segmentation fault adding IDs to etree
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| lxml |
New
|
Undecided
|
Unassigned | ||
Bug Description
Python version: 3.7.17
lxml version: 5.1.0, downgrading to 4.9.3 solved my issue
libxml version, used: 2.12.3, 2.10.3 after downgrade
libxml version, compiled: 2.12.3, 2.10.3 after downgrade
libxslt version, used: 1.1.39, 1.1.38 after downgrade
libxslt version, compiled: 1.1.39, 1.1.38 after downgrade
There appears to be an issue with the binding to one of the underlying C libraries in lxml version 5.1.0. I was able to solve my issue by downgrading to lxml 4.9.3.
These comments on python-xmlsec alerted me to the problem: https:/
For my part, I have a web app that uses python3-saml for SSO authentication. The entire app was intermittently yet consistently crashing when attempting to use xmlsec to add IDs to a lxml etree, at this line in the source: https:/
My steps to recreate were simply to take the XML response from a SAML Identity Provider, use lxml to create an etree, and then pass that to xmlsec's tree.add_ids method. It was three lines of code to recreate, once the sample XML was generated.
When I downgraded from 5.1.0 to 4.9.3, the problem no longer occurred. I was unable to find a similar issue already open in your bug tracker, so I thought I should add this here.
