martin ettl reported a resource leak in expat[1]: during a check with the static code analysis tool cppcheck, i found a resource leak, I reported it to the wxWidgets developers. The told me to contact you: http://trac.wxwidgets.org/ticket/11432 http://trac.wxwidgets.org/ticket/11194 Best regards Orbitcowboy [1] http://sourceforge.net/tracker/?func=detail&atid=110127&aid=2895533&group_id=10127 http://mail.python.org/pipermail/expat-bugs/2009-November/002858.html
xmlwf/readfilemap.c is used on Windows only, from configure: if test "$ac_cv_func_mmap_fixed_mapped" = "yes"; then FILEMAP=unixfilemap else FILEMAP=readfilemap fi NOTABUG on UNIX, but affects Windows so expat is not affected but mingw32-expat may be affected on Windows.
Upstream bug: http://sourceforge.net/p/expat/bugs/2895533/ Upstream commit: http://expat.cvs.sourceforge.net/viewvc/expat/expat/xmlwf/readfilemap.c?view=log#rev1.15 Fixed upstream in 2.1.0: http://sourceforge.net/projects/expat/files/expat/2.1.0/ #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. As noted above, this did not affect Linux / Unix builds of expat. mingw-expat packages in Fedora and EPEL-7 are already updated to fixed upstream version 2.1.0. This only affected xmlfw tool and not the expat library itself, and hence had no real impact.