Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

apache/xerces-c
master @ 53c0401
64
Fixes
0
CVEs
HIGH
Peak severity
Highlights
Memory Corruption: 31 prior fixes. Scrutinize any change in this area.
src/xercesc/validators/datatype/ListDatatypeValidator.cpp: most-fixed (4 issues). Treat as high-risk during review.
41 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Use After Free: Mismanagement of the lifecycle of DTDEntityDecl during scanning can lead to Use-After-Free conditions when resolving external DTD entities. Developers must use explicit ownership-adopting helpers rather than raw pointer retention.
Type Confusion: Performing direct downcasts of grammar elements (such as casting a DTDGrammar to a SchemaGrammar) without validating the grammar type first introduces critical type confusion risks.
Memory Corruption: Off-by-one calculations, insufficient allocation multipliers, and failing to dynamically resize output buffers in representation helpers trigger heap overflows in datatype validators.