-c-3.2.so + 0x1abff0)}}
{{#2  0x00007fd8817ad9e7 _ZN11xercesc_3_212IGXMLScanner11scanContentEv 
(libxerces-c-3.2.so + 0x1ad9e7)}}
{{#3  0x00007fd8817adc48 
_ZN11xercesc_3_212IGXMLScanner12scanDocumentERKNS_11InputSourceE 
(libxerces-c-3.2.so + 0x1adc48)}}
{{#4  0x00007fd8817d0b5c _ZN11xercesc_3_210XMLScanner12scanDocumentEPKDs 
(libxerces-c-3.2.so + 0x1d0b5c)}}
{{#5  0x00007fd8817d4842 _ZN11xercesc_3_210XMLScanner12scanDocumentEPKc 
(libxerces-c-3.2.so + 0x1d4842)}}
{{#6  0x00007fd8817e7a2e _ZN11xercesc_3_217AbstractDOMParser5parseEPKc 
(libxerces-c-3.2.so + 0x1e7a2e)}}
{{#7  0x00007fd8817f0fc6 _ZN11xercesc_3_215DOMLSParserImpl8parseURIEPKc 
(libxerces-c-3.2.so + 0x1f0fc6)}}
{{#8  0x0000000000403d20 main (xercesparse + 0x3d20)}}
{{#9  0x00007fd880e295d0 __libc_start_call_main (libc.so.6 + 0x295d0)}}
{{#10 0x00007fd880e29680 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x29680)}}
{{                #11 0x0000000000403ef5 _start (xercesparse + 0x3ef5)}}{quote}
The crash does not occur if the new schema is removed from the schema list, or 
if fgXercesDOMHasPSVIInfo is set to false – however, operationally this 
parameter must be set to true.

The attached zip contains source for a small test application that demonstrates 
the crash.  The schema that introduced the crash when added is 
schema_xercescrash.xsd, and an example XML file to be validated is 
fs_xercescrash.xml.  The poi.xsd schema is included in the namespace schema 
list when the crash occurs.  The crashdemo script shows how the test app is 
invoked to demonstrate the crash.

[^xerces_parse_crash.zip]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to