GNOME Bugzilla – Bug 316034
libxml2 xmlElemDump crashes (segfault) when trying to dump DOCTYPE (DTD)
Last modified: 2005-09-11 23:47:40 UTC
Steps to reproduce: 1. set up files as follows banana.c contains this: #include <libxml/parser.h> #include <libxml/tree.h> int main (int argc, char *argv[]) { const char *fn; xmlParserCtxtPtr ctxt; xmlDocPtr doc; if ( argc >= 2 ) fn = argv[1]; else fn = "test.html"; ctxt = xmlNewParserCtxt (); doc = xmlCtxtReadFile(ctxt, fn, NULL, XML_PARSE_DTDVALID); xmlElemDump (stdout, doc, (xmlNode *)doc); return 0; } and test.html contains: <?xml version="1.0" encoding="iso-8859-1"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Test</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <meta http-equiv="Content-Language" content="en" /> </head> <body> <h1>Test</h1> </body> </html> 2. compile banana.c 3. run -> segfault Stack trace: gdb stack trace:
+ Trace 62939
Other information:
Maybe I should add that the presence of XML_PARSE_DTDVALID does not matter. It's the DOCTYPE itself which causes the segfault (when trying to dump); remove it and the program works (sort of).
The error is due to the fact that you are calling xmlElemDump on a document node. The proper API for dumping a document is xmlDocContentDumpOutput(), casting to the wrong type to then call the wrong API is a good way to defeat static typing and get crashes in C, so priority and severity back to normal ! But the function should check the input pointer more closely, this is fixed in CVS, thanks, Daniel