Discussion:
[Expat-bugs] [ expat-Bugs-3524730 ] potential null pointer dereference
SourceForge.net
2012-05-08 13:56:43 UTC
Permalink
Bugs item #3524730, was opened at 2012-05-08 06:56
Message generated for change (Tracker Item Submitted) made by tomaszmi
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=3524730&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: Test Required
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: tomaszmi (tomaszmi)
Assigned to: Nobody/Anonymous (nobody)
Summary: potential null pointer dereference

Initial Comment:
Expat version 2.1.0

There may be a potential null pointer dereference in the xmlparse.c file, line 2914. The lookup function may return NULL and this case is not checked before the line #2914. I'm not familiar with expat details, however in general if such case is not possible, it would be good to make sure the program will be terminated/aborted, for instance using assert:
assert(id);

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=3524730&group_id=10127
SourceForge.net
2012-05-08 14:51:32 UTC
Permalink
Bugs item #3524730, was opened at 2012-05-08 06:56
Message generated for change (Comment added) made by tomaszmi
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=3524730&group_id=10127

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: Test Required
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: tomaszmi (tomaszmi)
Assigned to: Nobody/Anonymous (nobody)
Summary: potential null pointer dereference

Initial Comment:
Expat version 2.1.0

There may be a potential null pointer dereference in the xmlparse.c file, line 2914. The lookup function may return NULL and this case is not checked before the line #2914. I'm not familiar with expat details, however in general if such case is not possible, it would be good to make sure the program will be terminated/aborted, for instance using assert:
assert(id);

----------------------------------------------------------------------
Comment By: tomaszmi (tomaszmi)
Date: 2012-05-08 07:51

Message:
The similar issue is in the xmlparse.c, line #5478. The id->prefix may be
set to null however in the next line the pointer is dereferenced without
any check.

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=3524730&group_id=10127
Loading...