Re: BUG #18943: Return value of a function 'xmlBufferCreate' is dereferenced at xpath.c:177 without checking for NUL

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Robin Haberkorn <haberkorn(at)b1-systems(dot)de>
Cc: Jim Jones <jim(dot)jones(at)uni-muenster(dot)de>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-bugs(at)lists(dot)postgresql(dot)org, maralist86(at)mail(dot)ru
Subject: Re: BUG #18943: Return value of a function 'xmlBufferCreate' is dereferenced at xpath.c:177 without checking for NUL
Date: 2025-07-08 11:23:30
Message-ID: aGz_ssvep-q7oM-M@paquier.xyz
Views: Whole Thread | Raw Message | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

On Tue, Jul 08, 2025 at 09:49:20AM +0000, Robin Haberkorn wrote:
> I know this has already been committed, but why are we still using
> PG_XML_STRICTNESS_LEGACY in xpath.c? As we are always checking
> pg_xml_error_occurred() this should no longer be necessary.

Are you sure that you can do that? When I looked at this code I was
under the impression that xmlReadMemory() can generate an error and
can go through the error context we set, so the legacy mode counted
for xpath_string() at least.

Perhaps we should just remove the pg_xml_error_occurred() then if
that's confusing, keeping the legacy mode. Or do you have a different
idea in mind?
--
Michael

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Tom Lane 2025-07-08 13:36:37 Re: BUG #18943: Return value of a function 'xmlBufferCreate' is dereferenced at xpath.c:177 without checking for NUL
Previous Message Robin Haberkorn 2025-07-08 09:49:20 Re: BUG #18943: Return value of a function 'xmlBufferCreate' is dereferenced at xpath.c:177 without checking for NUL