boris-kolpackov closed pull request #54: XERCESC-2188 - Use-after-free on
external DTD scan
URL: https://github.com/apache/xerces-c/pull/54
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the
boris-kolpackov commented on PR #54:
URL: https://github.com/apache/xerces-c/pull/54#issuecomment-1853490361
This PR has been merged (with whitespace issues addressed):
`master`:
https://github.com/apache/xerces-c/commit/b38ab79e934b9c27de191ee7af6926c7af42069d
`xerces-3.2`:
boris-kolpackov commented on code in PR #54:
URL: https://github.com/apache/xerces-c/pull/54#discussion_r1417168833
##
src/xercesc/internal/ReaderMgr.cpp:
##
@@ -873,33 +921,50 @@ bool ReaderMgr::isScanningPERefOutOfLiteral() const
return false;
}
-
bool
theta682 commented on code in PR #54:
URL: https://github.com/apache/xerces-c/pull/54#discussion_r1416808653
##
src/xercesc/internal/ReaderMgr.cpp:
##
@@ -1020,7 +1070,9 @@ ReaderMgr::getLastExtEntity(const XMLEntityDecl*&
itsEntity) const
// search the stack; else, keep
boris-kolpackov commented on PR #54:
URL: https://github.com/apache/xerces-c/pull/54#issuecomment-1840890853
This fix follows the same overall idea as
https://github.com/apache/xerces-c/pull/47 with the following key differences:
1. It addresses the lifetime issue when throwing
boris-kolpackov opened a new pull request, #54:
URL: https://github.com/apache/xerces-c/pull/54
These are the instructions for observing the bug (before this commit):
$ git clone https://github.com/apache/xerces-c.git $ cd xerces-c
$ mkdir build
$ cd build
$ cmake -G