Bug 175361 - xmllint segmentation fault parsing xsd
xmllint segmentation fault parsing xsd
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: libxml2 (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Veillard
Depends On:
  Show dependency treegraph
Reported: 2005-12-09 08:58 EST by Jesús Corrius
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-12-09 10:45:05 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
xsd schema (847 bytes, application/octet-stream)
2005-12-09 08:59 EST, Jesús Corrius
no flags Details
strace output (4.98 KB, application/octet-stream)
2005-12-09 09:01 EST, Jesús Corrius
no flags Details

  None (edit)
Description Jesús Corrius 2005-12-09 08:58:05 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050923 CentOS/1.0.7-1.4.1.centos4 Firefox/1.0.7

Description of problem:
xmllint segmentation fault parsing while parsing an xsd file

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. xmllint --schema test.xsd
2. Segmentation fault

Actual Results:  Segmentation fault

Expected Results:  xmllint doesn't crash

Additional info:
Comment 1 Jesús Corrius 2005-12-09 08:59:46 EST
Created attachment 122074 [details]
xsd schema 

This is the file that crashes xmllint
Comment 2 Jesús Corrius 2005-12-09 09:01:41 EST
Created attachment 122075 [details]
strace output
Comment 3 Daniel Veillard 2005-12-09 10:45:05 EST
XSD support was highly experimental at the time of 2.6.16,
recent release from xmlsoft.org should just work, for example
2.6.22 , it doesn't crash on this input. If you really rely on
XSD, then you should really track upstream releases.
XSD is never activated by libxml2 default processing, so even
though the crash is annoying, I don't think it can lead to a 
security risk.


Note You need to log in before you can comment on or make changes to this bug.