Description of problem: Validation of xml document is aborted. This validation is important for us because of openscap project. We are planning to push openscap into RHEL5.7 (https://bugzilla.redhat.com/show_bug.cgi?id=642672) but disabling the validation functionality would be significant shortcoming. Version-Release number of selected component (if applicable): # rpm -q libxml2 libxml2-2.6.26-2.1.2.8 How reproducible: use data from http://people.redhat.com/pvrabec/openscap/content.tgz $ xmllint --schema xccdf-schema.xsd usgcb-rhel5desktop_xccdf.xml > /dev/null Actual results: *** glibc detected *** xmllint: realloc(): invalid pointer: 0x083b7c88 *** Expected results: usgcb-rhel5desktop_xccdf.xml validates Additional info: It works fine on Fedora. $ rpm -q libxml2 libxml2-2.7.6-2.fc12.x86_64 libxml2-2.7.6-2.fc12.i686
(In reply to comment #0) > Description of problem: > Validation of xml document is aborted. > > This validation is important for us because of openscap project. We are > planning to push openscap into RHEL5.7 > (https://bugzilla.redhat.com/show_bug.cgi?id=642672) Please ignore this URL. It's for RHEL6.1 rebase. Request for RHEL5.7 push was not filed yet.
(In reply to comment #0) > Additional info: > It works fine on Fedora. > $ rpm -q libxml2 > libxml2-2.7.6-2.fc12.x86_64 > libxml2-2.7.6-2.fc12.i686 And on RHEL 6: libxml2-2.7.6-1.el6.x86_64
I don't why but it works for me on RHEL-5-Client/U6/x86_64 now. I'm closing this issue.
Unfortunately I get another fault. xmllint --noout --schema /usr/share/openscap/schemas/oval/5.6/oval-definitions-schema.xsd usgcb-rhel5desktop-oval.xml *** glibc detected *** xmllint: free(): invalid next size (fast): 0x0000000004a1fd20 *** usgcb-rhel5desktop-oval.xml is The United States Government Configuration Baseline (USGCB) for Red Hat Enterprise Linux 5: http://usgcb.nist.gov/usgcb/content/scap/RHEL5-desktop-USGCB-Alpha-Candidate.zip Schemas that I have used are patched OVAL schemas provided by openscap project. http://www.open-scap.org/download/openscap-0.7.1.tar.gz I can confirm that this works on my Fedora box.
# rpm -q libxml2 libxml2-2.6.26-2.1.2.8.el5_5.1 libxml2-2.6.26-2.1.10 Program received signal SIGABRT, Aborted. 0x000000314a030265 in raise () from /lib64/libc.so.6 (gdb) bt #0 0x000000314a030265 in raise () from /lib64/libc.so.6 #1 0x000000314a031d10 in abort () from /lib64/libc.so.6 #2 0x000000314a06a99b in __libc_message () from /lib64/libc.so.6 #3 0x000000314a07245f in _int_free () from /lib64/libc.so.6 #4 0x000000314a0728bb in free () from /lib64/libc.so.6 #5 0x00002aaaaab84464 in xmlSchemaFreeIDCStateObjList (sto=0xeb6220) at xmlschemas.c:3843 #6 0x00002aaaaab8589d in xmlSchemaFreeValidCtxt__internal_alias (ctxt=0xc4c1c0) at xmlschemas.c:27248 #7 0x00000000004069a0 in parseAndPrintFile (filename=0x7fffffffebaf "usgcb-rhel5desktop-oval.xml", rectxt=<value optimized out>) at xmllint.c:2692 #8 0x0000000000408a59 in main (argc=5, argv=0x7fffffffe918) at xmllint.c:3448 #5 0x00002aaaaab84464 in xmlSchemaFreeIDCStateObjList (sto=0xeb6220) at xmlschemas.c:3843 3843 xmlFree(sto->history); (gdb) print *sto $1 = {type = 1, next = 0xeb6320, depth = 0, history = 0xeb6d20, nbHistory = 0, sizeHistory = 10, matcher = 0xeb61e0, sel = 0xbbfd30, xpathCtxt = 0xeb6270}
*** Bug 696215 has been marked as a duplicate of this bug. ***
""" Server Error 404 - File or directory not found. The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable. http://usgcb.nist.gov/usgcb/content/scap/RHEL5-desktop-USGCB-Alpha-Candidate.zip """ Can you find a viable link or attach the tarball here, please?
The 1 line patch fixing this bug is the following: ----------------------------------------------------------------------- commit 6f9b0878c00c2b74ad6d7fddab031f27576880dc Author: Daniel Veillard <veillard.org> Date: Sat Aug 12 14:09:01 2006 +0000 applied patch from Marton Illes to fix an allocation bug in * xmlschemas.c: applied patch from Marton Illes to fix an allocation bug in xmlSchemaXPathEvaluate should close #351032 Daniel diff --git a/xmlschemas.c b/xmlschemas.c index e0d3b7a..3baae05 100644 --- a/xmlschemas.c +++ b/xmlschemas.c @@ -22197,7 +22197,7 @@ xmlSchemaXPathEvaluate(xmlSchemaValidCtxtPtr vctxt, "allocating the state object history", NULL); return(-1); } - sto->sizeHistory = 10; + sto->sizeHistory = 5; } else if (sto->sizeHistory <= sto->nbHistory) { sto->sizeHistory *= 2; sto->history = (int *) xmlRealloc(sto->history, ------------------------------------------------------------------------ But while chasing it I accumulated quite a list of rather nasty bugs in XSD for RHEL-5 . I start wondering if I should not apply a larger set of instead of just that one. If people start to use XSD libxml2 support in RHEL-5, then it's better to fix the main crashers there rather than just that one. Daniel
Fixed in build libxml2-2.6.26-2.1.12 Daniel
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1053.html