Rather than use FFI, would it work for your purposes to have the libxml2
code in a separate process from Racket? That would avoid the likely C
memory bugs corrupting your Racket process.
https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/Xmlsoft-Libxml2.html
I've done this before for XML in Racket, to get DSig support, when I
couldn't cost-justify implementing it in pure Racket at the time. (W3C
standards tend to be big and complicated, and your implementation of
DSig has to be perfectly compliant in many regards, to work at all.)
Another possible option is to do what validation and other XML behavior
you need in pure Racket. Oleg Kiselyov did some work on validation,
and, if you have the time, you might implement more.
http://okmij.org/ftp/Scheme/xml.html#validation
https://pkgs.racket-lang.org/package/sxml
https://www.neilvandyke.org/racket/sxml-intro/
XML validation is good for system robustness, but every C library we
pull into a Racket process makes us less confident about robustness in a
different way.
--
You received this message because you are subscribed to the Google Groups "Racket
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to racket-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
