Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

registry: Restore default libxml2 error handler after parsing #530

Merged
merged 1 commit into from
Oct 13, 2024

Conversation

sbstnk
Copy link
Contributor

@sbstnk sbstnk commented Oct 12, 2024

Leaving the custom error handler could have resulted in a crash after the context has been freed.

Closes: #529

@sbstnk
Copy link
Contributor Author

sbstnk commented Oct 12, 2024

To test this you can use the following C program:

gcc -I/usr/include/libxml2 ./xkb_test.c -o ./xkb_test -lxml2 -lxkbregistry

#include <xkbcommon/xkbregistry.h>
#include <libxml/parser.h>
#include <libxml/tree.h>
#include <string.h>

int main (int argc, char *argv[]) {
  struct rxkb_context *ctx;
  xmlDocPtr doc;
  const char *invalid_xml = "<test";
  char *temp;

  ctx = rxkb_context_new (0);
  rxkb_context_parse (ctx, "evdev");
  rxkb_context_unref (ctx);

  LIBXML_TEST_VERSION
  doc = xmlParseMemory (invalid_xml, strlen(invalid_xml));
  xmlFreeDoc (doc);
  xmlCleanupParser();

  return 0;
}

Without the patch it should randomly segfault if you run it a couple of times with backtraces like:

#0  0x00000000c9734006 in ?? ()
#1  0x00007ffff7e326f2 in rxkb_log () from /lib64/libxkbregistry.so.0
#2  0x00007ffff7e32b3a in xml_error_func () from /lib64/libxkbregistry.so.0
#3  0x00007ffff7e6b61f in xmlReportError () from /lib64/libxml2.so.2
#4  0x00007ffff7e6d4b1 in __xmlRaiseError () from /lib64/libxml2.so.2
#5  0x00007ffff7e71041 in xmlFatalErrMsgStrIntStr.lto_priv.0 () from /lib64/libxml2.so.2
#6  0x00007ffff7e82227 in xmlParseElementStart () from /lib64/libxml2.so.2
#7  0x00007ffff7e83e45 in xmlParseElement () from /lib64/libxml2.so.2
#8  0x00007ffff7e84ab0 in xmlParseDocument () from /lib64/libxml2.so.2
#9  0x00007ffff7e8503c in xmlSAXParseMemoryWithData () from /lib64/libxml2.so.2
#10 0x00000000004011fe in main ()

Leaving the custom error handler could have resulted in a crash after
the context has been freed.

Closes: xkbcommon#529
@wismill wismill force-pushed the fix-libxml-error-handler-reset branch from d07c7fa to d1b09ab Compare October 13, 2024 09:38
@wismill
Copy link
Member

wismill commented Oct 13, 2024

Thanks for the excellent work! I completed with comments, a test and a changelog entry.

@wismill wismill merged commit a47961b into xkbcommon:master Oct 13, 2024
4 checks passed
@wismill wismill added bug Indicates an unexpected problem or unintended behavior registry Indicates a need for improvements or additions to Registry labels Oct 13, 2024
@wismill wismill added this to the 1.8.0 milestone Oct 13, 2024
@sbstnk
Copy link
Contributor Author

sbstnk commented Oct 13, 2024

Thanks for the quick review, improvements and merge! Also glad that you noticed that I missed an early return, that I somehow kept reading as another goto :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Indicates an unexpected problem or unintended behavior registry Indicates a need for improvements or additions to Registry
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Crash when parsing malformed XML after rxkb_context_parse() due to error handler not being reset
2 participants