Gitweb links:
...log
http://git.netsurf-browser.org/libdom.git/shortlog/176bab60eb10beb68fbbb1a6185c68eeda2a6e95
...commit
http://git.netsurf-browser.org/libdom.git/commit/176bab60eb10beb68fbbb1a6185c68eeda2a6e95
...tree
http://git.netsurf-browser.org/libdom.git/tree/176bab60eb10beb68fbbb1a6185c68eeda2a6e95
The branch, master has been updated
via 176bab60eb10beb68fbbb1a6185c68eeda2a6e95 (commit)
from 16c5256395aa4d48a50ffed5b5748d30fd04b3e5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commitdiff
http://git.netsurf-browser.org/libdom.git/commit/?id=176bab60eb10beb68fbbb1a6185c68eeda2a6e95
commit 176bab60eb10beb68fbbb1a6185c68eeda2a6e95
Author: Michael Orlitzky <[email protected]>
Commit: Michael Drake <[email protected]>
bindings/xml/libxml_xmlparser.c: handle an empty document
The xml_parser_end_document() function tries to retrieve the XML node
using dom_node_get_user_data() after the parser has finished. It
checks the return value of that function, but not the true result (a
node pointer), which is itself passed in via a pointer. This goes
wrong when the returned pointer is NULL and unusable, because the
return value is always DOM_NO_ERR (meaning everything was OK).
This problem manifests as a segfault (null dereference) if you try to
parse an empty document using the libxml bindings. It is fixed by
adding a NULL check.
diff --git a/bindings/xml/libxml_xmlparser.c b/bindings/xml/libxml_xmlparser.c
index 02b8a34..d43c459 100644
--- a/bindings/xml/libxml_xmlparser.c
+++ b/bindings/xml/libxml_xmlparser.c
@@ -346,7 +346,11 @@ void xml_parser_end_document(void *ctx)
/* Get XML node */
err = dom_node_get_user_data((struct dom_node *) parser->doc,
parser->udkey, (void **) (void *) &node);
- if (err != DOM_NO_ERR) {
+
+ /* The return value from dom_node_get_user_data() is always
+ * DOM_NO_ERR, but the returned "node" will be NULL if no user
+ * data is found. */
+ if (err != DOM_NO_ERR || node == NULL) {
parser->msg(DOM_MSG_WARNING, parser->mctx,
"Failed finding XML node");
return;
-----------------------------------------------------------------------
Summary of changes:
bindings/xml/libxml_xmlparser.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/bindings/xml/libxml_xmlparser.c b/bindings/xml/libxml_xmlparser.c
index 02b8a34..d43c459 100644
--- a/bindings/xml/libxml_xmlparser.c
+++ b/bindings/xml/libxml_xmlparser.c
@@ -346,7 +346,11 @@ void xml_parser_end_document(void *ctx)
/* Get XML node */
err = dom_node_get_user_data((struct dom_node *) parser->doc,
parser->udkey, (void **) (void *) &node);
- if (err != DOM_NO_ERR) {
+
+ /* The return value from dom_node_get_user_data() is always
+ * DOM_NO_ERR, but the returned "node" will be NULL if no user
+ * data is found. */
+ if (err != DOM_NO_ERR || node == NULL) {
parser->msg(DOM_MSG_WARNING, parser->mctx,
"Failed finding XML node");
return;
--
Document Object Model library
_______________________________________________
netsurf-commits mailing list -- [email protected]
To unsubscribe send an email to [email protected]
