On Wed, Feb 07, 2007 at 03:20:38PM +1100, Michael Day
wrote:
> Hi,
>
> Here is a DTD parsing bug in libxml2 (tested with
2.6.27).
>
> Download the following .tar.gz:
>
> http://www.princexml.com/download/nasty-libxml2-dt
d-bug.tar.gz
>
> Unpack it and run:
>
> $ xmllint --loaddtd bug.xml
>
> You will get lots of error messages, the first one
being:
>
> nlm/references.ent:381: parser error : Comment not
terminated
>
> However if you look at the file, you will see that is
nonsense, and
> there are no unterminated comments on line 381.
>
> Even worse, if you delete *one character* from the
references.ent file
> at *any point* before line 381, then everything works
fine!
>
> This appears to be some kind of IO buffering error or
something like
> that, as the parser seems to be dependent on how many
characters are in
> the file before that point.
>
Probably a missing GROW somewhere in the DTD parsing code,
please bugzilla
I can't debugs this ATM,
thanks,
Daniel
--
Red Hat Virtualization group http://redhat.com/v
irtualization/
Daniel Veillard | virtualization library http://libvirt.org/
veillard redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ |
Rpmfind RPM search engine http://rpmfind.net/
_______________________________________________
xml mailing list, project page http://xmlsoft.org/
xmlgnome.org
http://mai
l.gnome.org/mailman/listinfo/xml
|
