[
https://issues.apache.org/jira/browse/XERCESC-2044?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Scott Cantor updated XERCESC-2044:
----------------------------------
Fix Version/s: 3.2.0
> Code analysis revealed multiple potential NULL derefence conditions
> (currently unconfirmed)
> -------------------------------------------------------------------------------------------
>
> Key: XERCESC-2044
> URL: https://issues.apache.org/jira/browse/XERCESC-2044
> Project: Xerces-C++
> Issue Type: Bug
> Components: Miscellaneous
> Affects Versions: 3.1.1
> Reporter: Int3
> Fix For: 3.1.2, 3.2.0
>
> Attachments: DTDScanner.patch, IGXMLScanner.patch,
> InMemMsgLoader.patch, XSObjectFactory.patch
>
>
> src/xercesc/util/MsgLoaders/InMemory/InMemMsgLoader.cpp
> If fMsgDomain doesn't match one of the 4 else clauses, it could dereference
> null at line 106
> src/xercesc/internal/IGXMLScanner.cpp
> The !elemDecl check on line 2383 appears to be missing a final else clause to
> catch unknown grammar types.
> src/xercesc/internal/XSObjectFactory.cpp
> If the xsMultiFacetList is not allocated at line 840, there are no obvious
> checks later in the function to ensure it is not dereferenced
> src/xercesc/validators/DTD/DTDScanner.cpp
> If the first branch followed is "else if
> (fReaderMgr->skippedChar(chCloseParen))" at line 1210, lastNode can
> potentially dereference a NULL at line 1225
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
