[
https://issues.apache.org/jira/browse/XERCESC-2218?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17613093#comment-17613093
]
Scott Cantor commented on XERCESC-2218:
---------------------------------------
I reviewed this patch and it's not applicable to the 3.2 branch, you can't add
methods to a class like this without breaking the ABI in general. I will roll
it back and if there's time review whether it can be done a different way.
> CurlURLInputStream constructor memory leak
> ------------------------------------------
>
> Key: XERCESC-2218
> URL: https://issues.apache.org/jira/browse/XERCESC-2218
> Project: Xerces-C++
> Issue Type: Bug
> Affects Versions: 3.2.3
> Reporter: Roger Leigh
> Assignee: Roger Leigh
> Priority: Major
> Fix For: 4.0.0, 3.2.4
>
>
> CurlURLInputStream constructor calls the readMore() method, which can
> throw exceptions. In that situation, the destructor is not called, which
> results in resource/memory leaks. To fix that, catch the exceptions,
> manually do the cleanup and rethrow the exceptions.
> Found by ossfuzz (locally)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org
