[jira] [Closed] (XERCESC-2219) XMLReader constructor: memory leak when refreshRawBuffer() throws

[Roger Leigh (Jira)]

     [ 
https://issues.apache.org/jira/browse/XERCESC-2219?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Roger Leigh closed XERCESC-2219.
--------------------------------
    Resolution: Fixed

> XMLReader constructor: memory leak when refreshRawBuffer() throws
> -----------------------------------------------------------------
>
>                 Key: XERCESC-2219
>                 URL: https://issues.apache.org/jira/browse/XERCESC-2219
>             Project: Xerces-C++
>          Issue Type: Bug
>    Affects Versions: 3.2.3
>            Reporter: Roger Leigh
>            Assignee: Scott Cantor
>            Priority: Major
>             Fix For: 4.0.0, 3.2.4
>
>
> See https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37529 on GDAL
> The backtrace of the exception that caused the memory leak was:
> {noformat}
> Catchpoint 1 (exception thrown), 0x00007ffff5547672 in __cxa_throw () from 
> /lib/x86_64-linux-gnu/libstdc++.so.6
> (gdb) bt
> 0  0x00007ffff5547672 in __cxa_throw () from 
> /lib/x86_64-linux-gnu/libstdc++.so.6
> 1  0x00007ffff24447c4 in xercesc_4_0::PosixFileMgr::fileRead (this=<optimized 
> out>, f=<optimized out>, byteCount=<optimized out>, buffer=<optimized out>, 
> manager=0x5555556df730)
>    at xercesc/util/FileManagers/PosixFileMgr.cpp:160
> 2  0x00007ffff24e6ec2 in xercesc_4_0::XMLReader::refreshRawBuffer 
> (this=0x5555557e49f8) at xercesc/internal/XMLReader.cpp:1891
> 3  0x00007ffff24e70d4 in xercesc_4_0::XMLReader::XMLReader 
> (this=0x5555557e49f8, pubId=<optimized out>, sysId=0x555555750920 u"/", 
> streamToAdopt=0x55555574e838, from=<optimized out>,
>    type=xercesc_4_0::XMLReader::Type_General, 
> source=xercesc_4_0::XMLReader::Source_External, throwAtEnd=false, 
> calculateSrcOfs=false, lowWaterMark=100, 
> version=xercesc_4_0::XMLReader::XMLV1_0,
>    manager=0x5555556df730) at xercesc/internal/XMLReader.cpp:130
> 4  0x00007ffff24ced75 in xercesc_4_0::ReaderMgr::createReader 
> (this=this@entry=0x5555557896d8, src=..., 
> refFrom=refFrom@entry=xercesc_4_0::XMLReader::RefFrom_NonLiteral,
>    type=type@entry=xercesc_4_0::XMLReader::Type_General, 
> source=source@entry=xercesc_4_0::XMLReader::Source_External, 
> calcSrcOfs=false, lowWaterMark=100) at ./xercesc/sax/InputSource.hpp:314
> 5  0x00007ffff24cb0af in xercesc_4_0::IGXMLScanner::scanReset 
> (this=0x555555789608, src=...) at xercesc/internal/IGXMLScanner2.cpp:1286
> 6  0x00007ffff24c36e9 in xercesc_4_0::IGXMLScanner::scanDocument 
> (this=0x555555789608, src=...) at xercesc/internal/IGXMLScanner.cpp:198
> 7  0x00007ffff250abaf in xercesc_4_0::AbstractDOMParser::parse 
> (this=0x7fffffffc2d0, source=...) at xercesc/parsers/AbstractDOMParser.cpp:545
> 8  0x00007ffff24cbdbe in xercesc_4_0::IGXMLScanner::resolveSchemaGrammar 
> (this=0x555555792f78, loc=0x5555557dd694 u"/", uri=0x555555737180 u"`", 
> ignoreLoadSchema=<optimized out>)
>    at xercesc/internal/IGXMLScanner2.cpp:1895
>   0x00007ffff24cce7c in xercesc_4_0::IGXMLScanner::parseSchemaLocation 
> (this=0x555555792f78, schemaLocationStr=<optimized out>, 
> ignoreLoadSchema=false) at ./xercesc/framework/XMLBuffer.hpp:171
> 10 0x00007ffff24cd182 in 
> xercesc_4_0::IGXMLScanner::scanRawAttrListforNameSpaces 
> (this=this@entry=0x555555792f78, attCount=attCount@entry=9) at 
> xercesc/internal/IGXMLScanner2.cpp:1649
> 11 0x00007ffff24c22cb in xercesc_4_0::IGXMLScanner::scanStartTagNS 
> (this=0x555555792f78, gotData=@0x7fffffffc91f: true) at 
> xercesc/internal/IGXMLScanner.cpp:2213
> 12 0x00007ffff24c3522 in xercesc_4_0::IGXMLScanner::scanContent 
> (this=0x555555792f78) at xercesc/internal/IGXMLScanner.cpp:890
> 13 0x00007ffff24c3760 in xercesc_4_0::IGXMLScanner::scanDocument 
> (this=0x555555792f78, src=...) at xercesc/internal/IGXMLScanner.cpp:217
> 14 0x00007ffff25158e3 in xercesc_4_0::SAX2XMLReaderImpl::parse 
> (this=0x555555731828, source=...) at xercesc/parsers/SAX2XMLReaderImpl.cpp:409
> {noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org