Package: libxml2 Version: 2.6.30.dfsg-3 Severity: important
libxml2 crash liferea on some Chinese RSS feed. Backtrace shows that in file error.c at XML_GET_VAR_STR(), it realloced too much memory. With vsnprintf, when it returns -1, there could be all kind of errors other than just not enough buffer. In this Chinese feed, the error is "Invalid or incomplete multibyte or wide character", i.e. EILSEQ. So if XML_GET_VAR_STR really want to handle pre-glibc 2.1 erorr, it should check the precise errno first rather blindly realloc more memory. Otherwise, just break out of the error. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.22-3-k7 (SMP w/1 CPU core) Locale: LANG=C, LC_CTYPE=zh_CN.GBK (charmap=GBK) Shell: /bin/sh linked to /bin/bash Versions of packages libxml2 depends on: ii libc6 2.7-4 GNU C Library: Shared libraries ii zlib1g 1:1.2.3.3.dfsg-7 compression library - runtime Versions of packages libxml2 recommends: ii xml-core 0.11 XML infrastructure and XML catalog -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
