You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@apr.apache.org by Brad Goodman <br...@bradgoodman.com> on 2011/05/20 20:19:26 UTC

Test failure (core dump) in testxml - APR-util 1.3.11

I have a pretty stock CentOS 5.4 system, and am attempting to build
APR-Util 1.3.11

Everything builds file, however, in running the tests, I get a core
dump executing "testxml".

Without trying to spam the list - a summary of the dump indicates it
was executing the function "test_CVE_2009_3720_alpha", feeding the
string "\0\r\n" to the apr_xml_parser when it crashed inside
apr_xml_parser_done.

When I moved the call to test_CVE_2009_3720_alpha() to be the LAST of
the calls in the textml() function - it was indeed only that one which
crashed. i.e. - It passed the other 3 tests (test_xml_parser,
test_billion_laughs and test_CVE_2009_3720_beta).

Also, when I changed the text string being passed to "<xml></xml>" -
the test passed and did not crash.

Is this something dowstream of APR/APR-Util which is having this
problem? (It is a new, pretty standard install). Has anyone else seen
something like this? Given the odd string being passed - was this test
put there for a specific reason?

Summary backtrace as follows:

#4  0x0000003ebb40d0ad in XML_Parse () from /lib64/libexpat.so.0
#5  0x00002b610cfc9450 in do_parse (parser=0x108f73a0,
data=0x7fff944d11b0 "\217▒r\020", len=0, is_final=-1806888528)
    at xml/apr_xml.c:418
#6  0x00002b610cfc94aa in apr_xml_parser_done (parser=0x0,
pdoc=0x7fff944d1358) at xml/apr_xml.c:441
#7  0x000000000040899c in test_CVE_2009_3720_alpha (tc=<value
optimized out>, data=<value optimized out>) at testxml.c:179
#8  0x00000000004050fd in abts_run_test (ts=<value optimized out>,
f=0x408960 <test_CVE_2009_3720_alpha>, value=0x0)
    at abts.c:169
#9  0x00000000004088f3 in testxml (suite=0x106564d0) at testxml.c:201
#10 0x0000000000404677 in main (argc=<value optimized out>,
argv=<value optimized out>) at abts.c:411

Re: Test failure (core dump) in testxml - APR-util 1.3.11

Posted by "William A. Rowe Jr." <wr...@rowe-clan.net>.

On 5/20/2011 1:19 PM, Brad Goodman wrote:
> I have a pretty stock CentOS 5.4 system, and am attempting to build
> APR-Util 1.3.11

Are you at the correct patch level of your vendor's libexpat.so.0?

If not, ./configure --with-expat=builtin will give you the one shipped
by the apr project.