[Bug 52073] The builtin libxml2/libxslt libraries break msxml3:domdoc in wow64 mode
WineHQ Bugzilla
wine-bugs at winehq.org
Sat Dec 18 02:48:44 CST 2021
https://bugs.winehq.org/show_bug.cgi?id=52073
Bernhard Übelacker <bernhardu at mailbox.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bernhardu at mailbox.org
--- Comment #1 from Bernhard Übelacker <bernhardu at mailbox.org> ---
Created attachment 71336
--> https://bugs.winehq.org/attachment.cgi?id=71336
Backtraces from rr of pointer invalidation and the crash.
I tried to find out the reason for the crash
and guess this is what happens:
In function xslt_doc_default_loader a pointer of the stack based
variable "xmlParserInputPtr input" is given to bind_url.
Later in function import_loader_onDataAvailable this pointer appears
as parameter "void *ctxt" which correctly gets casted to
"xmlParserInputPtr *input", but in my opinion incorrectly given
to xmlNewIOInputStream as parameter "xmlParserCtxtPtr ctxt".
In the next call to xmlNewInputStream this xmlParserCtxtPtr is
used to increment the input_id member.
By accident this input_id member contains the pointer which causes
in xmlXPathNodeCollectAndTest the segfault.
Attached file contains the backtrace of
the pointer invalidation and the crash.
This patch just gives a NULL to xmlNewInputStream, because
ctxt is really a pointer to xmlParserInputPtr:
https://source.winehq.org/patches/data/222347
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list