AnsweredAssumed Answered

Crash on export via XSLT

Question asked by perette on Jul 9, 2010

Summary

Crash on export via XSLT

Product

FileMaker Pro

Version

10.0v3

Operating system version

Mac OS X 10.6.3

Description of the issue

When processing an export via XSLT, Filemaker Pro crashes with a segmentation fault (SIGSEGV) when recursing excessively (infinite recursion problem).

I realize the problem was caused by a bug in an XSLT script, but crashing seems like a non-ideal way of handling it.  Better would be some sort of warning that a recursion limit was reached, fail the export, and not drop core.

Steps to reproduce the problem

Write an XSLT script that recurses incorrectly.

Exact text of any error message(s) that appear

Process:         FileMaker Pro [90297]
Path:            /Applications/FileMaker Pro 10 Advanced/FileMaker Pro Advanced.app/Contents/MacOS/FileMaker Pro
Identifier:      com.filemaker.client.advanced
Version:         10.0.3 (10.0.3)
Code Type:       X86 (Native)
Parent Process:  launchd [169]

Date/Time:       2010-07-10 01:54:42.854 -0400
OS Version:      Mac OS X 10.6.4 (10F569)
Report Version:  6

Interval Since Last Report:          610531 sec
Crashes Since Last Report:           3
Per-App Interval Since Last Report:  63731 sec
Per-App Crashes Since Last Report:   2
Anonymous UUID:                      48939FF1-E5B3-44F8-B8C6-E15B0B4C20E0

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_PROTECTION_FAILURE at 0x00000000bf7fffec
Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   com.filemaker.xalan.framework      0x01d47da3 XalanDOMString::equals(XalanDOMString const&, XalanDOMString const&) + 9
1   com.filemaker.xalan.framework      0x01caadaa VariablesStack::findEntry(XalanQName const&, bool, bool) + 180
2   com.filemaker.xalan.framework      0x01caafa4 VariablesStack::findXObject(XalanQName const&, StylesheetExecutionContext&, bool, bool, bool&) + 48
3   com.filemaker.xalan.framework      0x01c99246 StylesheetExecutionContextDefault::getVariable(XalanQName const&, Locator const*) + 78
4   com.filemaker.xalan.framework      0x01d03b78 XPath::variable(XalanNode*, int, XPathExecutionContext&) const + 152
5   com.filemaker.xalan.framework      0x01d09ccd XPath::executeMore(XalanNode*, int, XPathExecutionContext&) const + 1247
6   com.filemaker.xalan.framework      0x01d08b5c XPath::predicates(XPathExecutionContext&, XalanNode*, int, MutableNodeRefList&, int&) const + 316
7   com.filemaker.xalan.framework      0x01d09053 XPath::step(XPathExecutionContext&, XalanNode*, int, MutableNodeRefList&) const + 521
8   com.filemaker.xalan.framework      0x01d09118 XPath::step(XPathExecutionContext&, XalanNode*, int, MutableNodeRefList&) const + 718
9   com.filemaker.xalan.framework      0x01d096ae XPath::locationPath(XPathExecutionContext&, XalanNode&, int) const + 74
10  com.filemaker.xalan.framework      0x01d09e0f XPath::executeMore(XalanNode*, int, XPathExecutionContext&) const + 1569
11  com.filemaker.xalan.framework      0x01d09b3e XPath::executeMore(XalanNode*, int, XPathExecutionContext&) const + 848
12  com.filemaker.xalan.framework      0x01d0c469 XPath::execute(XalanNode*, PrefixResolver const&, XPathExecutionContext&) const + 105
13  com.filemaker.xalan.framework      0x01c786b6 ElemVariable::getValue(StylesheetExecutionContext&, XalanNode*) const + 70
14  com.filemaker.xalan.framework      0x01c788e6 ElemVariable::execute(StylesheetExecutionContext&) const + 60
15  com.filemaker.xalan.framework      0x01c746dd ElemTemplateElement::executeChildren(StylesheetExecutionContext&) const + 91
16  com.filemaker.xalan.framework      0x01c5ca0f ElemCallTemplate::execute(StylesheetExecutionContext&) const + 111
17  com.filemaker.xalan.framework      0x01c746dd ElemTemplateElement::executeChildren(StylesheetExecutionContext&) const + 91
18  com.filemaker.xalan.framework      0x01c5ca0f ElemCallTemplate::execute(StylesheetExecutionContext&) const + 111
...

Workaround

Don't write buggy xslt scripts, and hope nobody figures out a way to exploit this vulnerability.

Outcomes