(xerces-c) branch xerces-3.3 updated: XERCESC-2253 - Undefined behavior on ElemStack and NamespaceScope

Mon, 23 Sep 2024 11:06:32 -0700 

This is an automated email from the ASF dual-hosted git repository.

scantor pushed a commit to branch xerces-3.3
in repository https://gitbox.apache.org/repos/asf/xerces-c.git


The following commit(s) were added to refs/heads/xerces-3.3 by this push:
     new a57bb2155 XERCESC-2253 - Undefined behavior on ElemStack and 
NamespaceScope
a57bb2155 is described below

commit a57bb21550e3ad5d998b8aa052b30b6133f75fe4
Author: Scott Cantor <canto...@osu.edu>
AuthorDate: Mon Sep 23 14:05:14 2024 -0400

    XERCESC-2253 - Undefined behavior on ElemStack and NamespaceScope
    
    https://issues.apache.org/jira/browse/XERCESC-2253
---
 src/xercesc/internal/ElemStack.cpp               | 4 +++-
 src/xercesc/validators/schema/NamespaceScope.cpp | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/xercesc/internal/ElemStack.cpp 
b/src/xercesc/internal/ElemStack.cpp
index baff8452b..d297fbda4 100644
--- a/src/xercesc/internal/ElemStack.cpp
+++ b/src/xercesc/internal/ElemStack.cpp
@@ -493,7 +493,9 @@ void ElemStack::expandMap(StackElem* const toExpand)
     //  since this is a by value map and the current map index controls what
     //  is relevant.
     //
-    memcpy(newMap, toExpand->fMap, oldCap * sizeof(PrefMapElem));
+    if (toExpand->fMap) {
+        memcpy(newMap, toExpand->fMap, oldCap * sizeof(PrefMapElem));
+    }
 
     // Delete the old map and store the new stuff
     fMemoryManager->deallocate(toExpand->fMap);//delete [] toExpand->fMap;
diff --git a/src/xercesc/validators/schema/NamespaceScope.cpp 
b/src/xercesc/validators/schema/NamespaceScope.cpp
index 0e9703f46..e1af9c2a3 100644
--- a/src/xercesc/validators/schema/NamespaceScope.cpp
+++ b/src/xercesc/validators/schema/NamespaceScope.cpp
@@ -271,7 +271,9 @@ void NamespaceScope::expandMap(StackElem* const toExpand)
     //  since this is a by value map and the current map index controls what
     //  is relevant.
     //
-    memcpy(newMap, toExpand->fMap, oldCap * sizeof(PrefMapElem));
+    if (toExpand->fMap) {
+        memcpy(newMap, toExpand->fMap, oldCap * sizeof(PrefMapElem));
+    }
 
     // Delete the old map and store the new stuff
     fMemoryManager->deallocate(toExpand->fMap);//delete [] toExpand->fMap;


---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org
For additional commands, e-mail: c-dev-h...@xerces.apache.org

Reply via email to