From 34b5ad0bc034f875500b10a7db15cd0f8246b572 Mon Sep 17 00:00:00 2001 From: Michael Tautschnig Date: Mon, 30 Mar 2026 09:07:43 +0000 Subject: [PATCH] Fix memory leaks in XML parser Fix a leak of the STARTPI token value (allocated by the lexer via malloc but never freed by any grammar rule). Also add Bison %destructor directives for all string-valued tokens so that memory is properly freed during error recovery. Co-authored-by: Kiro (autonomous agent) --- src/xmllang/parser.y | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/xmllang/parser.y b/src/xmllang/parser.y index 17e0d360051..1027cb03dc7 100644 --- a/src/xmllang/parser.y +++ b/src/xmllang/parser.y @@ -24,6 +24,12 @@ int yyxmlerror(xml_parsert &xml_parser, void *scanner, const std::string &error) // unreachable code #pragma warning(disable:4702) #endif + +// Bison-generated yydestruct only handles symbols with %destructor; +// suppress the warning about unhandled enum values in that switch. +#if defined(__GNUC__) || defined(__clang__) +#pragma GCC diagnostic ignored "-Wswitch-enum" +#endif %} %parse-param {xml_parsert &xml_parser} @@ -33,10 +39,13 @@ int yyxmlerror(xml_parsert &xml_parser, void *scanner, const std::string &error) %union {char *s;} %token STARTXMLDECL -%token VERSION STARTPI ENDPI EQ SLASH CLOSE END -%token ENCODING NAME VALUE DATA COMMENT START +%token VERSION ENDPI EQ SLASH CLOSE END +%token ENCODING NAME VALUE DATA COMMENT START STARTPI %type name_opt +// Memory management: ensure allocated string tokens are freed during error recovery +%destructor { free($$); } ENCODING NAME VALUE DATA COMMENT START STARTPI name_opt + %% document @@ -68,7 +77,7 @@ misc PI : STARTPI NAME - { free($2); xml_parser.stack.push_back(&xml_parser.parse_tree.xml); } + { free($1); free($2); xml_parser.stack.push_back(&xml_parser.parse_tree.xml); } attribute_seq_opt { xml_parser.stack.pop_back(); } ENDPI