175361 – xmllint segmentation fault parsing xsd

Bug 175361 - xmllint segmentation fault parsing xsd

Summary: xmllint segmentation fault parsing xsd

Status:	CLOSED UPSTREAM
Alias:	None
Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	libxml2
Sub Component:	(Show other bugs)
Version:	4.0
Hardware:	i386 Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Daniel Veillard
QA Contact:
Docs Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-12-09 13:58 UTC by Jesús Corrius
Modified:	2007-11-30 22:07 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2005-12-09 15:45:05 UTC
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
xsd schema (847 bytes, application/octet-stream) 2005-12-09 13:59 UTC, Jesús Corrius	no flags	Details
strace output (4.98 KB, application/octet-stream) 2005-12-09 14:01 UTC, Jesús Corrius	no flags	Details
Add an attachment (proposed patch, testcase, etc.)

Description Jesús Corrius 2005-12-09 13:58:05 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050923 CentOS/1.0.7-1.4.1.centos4 Firefox/1.0.7

Description of problem:
xmllint segmentation fault parsing while parsing an xsd file

Version-Release number of selected component (if applicable):
libxml2-2.6.16-6

How reproducible:
Always

Steps to Reproduce:
1. xmllint --schema test.xsd
2. Segmentation fault
  

Actual Results:  Segmentation fault

Expected Results:  xmllint doesn't crash

Additional info:

Comment 1 Jesús Corrius 2005-12-09 13:59:46 UTC

Created attachment 122074 [details]
xsd schema 

This is the file that crashes xmllint

Comment 2 Jesús Corrius 2005-12-09 14:01:41 UTC

Created attachment 122075 [details]
strace output

Comment 3 Daniel Veillard 2005-12-09 15:45:05 UTC

XSD support was highly experimental at the time of 2.6.16,
recent release from xmlsoft.org should just work, for example
2.6.22 , it doesn't crash on this input. If you really rely on
XSD, then you should really track upstream releases.
XSD is never activated by libxml2 default processing, so even
though the crash is annoying, I don't think it can lead to a 
security risk.

Daniel

Note You need to log in before you can comment on or make changes to this bug.