[ http://nagoya.apache.org/jira/browse/XERCESC-1098?page=history ]
Alberto Massari updated XERCESC-1098:
-------------------------------------
Priority: Major
> Valgrind reports "Source and destination overlap in memcpy"
> -----------------------------------------------------------
>
> Key: XERCESC-1098
> URL: http://nagoya.apache.org/jira/browse/XERCESC-1098
> Project: Xerces-C++
> Type: Bug
> Components: Miscellaneous
> Versions: 2.3.0
> Environment: Operating System: All
> Platform: Other
> Reporter: Dominik Stadler
> Assignee: Xerces-C Developers Mailing List
>
> While looking for a problem in our application, I ran valgrind and saw the
> following report. I know this does normally work fine, but I though I report it,
> maybe there is an easy fix for this.
> Valgrind reports:
> ==17958== Source and destination overlap in memcpy(0x450987CC, 0x450987CC, 40)
> ==17958== at 0x40024665: memcpy (mac_replace_strmem.c:93)
> ==17958== by 0x40E15F55: xercesc_2_3::XMLBuffer::set(unsigned short const *,
> unsigned int) (XMLBuffer.cpp:122)
> ==17958== by 0x40D8380D:
> xercesc_2_3::IGXMLScanner::resolveSchemaGrammar(unsigned short const *, unsigned
> short const *) (IGXMLScanner2.cpp:1325)
> ==17958== by 0x40D832CF:
> xercesc_2_3::IGXMLScanner::scanRawAttrListforNameSpaces(xercesc_2_3::RefVectorOf<xercesc_2_3::KVStringPair>
> const *, int) (IGXMLScanner2.cpp:1249)
> ==17958== by 0x40D8C84D: xercesc_2_3::IGXMLScanner::scanStartTagNS(bool &)
> (IGXMLScanner.cpp:2034)
> ==17958== by 0x40D89717: xercesc_2_3::IGXMLScanner::scanContent(bool)
> (IGXMLScanner.cpp:849)
> ==17958== by 0x40D87D54:
> xercesc_2_3::IGXMLScanner::scanDocument(xercesc_2_3::InputSource const &)
> (IGXMLScanner.cpp:209)
> ==17958== by 0x40E22B87: xercesc_2_3::XMLScanner::scanDocument(unsigned short
> const *) (XMLScanner.cpp:419)
> ==17958== by 0x40E23105: xercesc_2_3::XMLScanner::scanDocument(char const *)
> (XMLScanner.cpp:427)
> ==17958== by 0x40CF22EF: xercesc_2_3::AbstractDOMParser::parse(char const *)
> (AbstractDOMParser.cpp:477)
> The code in XMLBuffer.cpp is:
> void XMLBuffer::set(const XMLCh* const chars, const unsigned int count)
> {
> ...
> memcpy(fBuffer, chars, actualCount * sizeof(XMLCh));
> so the pointer "XMLCh* chars" that is passed in is from the XMLBuffer itself.
> The code in IGXMLScanner2.cpp is:
> // Create a buffer for expanding the system id
> XMLBufBid bbSys(&fBufMgr);
> XMLBuffer& expSysId = bbSys.getBuffer();
> XMLBuffer& normalizedSysId = bbSys.getBuffer();
> ...
> if (fEntityHandler)
> {
> ...
> }
> else
> {
> expSysId.set(normalizedURI);
> }
> Why are there two equal references to an XMLBuffer used? wouldn't it just be
> possible to remove one of them? Then the call to set() is actually an assignment
> to itself and could go away completely.
> I checked the code and it seems this is still the same for 2.4 and CVS-LATEST.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://nagoya.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
