DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25932>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=25932 DOMDocumentImpl::allocate broken Summary: DOMDocumentImpl::allocate broken Product: Xerces-C++ Version: 2.3.0 Platform: PC OS/Version: Windows NT/2K Status: NEW Severity: Major Priority: Other Component: DOM AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] I'm currently getting an unhandled exception during XMLString::copyNString (called from DOMElement::getTextContent). I've traced into the code and it's simple as could be; the only child is a text node. The buffer is allocated to the size of the text node + 1, so overflow should not be a possibility, but the exception is consistently thrown at the same offset into the string, which points to overflow. On a whim, I replaced DOMNodeImpl.cpp:957 XMLCh* pzBuffer = (XMLCh*)((DOMDocumentImpl*)getOwnerDocument())->allocate (nBufferLength+1); with the dog-stupid XMLCh* pzBuffer = new XMLCh[nBufferLength+1]; and I no longer get the crash. Adam Heinz Senior Software Developer Exstream Software --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
