#27722 [Asn->Csd]: Better pointer check to avoid crashes

Thu, 01 Apr 2004 05:46:41 -0800 

 ID:               27722
 Updated by:       [EMAIL PROTECTED]
 Reported By:      fjortiz at comunet dot es
-Status:           Assigned
+Status:           Closed
 Bug Type:         SOAP related
 Operating System: *
 PHP Version:      5.0.0RC1
 Assigned To:      dmitry
 New Comment:

Fixed in PHP 5.0.0RC2-DEV CVS.

Now ext/soap supports shemas without targetNamespace.


Previous Comments:
------------------------------------------------------------------------

[2004-03-30 03:27:15] fjortiz at comunet dot es

well, we could add in

php_schema.c Line 190

if (tns==NULL)  {

 php_error(E_ERROR, "SOAP-ERROR: Parsing Schema: need a
'targetNamespace' attribute");

}



and that's all, but it's also true that targetNamespace is not
mandatory at schema element AFAIK. 



Even more, we check for a targetNamespace attr. in a complexType
element (line 1368) and others, when it does not validate properly.



So I leave here this patch



189a190,191

>       if (tns==NULL)  {

>               php_error(E_ERROR, "SOAP-ERROR: Parsing Schema: need a
'targetNamespace' a

>       }



to avoid crash, as PHP-SOAP needs it, but you may want to consider
something different and create some kind of "default" or "absent"
targetNamespace.

------------------------------------------------------------------------

[2004-03-26 13:25:31] [EMAIL PROTECTED]

We're always happy to take patches.

------------------------------------------------------------------------

[2004-03-26 13:10:59] fjortiz at comunet dot es

Description:
------------
Hi,



In my WSDL I defined a schema and forgot the attibute
"targetNamespace". I know that's something you shoudn't forget, but,
instead making Apache crash, wouldn't it be more robust to check for
NULL pointers and send a gentle error?



Fortunately I have a debug PHP5RC1 installed so I located the crash:



php_schema.c line 1410



newType->namens = estrdup(ns->children->content);



Sure it crashes, ns==NULL ...



I guess it's the same problem for other retrieved elements/attributes.
PHP-SOAP should be capable of trapping any unvalidated XML.



If you are short of time I even offer myself to do some of that nasty
pointer-check around.



Thanks for your attention and your great efforts.





------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=27722&edit=1

Reply via email to