On Wed, Feb 07, 2007 at 03:20:38PM +1100, Michael Day wrote: > Hi, > > Here is a DTD parsing bug in libxml2 (tested with 2.6.27). > > Download the following .tar.gz: > > http://www.princexml.com/download/nasty-libxml2-dtd-bug.tar.gz > > Unpack it and run: > > $ xmllint --loaddtd bug.xml > > You will get lots of error messages, the first one being: > > nlm/references.ent:381: parser error : Comment not terminated > > However if you look at the file, you will see that is nonsense, and > there are no unterminated comments on line 381. > > Even worse, if you delete *one character* from the references.ent file > at *any point* before line 381, then everything works fine! > > This appears to be some kind of IO buffering error or something like > that, as the parser seems to be dependent on how many characters are in > the file before that point. >
Probably a missing GROW somewhere in the DTD parsing code, please bugzilla I can't debugs this ATM, thanks, Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ [EMAIL PROTECTED] | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ _______________________________________________ xml mailing list, project page http://xmlsoft.org/ [email protected] http://mail.gnome.org/mailman/listinfo/xml
