Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Segmentation fault during XSLT transformation #1802

Closed
ojundt opened this issue Oct 10, 2018 · 7 comments
Closed

Segmentation fault during XSLT transformation #1802

ojundt opened this issue Oct 10, 2018 · 7 comments
Labels
topic/memory Segfaults, memory leaks, valgrind testing, etc.
Milestone
v1.10.x patch rel...

Comments

@ojundt
Copy link

ojundt commented Oct 10, 2018

What problems are you experiencing?
Nokogiri crashes with a segmentation fault during a XSLT transformation.

What's the output from nokogiri -v?

# Nokogiri (1.8.5)
    ---
    warnings: []
    nokogiri: 1.8.5
    ruby:
      version: 2.5.1
      platform: x86_64-darwin17
      description: ruby 2.5.1p57 (2018-03-29 revision 63029) [x86_64-darwin17]
      engine: ruby
    libxml:
      binding: extension
      source: packaged
      libxml2_path: "/Users/foobar/.rvm/gems/ruby-2.5.1/gems/nokogiri-1.8.5/ports/x86_64-apple-darwin17.4.0/libxml2/2.9.8"
      libxslt_path: "/Users/foobar/.rvm/gems/ruby-2.5.1/gems/nokogiri-1.8.5/ports/x86_64-apple-darwin17.4.0/libxslt/1.1.32"
      libxml2_patches:
      - 0001-Revert-Do-not-URI-escape-in-server-side-includes.patch
      - 0002-Fix-nullptr-deref-with-XPath-logic-ops.patch
      - 0003-Fix-infinite-loop-in-LZMA-decompression.patch
      libxslt_patches: []
      compiled: 2.9.8
      loaded: 2.9.8

Can you provide a self-contained script that reproduces what you're seeing?
Yes, see example.zip for a simple ruby script and example XSL and XML file.
@flavorjones
Copy link
Member

Thanks for reporting this. I'll take a look as soon as I have some free time.

@ojundt
Copy link
Author

ojundt commented Oct 11, 2018

Thanks @flavorjones. In the meantime I've been able to narrow it down to the presence of xs:decimal calls in the XSL which are XPath 2.0 features. If I remove those, Nokogiri no longer crashes.

@flavorjones
Copy link
Member

flavorjones commented Oct 11, 2018 via email

@flavorjones flavorjones added this to the v1.10.x patch releases milestone Jan 5, 2019
@flavorjones
Copy link
Member

@ojundt Are you able to provide a smaller repro script? If not maybe it's no biggie, but the test I have based on this data is large as a result.

flavorjones added a commit that referenced this issue Jan 12, 2019
@flavorjones
WIP: ensure we trap XML errors while applying XSLT stylesheet
cb01e68 
otherwise trivial XML errors will silently result in NULL being
returned by xsltApplyStylesheet() and a subsequent segfault

WIP NOTE that we need a test here to prevent regressions. The test I have
available is too large to commit to the repo.

Fixes #1802
@flavorjones
Copy link
Member

just pushed branch 1802-xpath2-causes-segfault-in-transform which still needs a test before it gets merged.

@flavorjones
Copy link
Member

@ojundt Never mind - I've got it shortened down to a very small size now. Thanks again for the repro!

flavorjones added a commit that referenced this issue Jan 13, 2019
@flavorjones
ensure we trap XML errors while applying XSLT stylesheet
3ab0c9d 
otherwise trivial XML errors will silently result in NULL being
returned by xsltApplyStylesheet() and a subsequent segfault

Fixes #1802
@flavorjones flavorjones mentioned this issue Jan 13, 2019
Merged
@flavorjones
Copy link
Member

See PR #1860 to address this issue.

flavorjones added a commit that referenced this issue Jan 13, 2019
@flavorjones
Merge pull request #1860 from sparklemotion/1802-xpath2-causes-segfau…
75e9f2a 
…lt-in-transform

[#1802] ensure we trap XML errors while applying XSLT stylesheet
flavorjones added a commit that referenced this issue Jan 13, 2019
@flavorjones
update CHANGELOG
a1b3c20 
for #1802
flavorjones added a commit that referenced this issue Nov 29, 2019
@flavorjones
remove unused C function
d36acf4 
related to #1802 and #1860 / commit 3ab0c9d
@flavorjones flavorjones added the topic/memory Segfaults, memory leaks, valgrind testing, etc. label Feb 2, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
topic/memory Segfaults, memory leaks, valgrind testing, etc.
Projects
None yet
Milestone
v1.10.x patch releases
Development

No branches or pull requests
2 participants
@flavorjones @ojundt