Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
1.7.0
-
None
-
probably all (noticed on iOS with Xcode memory leak detector)
Description
In the generated adb_
{type}_deserialize() code ( adb_ActiveOrHistoricCurrencyAndAmount_deserialize()
in my case), code like this can be found:
...
parent_attri = NULL;
attrib_text = NULL;
if(attribute_hash)
{
axutil_hash_index_t *hi;
void *val;
const void *key;
for (hi = axutil_hash_first(attribute_hash, env); hi; hi = axutil_hash_next(env, hi))
{
axutil_hash_this(hi, &key, NULL, &val);
if(!strcmp((axis2_char_t*)key, "Ccy"))
{ parent_attri = (axiom_attribute_t*)val; break; } }
}
if(parent_attri)
{ attrib_text = axiom_attribute_get_value(parent_attri, env); }else
{ /* this is hoping that attribute is stored in "Ccy", this happnes when name is in default namespace */ attrib_text = axiom_element_get_attribute_value_by_name(parent_element, env, "Ccy"); }...
axutil_hash_first() allocates some memory (when env != NULL), which is freed by
axutil_hash_next() when we reach the end of the hash list.
But when we do find the correct key before reaching the end of the list ("Ccy" in the
above case), we break out of the for loop and axutil_hash_next() will never reach the
end of the list so that the allocated "hi" hash iterator never gets freed.
(Partial) XSD to reproduce the issue (xml element with attribute);
<xs:complexType name="ActiveOrHistoricCurrencyAndAmount">
<xs:simpleContent>
<xs:extension base="ActiveOrHistoricCurrencyAndAmount_SimpleType">
<xs:attribute name="Ccy" type="ActiveOrHistoricCurrencyCode" use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
<xs:simpleType name="ActiveOrHistoricCurrencyAndAmount_SimpleType">
<xs:restriction base="xs:decimal">
<xs:minInclusive value="0"/>
<xs:fractionDigits value="5"/>
<xs:totalDigits value="18"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="ActiveOrHistoricCurrencyCode">
<xs:restriction base="xs:string">
<xs:pattern value="[A-Z]
"/>
</xs:restriction>
</xs:simpleType>