[xmlsec] How to avoid the node passed to xmlSecEncCtxXmlEncrypt
to be released
aleksey at aleksey.com
Thu Mar 13 08:03:01 PST 2008
Thanks for the patch! I'll try to take a look over the weekend!
Frank Gross wrote:
> I attached the patch that allows the replaced nodes during encryption
> and decryption to be returned in the 'xmlSecEncCtxPtr' structure.
> Actually, I added two entries in the 'xmlSecEncCtrPtr' structure :
> - nodeReplacementMode, an enum of type 'xmlEncCtxNodeReplacementMode',
> to define if the nodes will be released or returned in the second entry,
> - a pointer to a xmlNodePtr called 'replacedNodeList' that contains the
> list of the nodes that have been replaced.
> One additional point, as it's up to the user to release the returned
> nodes, I'm not sure if the code I added in the 'xmlSecEncCtxReset'
> function to release the node list is necessary, because if someone
> releases the node but forget to set the pointer to NULL it will crash.
> But if he doesn't release the nodes, and this code is not there we got a
> memory leak.
> If you could take a look
> Aleksey Sanin a écrit :
>> Sure, I love patches :) BTW, you can't find any docs about
>> flags/flags2 in xmlSecEncCtx because they are not used at the moment :)
>> Just reserved for the future :)
>> Frank Gross wrote:
>>> Yes I agree, but it would be more efficient if I wouldn't have to do
>>> that. And I have the same problem when I try to encrypt only the
>>> content of an element, where all sub-nodes are removed. Actually, I
>>> try to write an API where you give the node to be encrypted, but the
>>> node passed to my function is still alive, and simply destroying the
>>> nodes inside the library is impossible in my case, because some other
>>> references can point on these nodes.
>>> Therefore may I suggest a request ? Could you add an option in the
>>> 'xmlSecEncCtxPtr' structure to specify how the nodes to be replaced
>>> should be handled, and return them in a list in the structure if for
>>> instance the option was set to not releasing them so that the user
>>> can choose to release them by hand or not. And the same kind of
>>> feature when decrypting a node, because in some cases you want to
>>> keep trace of the encrypted node.
>>> My 2 cents contribution that could really help in my case, and allow
>>> the programmer to choose instead of the library.
>>> If you agree I could make a patch, using flags or flags2 in the
>>> 'xmlSecEncCtxPtr' structure, and add a new entry of type xmlNodePtr
>>> with the list of nodes that were replaced but not released according
>>> to flags or flags2 value. BTW what is the difference between flags
>>> and flags2 ? Are they used because I didn't find any information in
>>> the documentation ?
>>> Best Regards,
>>> Aleksey Sanin a écrit :
>>>> Well, you can always copy the node yourself before encrypting it.
>>>> Frank Gross wrote:
>>>>> I noticed that function 'xmlSecEncCtxXmlEncrypt' releases the node
>>>>> that was encrypted when replaced by the 'EncryptedData' node.
>>>>> Does it exist a way to not release that node, and let the user
>>>>> choose whether he wants to destroy it or not ?
>>>>> xmlsec mailing list
>>>>> xmlsec at aleksey.com
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
> xmlsec mailing list
> xmlsec at aleksey.com
More information about the xmlsec