On Sat, Apr 26, 2008 at 03:29:47PM +0800, Ashwin wrote: > > > Hi, > > I am attaching a patch which takes care of a double free problem which > happens due to the following statement in function xmlNewEntityInputStream:- > > > > input->filename = (char *) entity->URI; > > > > This leads to a double free because when the input stream is popped > input->filename is freed, and when the dtd is freed, in xmlFreeEntity, > entity->URI is freed which is the same as input->filename leading to a > double free. I believe doing a xmlStrdup will take care of the problem, and > that is what I have done in the patch.
It's surprizing because that call is used quite frequently, e.g. in the regression tests, but the entity URI is always NULL which is why this was never raised during any of the existing tests... I applied and commited a version based on your patch, thanks a lot ! Daniel -- Red Hat Virtualization group http://redhat.com/virtualization/ Daniel Veillard | virtualization library http://libvirt.org/ [EMAIL PROTECTED] | libxml GNOME XML XSLT toolkit http://xmlsoft.org/ http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/ _______________________________________________ xml mailing list, project page http://xmlsoft.org/ [email protected] http://mail.gnome.org/mailman/listinfo/xml
