You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@xalan.apache.org by bu...@apache.org on 2002/03/24 11:51:07 UTC

DO NOT REPLY [Bug 7410] New: - Use of tail-pruning is serverly broken

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7410>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7410

Use of tail-pruning is serverly broken

           Summary: Use of tail-pruning is serverly broken
           Product: XalanJ2
           Version: CurrentCVS
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: org.apache.xpath
        AssignedTo: xalan-dev@xml.apache.org
        ReportedBy: arjen.duursma@nl.compuware.com


The use of tail-pruning from the XPathContext is broken.
This may result in the (silent) loss of parts of the result-tree
or an ArrayOutOfBoundsException as reported in 
bugs #7225 and #6833, depending how a broken fragment is
used in the stylesheet. The silent loss of information
from the resulttree makes the use of 2.3.x versions of xalan-j
very dangerous.

The problem is caused by the use of XPathContext.pushRTFContext
and XPathContext.popRTFContext from the ElemTemplate.execute() method.
The current rtfdtm may change between the push and the pop. Causing the
respective side-effects to operate to different objects. It is obvious that
nothing but disaster can come of this.

I don't have a clue whether the effect is due to a faulty xsl
use or is just a weird exception, but xalan should administrate
it's internals properly or raise some exception.

Under the assumption that the stylesheet is not the fault,
a suggested fix is to let XPathContext.pushRTFContext return
the rtfdtm value on which the rewindmark was pushed.
The XPathContext.popRTFContext can then be passed this value
for a proper rewindmark pop operation.  The rtfdtm stack
should probably only be shortened in the pop operation if the
passed rtfdtm is the actual top op the stack.