Hi,
It's likely a bug found automatically by our in-lab tool for pools.
In subversion/libsvn_subr/xml.c, a hash table (ht) is allocated from a
subpool, and an iterator (hi) is allocated from a parent pool. Since the
subpool is destroyed before the parent pool, the iterator (hi) is dangling
and may be a leak. The parameter in the call to
svn_xml_make_open_tag_hash at line 601 may use subpool instead of pool.
506 apr_hash_t *
507 svn_xml_ap_to_hash(va_list ap, apr_pool_t *pool)
508 {
509 apr_hash_t *ht = apr_hash_make(pool);
...
518 return ht;
...
553 void
554 svn_xml_make_open_tag_hash(svn_stringbuf_t **str,
555 apr_pool_t *pool,
556 enum svn_xml_open_tag_style style,
557 const char *tagname,
558 apr_hash_t *attributes)
...
568 for (hi = apr_hash_first(pool, attributes); hi; hi =
apr_hash_next(hi))
...
591 void
592 svn_xml_make_open_tag_v(svn_stringbuf_t **str,
593 apr_pool_t *pool,
594 enum svn_xml_open_tag_style style,
595 const char *tagname,
596 va_list ap)
597 {
598 apr_pool_t *subpool = svn_pool_create(pool);
599 apr_hash_t *ht = svn_xml_ap_to_hash(ap, subpool);
600
601 svn_xml_make_open_tag_hash(str, pool, style, tagname, ht);
602 svn_pool_destroy(subpool);
Would you please look into this? Is it a real bug? Thanks.
Xi
Received on Tue Nov 13 10:31:43 2007