php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #46699 xml_parse fails with Bus Error only when parser is namespace aware.
Submitted: 2008-11-27 20:02 UTC Modified: 2008-12-12 04:22 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: m dot haarmann at gmail dot com Assigned:
Status: Closed Package: XML related
PHP Version: 5.2CVS-2008-11-28 OS: Mac OS 10.5.5
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: m dot haarmann at gmail dot com
New email:
PHP Version: OS:

 

 [2008-11-27 20:02 UTC] m dot haarmann at gmail dot com 
Description:
------------
When executing xml_parse on a parser handle that was created using 
xml_create_parser_ns, the script fails.

Reproduce code:
---------------
// dummy handlers
function defaultTagHandler($parser,$data){
	echo $data;
}

//cont'd
function namespaceBla($parser,$user_data,$prefix){
}
// read a file
$filename = "demo.xml";
$file_data = implode("",file($filename));
$parser = xml_parser_create_ns();

xml_set_default_handler($parser,"defaultTagHandler");
xml_set_start_namespace_decl_handler($parser,"namespaceBla");
xml_set_end_namespace_decl_handler($parser,"namespaceBla");
// crashes here.
xml_parse($parser,$file_data);

Expected result:
----------------
to echo some node data.

Actual result:
--------------
bus error.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-11-27 20:17 UTC] m dot haarmann at gmail dot com 
this problem doesn't occur when using just xml_create_parser, without 
the namespace awareness. i'm using the php and apache2 versions that are 
bundled with mac os.
 [2008-11-28 12:29 UTC] jani@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/
 [2008-11-28 12:58 UTC] m dot haarmann at gmail dot com 
still same error with snapshot.
 [2008-11-28 13:30 UTC] jani@php.net 
Ok, is that demo.xml available somewhere?
 [2008-11-28 15:47 UTC] m dot haarmann at gmail dot com 
sure: 

demo.xml
--------
<?xml version="1.0" encoding="UTF-8" ?>
<xsl:stylesheet version="1.0"
                xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 
xmlns:foo="http://momo/">

	<xsl:output encoding="UTF-8" indent="yes" method="xml" />
	<foo:bar value="asdfasf">node</foo:bar>
	<xsl:template match="/">
	</xsl:template>
</xsl:stylesheet>
 [2008-11-30 22:40 UTC] crrodriguez at opensuse dot org 
Reproduced consistently in linux 64 bit. (5_2 and 5_3)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f697a693710 (LWP 31187)]
#0  0x0000000000000000 in ?? ()
#1  0x0000000000757e32 in _start_element_handler_ns (user=0xfde0c0, name=0xff3a23 "stylesheet", prefix=0xff3a1f "xsl",
    URI=0xff3a36 "http://www.w3.org/1999/XSL/Transform", nb_namespaces=2, namespaces=0xff4030, nb_attributes=1, nb_defaulted=0,
    attributes=0xff3e30) at /home/cristian/php5/ext/xml/compat.c:131
#2  0x00007f6978743dd8 in ?? () from /usr/lib64/libxml2.so.2
#3  0x00007f697874a281 in xmlParseChunk () from /usr/lib64/libxml2.so.2
#4  0x00000000007588ea in php_XML_Parse (parser=0xfde0c0,
    data=0xfdb318 "<?xml version=\"1.0\" encoding=\"UTF-8\" ?>\n<xsl:stylesheet version=\"1.0\"\n", ' ' <repeats 16 times>, "xmlns:xsl=\"http://www.w3.org/1999/XSL/Transform\" \nxmlns:foo=\"http://momo/\">\n\n\t<xsl:output encoding=\"UTF-8\" indent="..., data_len=324,
    is_final=0) at /home/cristian/php5/ext/xml/compat.c:530
#5  0x0000000000756876 in zif_xml_parse (ht=2, return_value=0xfded48, return_value_ptr=0x0, this_ptr=0x0, return_value_used=0)
    at /home/cristian/php5/ext/xml/xml.c:1466
#6  0x00000000008143ad in zend_do_fcall_common_helper_SPEC (execute_data=0x7f697a53c090) at /home/cristian/php5/Zend/zend_vm_execute.h:313
#7  0x0000000000819b34 in ZEND_DO_FCALL_SPEC_CONST_HANDLER (execute_data=0x7f697a53c090) at /home/cristian/php5/Zend/zend_vm_execute.h:1564
#8  0x000000000081349b in execute (op_array=0xfd9b40) at /home/cristian/php5/Zend/zend_vm_execute.h:104
#9  0x00000000007e3599 in zend_execute_scripts (type=8, retval=0x0, file_count=3) at /home/cristian/php5/Zend/zend.c:1197
#10 0x0000000000765a23 in php_execute_script (primary_file=0x7fff826c5390) at /home/cristian/php5/main/main.c:2080
#11 0x000000000088697f in main (argc=2, argv=0x7fff826c55d8) at /home/cristian/php5/sapi/cli/php_cli.c:1126
(gdb)
 [2008-12-12 04:22 UTC] rrichards@php.net 
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Nov 05 08:00:02 2025 UTC