Work at SourceForge, help us to make it a better place! We have an immediate need for a Support Technician in our San Francisco or Denver office.

Close

#502 potential null pointer dereference

Test Required
open
nobody
None
5
2013-07-31
2012-05-08
tomaszmi
No

Expat version 2.1.0

There may be a potential null pointer dereference in the xmlparse.c file, line 2914. The lookup function may return NULL and this case is not checked before the line #2914. I'm not familiar with expat details, however in general if such case is not possible, it would be good to make sure the program will be terminated/aborted, for instance using assert:
assert(id);

Discussion

  • tomaszmi
    tomaszmi
    2012-05-08

    The similar issue is in the xmlparse.c, line #5478. The id->prefix may be set to null however in the next line the pointer is dereferenced without any check.

     
  • I would like to work on this bug. Please assign it to me.

     
  • tomaszmi
    tomaszmi
    2012-07-24

    sahegde1, you are not on the list of people available to be assigned to it.

     
  • Sorry, i am a newbie to open source. How do i add myself to the list.

     
  • Karl Waclawek
    Karl Waclawek
    2012-07-24

    The best approach is to submit a patch in the Patch tracker. We will then review it and merge it into the source code.

     
  • Gaurav
    Gaurav
    2013-07-31

    This surely seems to be a bug. I am attaching the patch for fix.
    Please apply the attached patch.

    Gaurav

     
    Attachments