[ http://nagoya.apache.org/jira/browse/XALANC-438?page=comments#action_54883 ] June Ng commented on XALANC-438: --------------------------------
Could you attach a test case (.xsl and .xml file) to reproduce this problem? Thanks! > Memory corruption when the encoding of the output of the transform is set to UTF-16 > ----------------------------------------------------------------------------------- > > Key: XALANC-438 > URL: http://nagoya.apache.org/jira/browse/XALANC-438 > Project: XalanC > Type: Bug > Components: XalanC > Versions: 1.6, 1.8 > Environment: Windows > Reporter: Bob Bisso > > Memory corruption occurs when a large buffer, greater than 512 bytes > Memory corruption occurs when the encoding of the output of a transform is set to > UTF-16 (either programmatically or by inserting "<xsl:output encoding='UTF-16' />" > in the style sheet). The function FormatterToXML_UTF16::write() in the file > FormatterToXML_UTF16.cpp (in "src\xalanc\XMLSupport" folder) is used in serializing > the transformed output in UTF-16 encoding. It uses a buffer of 512 characters long > to store the output before writing it to the output device. At the top of the > function, it attempts to check if the length of the data (in double byte characters) > it is asked to write to the output device is bigger than the size of the buffer (in > bytes). So the code to handle this is not executed due to this problem, and the code > merrily goes along to write the data into the buffer, hence corrupting memory. There > is a second problem, and that is in the code that actually handles the case where > the length of the data exceeded the buffer size, it flushes the buffer, and then use > the wrong overloaded write() function to write the data to the output device. > Proposed fix, for FormatterToXML_UTF16::write() in the file > FormatterToXML_UTF16.cpp, is as follows: > inline void > FormatterToXML_UTF16::write( > const XalanDOMChar* theChars, > XalanDOMString::size_type theLength) > { > if (theLength > sizeof(m_buffer)/sizeof(XalanDOMChar)) > { > flushBuffer(); > m_writer->write((const char*)theChars, 0, theLength * > sizeof(XalanDOMChar)); > } > else > { > if (m_bufferRemaining < theLength) > { > flushBuffer(); > } > for(XalanDOMString::size_type i = 0; i < theLength; ++i) > { > *m_bufferPosition = theChars[i]; > ++m_bufferPosition; > } > m_bufferRemaining -= theLength; > } > } -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://nagoya.apache.org/jira/secure/Administrators.jspa - If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
