GNOME Bugzilla – Bug 133449
Bad error messages crash debug handler on solaris
Last modified: 2021-07-05 10:59:57 UTC
In transform.c, in xsltApplyTemplates, there is the following message: XSLT_TRACE(ctxt,XSLT_TRACE_APPLY_TEMPLATES,xsltGenericDebug (xsltGenericDebugContext, "xsltApplyTemplates: Changing document - context doc %s, xpath doc %s\n", ctxt->document->doc->URL, ctxt->xpathCtxt->doc->URL)) BUT ctxt->document->doc->URL and ctxt->xpathCtxt->doc->URL may be NULL which is going to crash on Solaris....
Actually it seems that this problem occurs in many other places... Is it assumed that the "xsltGenericDebug" function can handle things like: "%s", NULL ??? That does not seem safe on Solaris (it definitely crashes vsnprintf).
Well, it is a debugging mechanism, I would not expect it to be run in production, more precisely ctxt->traceCode should be zero then. I don't know how expensive in terms of code size it is to make all the various tests to cope with this situation. Maybe it can be done in a reasonable way by tunelling to an intermediate function, a bit like the way error handling paths are minimized in libxml2. In any case a patch would help make progresses :-) Daniel
This is not a libxslt bug, in my opinion. I've reproduced the crash on Solaris 8. The problem should not exist in newer versions. See nullstr in doprnt.c on this page : http://cvs.opensolaris.org/source/xref/on/usr/src/lib/libbc/libc/stdio/common/d oprnt.c
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/libxslt/-/issues/ Thank you for your understanding and your help.