- valid.c tree.c parserInternals.c parser.c: Stephan Kulow
provided another failing case found in KDE, the way the
ctxt->vctxt.nodeTab was allocated and freed changed over
time but it wasn't completely cleaned up. This should fix it.
Daniel
diff --git a/ChangeLog b/ChangeLog
index e4a8bc5..c600a27 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+Tue Jun 19 13:04:10 CEST 2001 Daniel Veillard <Daniel.Veillard@imag.fr>
+
+ * valid.c tree.c parserInternals.c parser.c: Stephan Kulow
+ provided another failing case found in KDE, the way the
+ ctxt->vctxt.nodeTab was allocated and freed changed over
+ time but it wasn't completely cleaned up. This should fix it.
+
Sun Jun 17 19:56:33 CEST 2001 Daniel Veillard <Daniel.Veillard@imag.fr>
* parser.c: Stephan Kulow also raised the fact that line number
diff --git a/parser.c b/parser.c
index 615e293..d7c7c56 100644
--- a/parser.c
+++ b/parser.c
@@ -8853,23 +8853,14 @@
if (ctxt->validate) {
ctxt->vctxt.error = ctx->vctxt.error;
ctxt->vctxt.warning = ctx->vctxt.warning;
- /* Allocate the Node stack */
- ctxt->vctxt.nodeTab = (xmlNodePtr *) xmlMalloc(4 * sizeof(xmlNodePtr));
- if (ctxt->vctxt.nodeTab == NULL) {
- xmlGenericError(xmlGenericErrorContext,
- "xmlParseCtxtExternalEntity: out of memory\n");
- ctxt->validate = 0;
- ctxt->vctxt.error = NULL;
- ctxt->vctxt.warning = NULL;
- } else {
- ctxt->vctxt.nodeNr = 0;
- ctxt->vctxt.nodeMax = 4;
- ctxt->vctxt.node = NULL;
- }
} else {
ctxt->vctxt.error = NULL;
ctxt->vctxt.warning = NULL;
}
+ ctxt->vctxt.nodeTab = NULL;
+ ctxt->vctxt.nodeNr = 0;
+ ctxt->vctxt.nodeMax = 0;
+ ctxt->vctxt.node = NULL;
xmlParseContent(ctxt);
diff --git a/parserInternals.c b/parserInternals.c
index 3e2e76f..4039c99 100644
--- a/parserInternals.c
+++ b/parserInternals.c
@@ -2264,6 +2264,7 @@
if ((ctxt->sax != NULL) && (ctxt->sax != &xmlDefaultSAXHandler))
xmlFree(ctxt->sax);
if (ctxt->directory != NULL) xmlFree((char *) ctxt->directory);
+ if (ctxt->vctxt.nodeTab != NULL) xmlFree(ctxt->vctxt.nodeTab);
xmlFree(ctxt);
}
diff --git a/tree.c b/tree.c
index 3676a26..1eea985 100644
--- a/tree.c
+++ b/tree.c
@@ -483,6 +483,8 @@
*/
void
xmlFreeDoc(xmlDocPtr cur) {
+ xmlDtdPtr extSubset, intSubset;
+
if (cur == NULL) {
#ifdef DEBUG_TREE
xmlGenericError(xmlGenericErrorContext,
@@ -497,15 +499,17 @@
cur->ids = NULL;
if (cur->refs != NULL) xmlFreeRefTable((xmlRefTablePtr) cur->refs);
cur->refs = NULL;
- if (cur->extSubset != NULL) {
+ extSubset = cur->extSubset;
+ intSubset = cur->intSubset;
+ if (extSubset != NULL) {
xmlUnlinkNode((xmlNodePtr) cur->extSubset);
- xmlFreeDtd(cur->extSubset);
cur->extSubset = NULL;
+ xmlFreeDtd(extSubset);
}
- if (cur->intSubset != NULL) {
+ if (intSubset != NULL) {
xmlUnlinkNode((xmlNodePtr) cur->intSubset);
- xmlFreeDtd(cur->intSubset);
cur->intSubset = NULL;
+ xmlFreeDtd(intSubset);
}
if (cur->children != NULL) xmlFreeNodeList(cur->children);
diff --git a/valid.c b/valid.c
index 07ad05f..e9049e0 100644
--- a/valid.c
+++ b/valid.c
@@ -38,6 +38,7 @@
if (ctxt->name##Tab == NULL) { \
xmlGenericError(xmlGenericErrorContext, \
"malloc failed !\n"); \
+ ctxt->name##Max = 0; \
return(0); \
} \
} \
@@ -3699,6 +3700,8 @@
/*
* The first entry in the stack is reserved to the current state
*/
+ ctxt->nodeMax = 0;
+ ctxt->nodeNr = 0;
ctxt->nodeTab = NULL;
ctxt->vstate = &ctxt->vstateTab[0];
ctxt->vstateNr = 1;
@@ -3829,6 +3832,7 @@
ctxt->vstateTab = NULL;
}
ctxt->nodeMax = 0;
+ ctxt->nodeNr = 0;
if (ctxt->nodeTab != NULL) {
xmlFree(ctxt->nodeTab);
ctxt->nodeTab = NULL;