/usr/share/doc/python-libxml2/examples/xpathleak.py is in python-libxml2 2.9.1+dfsg1-5+deb8u6.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 | #!/usr/bin/python
import sys, libxml2
libxml2.debugMemory(True)
expect="""--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
"""
err=""
def callback(ctx, str):
global err
err = err + "%s %s" % (ctx, str)
libxml2.registerErrorHandler(callback, "-->")
doc = libxml2.parseDoc("<fish/>")
ctxt = doc.xpathNewContext()
ctxt.setContextNode(doc)
badexprs = (
":false()", "bad:()", "bad(:)", ":bad(:)", "bad:(:)", "bad:bad(:)",
"a:/b", "/c:/d", "//e:/f", "g://h"
)
for expr in badexprs:
try:
ctxt.xpathEval(expr)
except libxml2.xpathError:
pass
else:
print("Unexpectedly legal expression:", expr)
ctxt.xpathFreeContext()
doc.freeDoc()
if err != expect:
print("error")
print("received %s" %(err))
print("expected %s" %(expect))
sys.exit(1)
libxml2.cleanupParser()
leakedbytes = libxml2.debugMemory(True)
if leakedbytes == 0:
print("OK")
else:
print("Memory leak", leakedbytes, "bytes")
# drop file to .memdump file in cwd, but won't work if not compiled in
libxml2.dumpMemory()
|