zorba-coders team mailing list archive

[Gabriel Petrovay <854688@xxxxxxxxxxxxxxxxxx>]

*** This bug is a security vulnerability ***

Private security bug reported:

<d:\mm.xq>:14,3: Zorba error [zerr:ZXQP0002]: "p->numChildren() == 0":
assertion failed; raised at zorba\src\store\naive\node_items.cpp:3398

This is in the constructor of a TextNode.

Another way to look on the problem is when a validated element that must
be of type string, contains a comment child node. The comment nodes pass
the schema validation but there are assumptions in the code that the
parent element has only 1 child (i.e. the text node). What happens if
comments are interlaced with this text? Or as I've heard, also
processing instructions.... Federico?

** Affects: zorba
     Importance: High
         Status: New


** Tags: comment schema typed validate

-- 
You received this bug notification because you are a member of Zorba
Coders, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/854688

Title:
  Segmentation fault in validated nodes

Status in Zorba - The XQuery Processor:
  New

Bug description:
  <d:\mm.xq>:14,3: Zorba error [zerr:ZXQP0002]: "p->numChildren() == 0":
  assertion failed; raised at zorba\src\store\naive\node_items.cpp:3398

  This is in the constructor of a TextNode.

  Another way to look on the problem is when a validated element that
  must be of type string, contains a comment child node. The comment
  nodes pass the schema validation but there are assumptions in the code
  that the parent element has only 1 child (i.e. the text node). What
  happens if comments are interlaced with this text? Or as I've heard,
  also processing instructions.... Federico?

To manage notifications about this bug go to:
https://bugs.launchpad.net/zorba/+bug/854688/+subscriptions