From dda22c15d5447b4a2a7bd47d456bcc5bbcef2472 Mon Sep 17 00:00:00 2001 From: Daniel Veillard Date: Sat, 24 Jan 2004 08:31:30 +0000 Subject: [PATCH] applied patch from Steve Ball to avoid a double-free. Daniel * include/libxml/schemasInternals.h xmlschemas.c: applied patch from Steve Ball to avoid a double-free. Daniel --- ChangeLog | 5 +++++ include/libxml/schemasInternals.h | 1 + xmlschemas.c | 18 ++++++++++++++---- 3 files changed, 20 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4dfae89d..d7b818a2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +Sat Jan 24 09:30:22 CET 2004 Daniel Veillard + + * include/libxml/schemasInternals.h xmlschemas.c: applied patch from + Steve Ball to avoid a double-free. + Fri Jan 23 14:03:21 CET 2004 Daniel Veillard * doc/examples/*: added io1.c an example ox xmlIO usage and io1.res diff --git a/include/libxml/schemasInternals.h b/include/libxml/schemasInternals.h index 4a8fd695..e2907d81 100644 --- a/include/libxml/schemasInternals.h +++ b/include/libxml/schemasInternals.h @@ -379,6 +379,7 @@ struct _xmlSchema { xmlHashTablePtr groupDecl; xmlDictPtr dict; void *includes; /* the includes, this is opaque for now */ + int preserve; /* whether to free the document */ }; XMLPUBFUN void XMLCALL xmlSchemaFreeType (xmlSchemaTypePtr type); diff --git a/xmlschemas.c b/xmlschemas.c index d639b67f..f9e51533 100644 --- a/xmlschemas.c +++ b/xmlschemas.c @@ -85,6 +85,7 @@ struct _xmlSchemaParserCtxt { const xmlChar *URL; xmlDocPtr doc; + int preserve; /* Whether the doc should be freed */ const char *buffer; int size; @@ -650,7 +651,7 @@ xmlSchemaFree(xmlSchemaPtr schema) } if (schema->annot != NULL) xmlSchemaFreeAnnot(schema->annot); - if (schema->doc != NULL) + if (schema->doc != NULL && !schema->preserve) xmlFreeDoc(schema->doc); xmlDictFree(schema->dict); @@ -3840,6 +3841,8 @@ xmlSchemaNewDocParserCtxt(xmlDocPtr doc) memset(ret, 0, sizeof(xmlSchemaParserCtxt)); ret->doc = doc; ret->dict = xmlDictCreate(); + /* The application has responsibility for the document */ + ret->preserve = 1; return (ret); } @@ -3855,7 +3858,7 @@ xmlSchemaFreeParserCtxt(xmlSchemaParserCtxtPtr ctxt) { if (ctxt == NULL) return; - if (ctxt->doc != NULL) + if (ctxt->doc != NULL && !ctxt->preserve) xmlFreeDoc(ctxt->doc); xmlDictFree(ctxt->dict); xmlFree(ctxt); @@ -4862,6 +4865,7 @@ xmlSchemaParse(xmlSchemaParserCtxtPtr ctxt) xmlDocPtr doc; xmlNodePtr root; int nberrors; + int preserve = 0; xmlSchemaInitTypes(); @@ -4900,6 +4904,7 @@ xmlSchemaParse(xmlSchemaParserCtxtPtr ctxt) ctxt->URL = xmlDictLookup(ctxt->dict, BAD_CAST "in_memory_buffer", -1); } else if (ctxt->doc != NULL) { doc = ctxt->doc; + preserve = 1; } else { xmlSchemaPErr(ctxt, NULL, XML_SCHEMAP_NOTHING_TO_PARSE, @@ -4916,7 +4921,9 @@ xmlSchemaParse(xmlSchemaParserCtxtPtr ctxt) xmlSchemaPErr(ctxt, (xmlNodePtr) doc, XML_SCHEMAP_NOROOT, "schemas has no root", NULL, NULL); - xmlFreeDoc(doc); + if (!preserve) { + xmlFreeDoc(doc); + } return (NULL); } @@ -4930,10 +4937,13 @@ xmlSchemaParse(xmlSchemaParserCtxtPtr ctxt) */ ret = xmlSchemaParseSchema(ctxt, root); if (ret == NULL) { - xmlFreeDoc(doc); + if (!preserve) { + xmlFreeDoc(doc); + } return (NULL); } ret->doc = doc; + ret->preserve = preserve; /* * Then fix all the references.