Menu

#502 potential null pointer dereference

Test Required
closed-fixed
nobody
None
5
2016-03-12
2012-05-08
tomaszmi
No

Expat version 2.1.0

There may be a potential null pointer dereference in the xmlparse.c file, line 2914. The lookup function may return NULL and this case is not checked before the line #2914. I'm not familiar with expat details, however in general if such case is not possible, it would be good to make sure the program will be terminated/aborted, for instance using assert:
assert(id);

Discussion

  • tomaszmi

    tomaszmi - 2012-05-08

    The similar issue is in the xmlparse.c, line #5478. The id->prefix may be set to null however in the next line the pointer is dereferenced without any check.

     

  • Sandeep L Hegde

    Sandeep L Hegde - 2012-07-24

    I would like to work on this bug. Please assign it to me.

     

  • tomaszmi

    tomaszmi - 2012-07-24

    sahegde1, you are not on the list of people available to be assigned to it.

     

  • Sandeep L Hegde

    Sandeep L Hegde - 2012-07-24

    Sorry, i am a newbie to open source. How do i add myself to the list.

     

  • Karl Waclawek

    Karl Waclawek - 2012-07-24

    The best approach is to submit a patch in the Patch tracker. We will then review it and merge it into the source code.

     

  • Gaurav

    Gaurav - 2013-07-31

    This surely seems to be a bug. I am attaching the patch for fix.
    Please apply the attached patch.

    Gaurav

     
    xmlparse.c.patch

  • Sebastian Pipping

    Sebastian Pipping - 2016-03-12
    • status: open --> closed-fixed
     

  • Sebastian Pipping

    Sebastian Pipping - 2016-03-12

    Fixed by commit b3a467e3922a5894a903790673af93b347aba385, included in next release. Closing.

     

Log in to post a comment.

MongoDB Logo MongoDB