Subject: | Segmentation fault in domXPathCompFindCtxt |
I encounter segfaults when using XML::LibXML's findnodes() method. The
problem seems to happen in domXPathCompFindCtxt. When looking at it in
the debugger, the following things happens:
357 res = xmlXPathCompiledEval(comp, ctxt);
(gdb) p ctxt->node
$6 = 0xb7ebb68
(gdb) n
359 if ( tdoc != NULL ) {
(gdb) p ctxt->node
$7 = 0x0
So xmlXPathCompiledEval somehow set ctxt->node to NULL. Later in the
function some variables are set to NULL and
ctxt->node->doc = NULL;
causes the segfault. The attached patch seems to workaround the problem,
no segfaults anymore.
The system is CentOS 4, with libxml2-2.6.32 installed, perl is 5.8.5. I
don't see the problem on Debian, with the same libxml2 version, and perl
5.8.8.
Sorry, the segfault happens in a complex system. I will try to construct
a small testcase for reproducing.
Regards,
Slaven
Subject: | XML-LibXML-1.69.domXPathCompFindCtxt.patch |
Binary files XML-LibXML-1.69/blib/arch/auto/XML/LibXML/LibXML.so and new.XML-LibXML-1.69/blib/arch/auto/XML/LibXML/LibXML.so differ
diff -ur XML-LibXML-1.69/xpath.c new.XML-LibXML-1.69/xpath.c
--- XML-LibXML-1.69/xpath.c 2008-11-11 21:43:53.000000000 +0100
+++ new.XML-LibXML-1.69/xpath.c 2008-11-20 12:59:57.000000000 +0100
@@ -364,7 +364,9 @@
froot->parent = NULL;
tdoc->children = NULL;
tdoc->last = NULL;
- ctxt->node->doc = NULL;
+ if ( ctxt->node ) {
+ ctxt->node->doc = NULL;
+ }
xmlFreeDoc( tdoc );
}
Binary files XML-LibXML-1.69/xpath.o and new.XML-LibXML-1.69/xpath.o differ