Re: Core dump in xerces-c-2_2_0

[Alberto Massari]

Hi Peter,
your code is changing the value for the "name" pointer, so when you are 
trying to release the buffer, you are using a different pointer from the 
one the system returned you.
Different OSs can behave in different ways: some can check that that 
pointer doesn't point to a valid block and simply skip the deallocation, 
other can just crash because they end up looking to invalid data.

Just use the second version, that's the correct one (well, to say the whole 
truth, that routine is also not checking for the target array to be big 
enough to hold the data, and doesn't test for getNodeValue not to return a 
NULL pointer.....)

Alberto

At 14.29 06/10/2003 +0100, Peter Guyatt wrote:
Hi There,

        I have just come accross a rather strange error in the Xerces 
library (cc
build for solaris 2.7).

The following code causes the library to core dump:

/** Function to get the value of a node
        This functon takes care of allocating memory and freeing it and
        returning the name of the node copied into a static character 
array */
static void getNodeValue (char *data, const DOMNode *node)
{
        //get the name of the DOM node
        char *name = XMLString::transcode(node->getNodeValue());
        int index = 0;
        //only extract text with no ws characterc
        while(*name)//isspace(*name))
        {
                if (!isspace(*name))
                {
                        data[index++] = *name;
                }
                //move to the next character
                name ++;
        }
        //set the end of the string
        data[index] = 0;
        //release the memory
        XMLString::release(&name);
}

the core dump occurrs in the XMLString::release method, but it works fine
when running the Xerces library on windows.
However it does not core dump immediately, only after processing about half
of the document and the below code seems to fix it.
static void getNodeValue (char *data, const DOMNode *node)
{
        //get the name of the DOM node
        char *tmp = XMLString::transcode(node->getNodeValue());
        char *name = tmp;
        int index = 0;
        //only extract text with no ws characterc
        while(*name)//isspace(*name))
        {
                if (!isspace(*name))
                {
                        data[index++] = *name;
                }
                //move to the next character
                name ++;
        }
        //set the end of the string
        data[index] = 0;
        //release the memory
        XMLString::release(&tmp);
}
Could anyone please tell me if there is a bug already raised on this or at
least offer a reason for the core dump.
Thanks

Pete

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]