Fix heap-use-after-free on XMLElementParser.cpp (#3866)

* Fix heap-use-after-free on XMLElementParser.cpp

Signed-off-by: Miguel Company <MiguelCompany@eprosima.com>

* Fix asan workflow

Signed-off-by: EduPonz <eduardoponz@eprosima.com>

---------

Signed-off-by: Miguel Company <MiguelCompany@eprosima.com>
Signed-off-by: EduPonz <eduardoponz@eprosima.com>
Co-authored-by: EduPonz <eduardoponz@eprosima.com>

.github/workflows/sanitizer-tests.yaml

@@ -27,6 +27,9 @@ jobs:
 
     runs-on: ubuntu-22.04
 
+    env:
+        FASTDDS_BRANCH: ${{ github.head_ref || github.event.inputs.fastdds_branch || 'master' }}
+
     steps:
       - uses: eProsima/eProsima-CI/ubuntu/install_apt_packages@v0
         with:
@@ -39,7 +42,7 @@ jobs:
       - uses: eProsima/eProsima-CI/ubuntu/get_file_from_repo@v0
         with:
           source_repository: eProsima/Fast-DDS
-          source_repository_branch: ${{ github.head_ref || github.event.inputs.fastdds_branch || 'master' }}
+          source_repository_branch: ${{ env.FASTDDS_BRANCH }}
           file_name: fastrtps.repos
           file_result: fastrtps.repos
 
@@ -49,6 +52,11 @@ jobs:
           vcs_repos_file: fastrtps.repos
           destination_workspace: src
 
+      - name: Checkout Fast DDS branch
+        run: |
+          cd ./src/fastrtps
+          git checkout ${{ env.FASTDDS_BRANCH }}
+
       - name: Install apt packages
         uses: ./src/fastrtps/.github/actions/install-apt-packages
 
@@ -100,6 +108,10 @@ jobs:
 
     runs-on: ubuntu-22.04
 
+    env:
+      FASTDDS_BRANCH: ${{ github.head_ref || github.event.inputs.fastdds_branch || 'master' }}
+      DEFAULT_DISCOVERY_SERVER_BRANCH: ${{ github.event.inputs.discovery_server_branch || 'master' }}
+
     steps:
       - uses: eProsima/eProsima-CI/ubuntu/install_apt_packages@v0
         with:
@@ -112,7 +124,7 @@ jobs:
       - uses: eProsima/eProsima-CI/ubuntu/get_file_from_repo@v0
         with:
           source_repository: eProsima/Fast-DDS
-          source_repository_branch: ${{ github.head_ref || github.event.inputs.fastdds_branch || 'master' }}
+          source_repository_branch: ${{ env.FASTDDS_BRANCH }}
           file_name: fastrtps.repos
           file_result: fastrtps.repos
 
@@ -122,14 +134,17 @@ jobs:
           vcs_repos_file: fastrtps.repos
           destination_workspace: src
 
+      - name: Checkout Fast DDS branch
+        run: |
+          cd ./src/fastrtps
+          git checkout ${{ env.FASTDDS_BRANCH }}
+
       - name: Sync eProsima/Discovery-Server repository
         uses: actions/checkout@v4
-        env:
-          DEFAULT_DISCOVERY_SERVER_BRANCH: 'master'
         with:
           path: src/discovery_server
           repository: eProsima/Discovery-Server
-          ref: ${{ github.event.inputs.discovery_server_branch || env.DEFAULT_DISCOVERY_SERVER_BRANCH }}
+          ref: ${{ env.DEFAULT_DISCOVERY_SERVER_BRANCH }}
 
       - name: Install apt packages
         uses: ./src/fastrtps/.github/actions/install-apt-packages

src/cpp/rtps/xmlparser/XMLElementParser.cpp

@@ -84,15 +84,16 @@ static std::string process_environment(
         std::regex_search(ret_val, match, expression);
         if (!match.empty())
         {
+            std::string var_name = match[1];
             std::string value;
-            if (ReturnCode_t::RETCODE_OK == SystemInfo::get_env(match[1], value))
+            if (ReturnCode_t::RETCODE_OK == SystemInfo::get_env(var_name, value))
             {
                 ret_val = match.prefix().str() + value + match.suffix().str();
             }
             else
             {
                 ret_val = match.prefix().str() + match.suffix().str();
-                EPROSIMA_LOG_ERROR(XMLPARSER, "Could not find a value for environment variable " << match[1]);
+                EPROSIMA_LOG_ERROR(XMLPARSER, "Could not find a value for environment variable " << var_name);
             }
         }
     } while (!match.empty());