[jira] [Updated] (XERCESC-1866) Crash with regular expression

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[jira] [Updated] (XERCESC-1866) Crash with regular expression

JIRA xerces-c-dev@xml.apache.org

     [ https://issues.apache.org/jira/browse/XERCESC-1866?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Scott Cantor updated XERCESC-1866:
----------------------------------
    Fix Version/s:     (was: 3.2.0)

> Crash with regular expression
> -----------------------------
>
>                 Key: XERCESC-1866
>                 URL: https://issues.apache.org/jira/browse/XERCESC-1866
>             Project: Xerces-C++
>          Issue Type: Bug
>          Components: Utilities
>         Environment: Windows XP, Visual Studio 2005
>            Reporter: Alexander Hartmann
>            Assignee: Boris Kolpackov
>             Fix For: 4.0.0
>
>         Attachments: XERCESC-1866.patch
>
>
> when I run the following test code my application crashes on the second regEx.matches call:
> {
>   XMLBuffer optionsBuf;
>   optionsBuf.append('i');
>   optionsBuf.append('H');
>   RegularExpression regEx(L"^\\W*Excel\\W*$", optionsBuf.getRawBuffer());
>   regEx.matches("Excel");
> }
> {
>   XMLBuffer optionsBuf;
>   optionsBuf.append('i');
>   optionsBuf.append('H');
>   RegularExpression regEx(L"^\\W*Excel\\W*$", optionsBuf.getRawBuffer());
>   regEx.matches("Excel");
> }
> some details I found during debugging:
> - there is an instance of RangeToken where I have no idea where this is created. I've set a breakpoint in the constructor but the debugger does not stop.
> - when RangeToken::getCaseInsensitiveToken is called a new RangeToken is created and stored in fCaseIToken
> - when parsing is finished the newly created RangeToken is deleted (through ~RegularExpression -> ~TokenFactory), but the original RangeToken (where I don't know where it is created) still exists and references the deleted RangeToken in fCaseIToken
> - the next time RangeToken::getCaseInsensitiveToken is called the invalid reference fCaseIToken is returned and this leads to a crash when it is accessed.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]