[ https://issues.apache.org/jira/browse/XERCESC-1940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12916558#action_12916558 ]
Oscar Ciurana commented on XERCESC-1940: ---------------------------------------- You can ensure the pooled string is 'n' chars long adding a condition in the 'if' statement: if (XMLString::equalsN((*pspe)->fString, in, n) && (*pspe)->fString[n] == L'\0' ) this solution no requires the generation of a copy of the source string. > Problem in prefix parsing while creating Documnet, Element, Attributes on all > platforms : Issue is in poolString creation > ------------------------------------------------------------------------------------------------------------------------- > > Key: XERCESC-1940 > URL: https://issues.apache.org/jira/browse/XERCESC-1940 > Project: Xerces-C++ > Issue Type: Bug > Components: DOM > Affects Versions: 3.0.1, 3.1.1 > Environment: ALL Platform, ALL OS > Reporter: Anil G Pandge > Priority: Critical > Fix For: 3.1.2, 3.2.0 > > Attachments: DOMDocumentImpl.hpp.patch, MainPro.cpp > > > Description: > ============ > When I create a DOM document using xerces APIs, for very specific input its > creating wrong payload. This is observable on 64-bit but on 32-bit. For > testing I have written sample with createDocument API which creates DOM > document and print it in string format. > I ran the test on following inputs: > createDocument("types:statusSet","http://xyz.com"); > createDocument function just create dom document and prints payloads. > Following is the outputs of above string on 32-bit machine. > 32 bit platforms output: > prefix = types:statusSet > LocalName = statusSet > doc = <types:statusSet xmlns:types:statusSet="http://xyz.com"/> > =================== > Severity : Critical > =================== > Platforms: ALL > ============== > Cause and resolution > ==================== > I debugged xerces code, issue is in > File : "DOMDocumentImpl.hpp" > Function : "DOMDocumentImpl::getPooledNString(const XMLCh *in, XMLSize_t n)" > Patch: > ====== > --- DOMDocumentImpl.hpp 2008-07-24 15:58:29.000000000 +0530 > +++ > /data/eclipse_workspace/CppIT-3.1.0/XercesTEst/src/xercesc/dom/impl/DOMDocumentImpl.hpp > 2010-08-22 10:36:18.000000000 +0530 > @@ -401,9 +401,11 @@ > pspe = &fNameTable[inHash]; > while (*pspe != 0) > { > - if (XMLString::equalsN((*pspe)->fString, in, n)) > - return (*pspe)->fString; > - pspe = &((*pspe)->fNext); > + XMLCh firstN[n]; > + XMLString::copyNString(firstN,in,n); > + if (XMLString::equals((*pspe)->fString, firstN)) > + return (*pspe)->fString; > + pspe = &((*pspe)->fNext); > } > Issue: > ====== > 1. getPooledNString computes hash of prefix and searches in fNameTable. > 2. Once hash is found, code cheks pooledString and 'n' characters of > qualifiedString. !!!!! WRONG !!!!! > 3. if comparision is true it returns the pooled string. > Ex: > In case of "types:statusSet", it will compare "types:statusSet" > and first 6 characters of "types:", it found comparision true. It return > pooled string "types:statusSet" as prefix !!!!! WRONG !!!!! > How to reporduce: > ================= > Very easy to reproduce. Run the sample program I have attached. > > Resolution: > =========== > I have attached patch file with resolution. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: c-dev-unsubscr...@xerces.apache.org For additional commands, e-mail: c-dev-h...@xerces.apache.org