Christoph von Wittich wrote:
> I found a problem in xpath.c.
>
> in xmlXPathFormatNumber
> line 2714 char work[DBL_DIG + EXPONENT_DIGITS + 3 + LOWER_DOUBLE_EXP];
> line 2766 work[buffersize - 1] = 0;
>
> in most cases buffersize is 99 or 100 depending on the calling function.
How do you experience this problem?
The code in question is only called if buffersize is smaller than the
contents of work:
/* Finally copy result back to caller */
size = strlen(work) + 1;
if (size > buffersize) {
work[buffersize - 1] = 0;
size = buffersize;
}
memmove(buffer, work, size);
_______________________________________________
xml mailing list, project page http://xmlsoft.org/
[email protected]
http://mail.gnome.org/mailman/listinfo/xml
