#15 crash fix to XMLSearch_init_from_XPath

[Harry Sintonen]

A friend had some random crash issues with the XMLSearch feature. He finally tracked it down to uninitialized init_value field. Newly allocated search2 might break if init_value contains the magic XML_INIT_DONE value, leading to double free(). Avoid this issue by explicitly setting init_value to 0.

diff --git a/src/sxmlsearch.c b/src/sxmlsearch.c
index 77257ae..8c04a53 100644
--- a/src/sxmlsearch.c
+++ b/src/sxmlsearch.c 
@@ -400,6 +400,7 @@ int XMLSearch_init_from_XPath(const SXML_CHAR* xpath, XMLSearch* search)
                                (void)XMLSearch_free(search, true);
                                return false;
                        }

+                       search2->init_value = 0; /* Something not XML_INIT_DONE */
                }                                               
                /* Skip all first '/' */
                for (; *tag != NULC && *tag == C2SX('/'); tag++) ;

[Matthieu Labas]

I had the same problem last year or so with XMLNode.init_value, where it would sometimes be the magic number when malloc-ing. I solved it by using calloc() instead, which zeroes the buffer so I'll do that instead, for consistency (unless malloc is much faster/safer/...?).

[Matthieu Labas]

Corrected in v4.2.2.