Package: libxml++2.6-1c2a
Version: 2.6.1-2.2
Severity: important
Tags: patch
Node::find does not check the return value of the underlying xml library
does a NULL dereference when xmlXPathEval returns NULL. For an
example I passed the string "FGName::text()" which xmlXPathEval
flagged as an invalid expression and returned NULL.
--- node.cc.orig 2006-06-16 21:08:49.000000000 -0500
+++ node.cc 2006-06-16 21:19:15.000000000 -0500
@@ -151,6 +151,12 @@ NodeSet Node::find(const Glib::ustring&
ctxt->node = impl_;
xmlXPathObject* result = xmlXPathEval((const xmlChar*)xpath.c_str(), ctxt);
+ if(!result)
+ {
+ xmlXPathFreeContext(ctxt);
+ throw exception("Error in xpath string.");
+ }
+
if (result->type != XPATH_NODESET)
{
xmlXPathFreeObject(result);
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc3
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages libxml++2.6-1c2a depends on:
ii libc6 2.3.6-7 GNU C Library: Shared libraries
ii libgcc1 1:4.1.0-1+b1 GCC support library
ii libglib2.0-0 2.10.2-1 The GLib library of C routines
ii libglibmm-2.4-1c2a 2.8.2-2.1 C++ wrapper for the GLib toolkit (
ii libsigc++-2.0-0c2a 2.0.16-3 type-safe Signal Framework for C++
ii libstdc++6 4.1.0-1+b1 The GNU Standard C++ Library v3
ii libxml2 2.6.23.dfsg.2-3 GNOME XML library
ii zlib1g 1:1.2.3-11 compression library - runtime
libxml++2.6-1c2a recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
