[XERCESC-2044] Code analysis revealed multiple potential NULL derefence conditions (currently unconfirmed) - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.1.1
Fix Version/s: 3.1.2, 3.2.0
Component/s: Miscellaneous
Labels:
None

Description

src/xercesc/util/MsgLoaders/InMemory/InMemMsgLoader.cpp

If fMsgDomain doesn't match one of the 4 else clauses, it could dereference null at line 106

src/xercesc/internal/IGXMLScanner.cpp

The !elemDecl check on line 2383 appears to be missing a final else clause to catch unknown grammar types.

src/xercesc/internal/XSObjectFactory.cpp

If the xsMultiFacetList is not allocated at line 840, there are no obvious checks later in the function to ensure it is not dereferenced

src/xercesc/validators/DTD/DTDScanner.cpp

If the first branch followed is "else if (fReaderMgr->skippedChar(chCloseParen))" at line 1210, lastNode can potentially dereference a NULL at line 1225

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

XSObjectFactory.patch
02/Mar/15 02:42
1 kB
Int3
InMemMsgLoader.patch
02/Mar/15 02:42
0.5 kB
Int3
IGXMLScanner.patch
02/Mar/15 02:42
0.6 kB
Int3
DTDScanner.patch
02/Mar/15 02:42
0.7 kB
Int3

Activity

People

Assignee:: Scott Cantor

Reporter:: Int3

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/Mar/15 02:26

Updated:: 28/Aug/17 23:42

Resolved:: 21/Jun/17 21:39