[
https://issues.apache.org/jira/browse/XERCESC-2044?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Scott Cantor reassigned XERCESC-2044:
-------------------------------------
Assignee: Scott Cantor (was: Boris Kolpackov)
> Code analysis revealed multiple potential NULL derefence conditions
> (currently unconfirmed)
> -------------------------------------------------------------------------------------------
>
> Key: XERCESC-2044
> URL: https://issues.apache.org/jira/browse/XERCESC-2044
> Project: Xerces-C++
> Issue Type: Bug
> Components: Miscellaneous
> Affects Versions: 3.1.1
> Reporter: Int3
> Assignee: Scott Cantor
> Fix For: 3.1.2, 3.2.0
>
> Attachments: DTDScanner.patch, IGXMLScanner.patch,
> InMemMsgLoader.patch, XSObjectFactory.patch
>
>
> src/xercesc/util/MsgLoaders/InMemory/InMemMsgLoader.cpp
> If fMsgDomain doesn't match one of the 4 else clauses, it could dereference
> null at line 106
> src/xercesc/internal/IGXMLScanner.cpp
> The !elemDecl check on line 2383 appears to be missing a final else clause to
> catch unknown grammar types.
> src/xercesc/internal/XSObjectFactory.cpp
> If the xsMultiFacetList is not allocated at line 840, there are no obvious
> checks later in the function to ensure it is not dereferenced
> src/xercesc/validators/DTD/DTDScanner.cpp
> If the first branch followed is "else if
> (fReaderMgr->skippedChar(chCloseParen))" at line 1210, lastNode can
> potentially dereference a NULL at line 1225
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org
