diff options
author | Sami Rosendahl <ext-sami.1.rosendahl@nokia.com> | 2011-10-19 07:36:24 (GMT) |
---|---|---|
committer | Qt by Nokia <qt-info@nokia.com> | 2012-01-18 17:07:00 (GMT) |
commit | d8d4dc8599fb251ca201f5c3f496df1045d288c3 (patch) | |
tree | 26ce5f2a4d7b0ad7604e4fd8d69cd01a1990e795 | |
parent | fb38e3801724471a9fb0ea3b412e631223250c44 (diff) | |
download | Qt-d8d4dc8599fb251ca201f5c3f496df1045d288c3.zip Qt-d8d4dc8599fb251ca201f5c3f496df1045d288c3.tar.gz Qt-d8d4dc8599fb251ca201f5c3f496df1045d288c3.tar.bz2 |
Fix memory leak in QDomDocument DTD entity declaration handler
The created entity node's reference count needs to be decremented to 0 before it is
added as a child, because appendChild will increment the reference count to correct
value of 1. Also added autotest DTDEntityDecl to tst_qdom to expose the leak when
executed under valgrind memcheck. There was no previous direct test case for unparsed
entity declarations in DTD, only indirect coverage via regression test
cloneDTD_QTBUG8398.
Task-number: QTBUG-22587
Change-Id: I2c3a78569b564b80ff5e2f63f59fa36c94a22236
(From Qt5 commit d55cdcd59fdddd660193ddff40fbd52bef57c0c9)
Reviewed-by: Olivier Goffart <ogoffart@woboq.com>
-rw-r--r-- | src/xml/dom/qdom.cpp | 2 | ||||
-rw-r--r-- | tests/auto/qdom/tst_qdom.cpp | 25 |
2 files changed, 27 insertions, 0 deletions
diff --git a/src/xml/dom/qdom.cpp b/src/xml/dom/qdom.cpp index 85b89de..60e976b 100644 --- a/src/xml/dom/qdom.cpp +++ b/src/xml/dom/qdom.cpp @@ -7545,6 +7545,8 @@ bool QDomHandler::unparsedEntityDecl(const QString &name, const QString &publicI { QDomEntityPrivate* e = new QDomEntityPrivate(doc, 0, name, publicId, systemId, notationName); + // keep the refcount balanced: appendChild() does a ref anyway. + e->ref.deref(); doc->doctype()->appendChild(e); return true; } diff --git a/tests/auto/qdom/tst_qdom.cpp b/tests/auto/qdom/tst_qdom.cpp index 3ba75e3..03285cb 100644 --- a/tests/auto/qdom/tst_qdom.cpp +++ b/tests/auto/qdom/tst_qdom.cpp @@ -133,6 +133,7 @@ private slots: void taskQTBUG4595_dontAssertWhenDocumentSpecifiesUnknownEncoding() const; void cloneDTD_QTBUG8398() const; void DTDNotationDecl(); + void DTDEntityDecl(); void cleanupTestCase() const; @@ -1954,5 +1955,29 @@ void tst_QDom::DTDNotationDecl() QCOMPARE(doctype.namedItem(QString("jpeg")).toNotation().systemId(), QString("image/jpeg")); } +void tst_QDom::DTDEntityDecl() +{ + QString dtd("<?xml version='1.0' encoding='UTF-8'?>\n" + "<!DOCTYPE first [\n" + "<!ENTITY secondFile SYSTEM 'second.xml'>\n" + "<!ENTITY logo SYSTEM \"http://www.w3c.org/logo.gif\" NDATA gif>" + "]>\n" + "<first/>\n"); + + QDomDocument domDocument; + QVERIFY(domDocument.setContent(dtd)); + + const QDomDocumentType doctype = domDocument.doctype(); + QCOMPARE(doctype.entities().count(), 2); + + QVERIFY(doctype.namedItem(QString("secondFile")).isEntity()); + QCOMPARE(doctype.namedItem(QString("secondFile")).toEntity().systemId(), QString("second.xml")); + QCOMPARE(doctype.namedItem(QString("secondFile")).toEntity().notationName(), QString()); + + QVERIFY(doctype.namedItem(QString("logo")).isEntity()); + QCOMPARE(doctype.namedItem(QString("logo")).toEntity().systemId(), QString("http://www.w3c.org/logo.gif")); + QCOMPARE(doctype.namedItem(QString("logo")).toEntity().notationName(), QString("gif")); +} + QTEST_MAIN(tst_QDom) #include "tst_qdom.moc" |