Bug 175361 - xmllint segmentation fault parsing xsd
Summary: xmllint segmentation fault parsing xsd
Keywords:
Status: CLOSED UPSTREAM
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: libxml2
Version: 4.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Daniel Veillard
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-12-09 13:58 UTC by Jesús Corrius
Modified: 2007-11-30 22:07 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-12-09 15:45:05 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)
xsd schema (847 bytes, application/octet-stream)
2005-12-09 13:59 UTC, Jesús Corrius
no flags Details
strace output (4.98 KB, application/octet-stream)
2005-12-09 14:01 UTC, Jesús Corrius
no flags Details

Description Jesús Corrius 2005-12-09 13:58:05 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050923 CentOS/1.0.7-1.4.1.centos4 Firefox/1.0.7

Description of problem:
xmllint segmentation fault parsing while parsing an xsd file

Version-Release number of selected component (if applicable):
libxml2-2.6.16-6

How reproducible:
Always

Steps to Reproduce:
1. xmllint --schema test.xsd
2. Segmentation fault
  

Actual Results:  Segmentation fault

Expected Results:  xmllint doesn't crash

Additional info:

Comment 1 Jesús Corrius 2005-12-09 13:59:46 UTC
Created attachment 122074 [details]
xsd schema 

This is the file that crashes xmllint

Comment 2 Jesús Corrius 2005-12-09 14:01:41 UTC
Created attachment 122075 [details]
strace output

Comment 3 Daniel Veillard 2005-12-09 15:45:05 UTC
XSD support was highly experimental at the time of 2.6.16,
recent release from xmlsoft.org should just work, for example
2.6.22 , it doesn't crash on this input. If you really rely on
XSD, then you should really track upstream releases.
XSD is never activated by libxml2 default processing, so even
though the crash is annoying, I don't think it can lead to a 
security risk.

Daniel


Note You need to log in before you can comment on or make changes to this bug.