Bug #42441 for XML-TreePP: XML::TreePP parsing regexp throws an error when file contains certain amount of tags

Hi Yusuke, I tried to elaborate a patch for this problem, but looking at the svn version on googlecode, it seems it's too simplistic. Running the test suite fails with the patch applied. The idea behind it is to "do something" even if it's dumb, to prevent segfaults. It works for us, but not for your cases where you don't have an XML prologue. Take a look at it, it's in the RT42441.patch file. As I said, this patch is unapplicable as it is, because it makes the test suite fail. We also wrote a new test case which happens to crash XML::TreePP. I believe this is very useful if you want to dedicate some time to fixing this. We might have some time to fix it ourselves, or we have to drop XML::TreePP and use other modules. Having random segfaults in production is not an option :) Hope this helps fixing the ticket.

--- /usr/share/perl5/XML/TreePP.pm.dist 2009-02-18 09:49:22.000000000 +0000 +++ /usr/share/perl5/XML/TreePP.pm 2009-02-18 09:53:40.000000000 +0000 @@ -698,6 +698,11 @@ return $self->die( "Tie::IxHash is required." ) unless &load_tie_ixhash(); } + # Avoid segfaults when receving random input (RT #42441) + if ( ! looks_like_xml(\$text) ) { + return; + } + my $flat = $self->xml_to_flat(\$text); my $class = $self->{base_class} if exists $self->{base_class}; my $tree = $self->flat_to_tree( $flat, '', $class ); @@ -1062,10 +1067,19 @@ $text; } +sub looks_like_xml { + my $textref = shift; + my $args = ( $$textref =~ /^(?:\s*\xEF\xBB\xBF)?\s*<\?xml(\s+\S.*)\?>/s )[0]; + if ( ! $args ) { + return; + } + return $args; +} + sub xml_decl_encoding { my $textref = shift; return unless defined $$textref; - my $args = ( $$textref =~ /^(?:\s*\xEF\xBB\xBF)?\s*<\?xml(\s+\S.*)\?>/s )[0] or return; + my $args = looks_like_xml($textref) or return; my $getcode = ( $args =~ /\s+encoding=(".*?"|'.*?')/ )[0] or return; $getcode =~ s/^['"]//; $getcode =~ s/['"]$//;