shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-04-02 14:50:07 +03:00
Code
7,339 Commits 9 Branches 228 Tags
Commit Graph

150 Commits

Author SHA1 Message Date
Nick Wellnhofer
dd4c0f62fa tree: Fix xmlTextMerge with NULL args 
Restore pre-2.13 behavior. Fixes #875.
 2025-03-18 11:11:20 +01:00
Nick Wellnhofer
54c3d42891 fuzz: Update README 2025-03-16 19:12:01 +01:00
Nick Wellnhofer
b349225952 include: Change some return types from int to enum 
This also affects some new functions from 2.13.
 2025-03-14 02:31:01 +01:00
Nick Wellnhofer
fd1b939168 include: Convert some macros to enums 2025-03-14 00:35:40 +01:00
Nick Wellnhofer
e649c97246 fuzz: Add utility scripts 
Add scripts to minimize a corpus and generate HTML coverage reports.
 2025-02-20 12:22:12 +01:00
Nick Wellnhofer
6f903d434f fuzz: Rework fixed parser options 
Remove XML_PARSE_XINCLUDE. This is only honored by the XML Reader
interface which is now fuzzed in reader.c.

Don't validate in XInclude fuzzer. This doesn't increase coverage after
moving the Reader fuzzer.
 2025-02-20 12:22:12 +01:00
Nick Wellnhofer
44628d4559 fuzz: Harden leak check in lint fuzzer 
Check for undetected memory leaks from previous iterations. This also
makes sure that the maxmem limit is checked deterministically.
 2025-02-20 12:22:12 +01:00
Nick Wellnhofer
c6c6d8afef fuzz: Mutate fuzz data chunks separately 
Implement a custom mutator that takes a list of fixed-size chunks which
are mutated with a given probability. This makes sure that values like
parser options or failure position are mutated regularly even as the
fuzz data grows large. Values can also be adjusted temporarily to make
the fuzzer focus on failure injection, for example.

Thanks to David Kilzer for the idea.
 2025-02-20 12:22:12 +01:00
Nick Wellnhofer
f5257d92bf fuzz: Fix failure injection in schema fuzzer 2025-02-20 12:10:50 +01:00
Nick Wellnhofer
fd359a7e49 fuzz: Start to fuzz XML Schema validator 2025-02-20 11:35:47 +01:00
Nick Wellnhofer
9037dce918 fuzz: Add dictionary for lint fuzzer 
Mostly a combination of xml.dict and xpath.dict. This should with
fuzzing pattern.c.
 2025-02-18 19:38:28 +01:00
Nick Wellnhofer
06b3965086 fuzz: Stop testing xmllint --memory option 
The --memory option mmaps files directly, bypassing the resource loader.
We'd need a temp file to make it work when fuzzing.
 2025-02-17 12:19:23 +01:00
Nick Wellnhofer
bc43786822 fuzz: Improve HTML fuzzer 
Verify that pull and push parser produce the same result.

Fixes #849.
 2025-02-02 11:15:45 +01:00
Nick Wellnhofer
d2fb68ed24 fuzz: Make large chunk size more likely 
This now detects issues like 3eced32e in about 30 seconds.
 2025-01-31 19:02:33 +01:00
Nick Wellnhofer
40e423d6c2 fuzz: Improve fuzzing of push parser 
Also serialize the result of push-parsing and compare whether pull and
push parser produce the same result (differential fuzzing).

We lose the ability to inject IO errors when serializing for now, but
this isn't too important.

Use variable chunk size for push parser.

Fixes #849.
 2025-01-31 15:50:00 +01:00
Nick Wellnhofer
6904d4c225 fuzz: Fix OSS-Fuzz build of lint fuzzer 2025-01-25 13:55:23 +01:00
Nick Wellnhofer
9b1028c906 fuzz: Fix comments 2025-01-23 20:37:37 +01:00
Nick Wellnhofer
e95c4b07ae fuzz: Also test xmllint --repeat option 2025-01-23 20:30:40 +01:00
Nick Wellnhofer
bfe6af2eed fuzz: Remove hacks to build lint fuzzer 
Don't include source file directly.
 2025-01-17 20:06:45 +01:00
Nick Wellnhofer
255fd5f3f1 xmllint: Store error stream in global state 2025-01-17 20:06:45 +01:00
Nick Wellnhofer
72f84dd739 fuzz: Inject IO failures into serialization code 2024-12-17 22:21:34 +01:00
Nick Wellnhofer
8139ad2f77 fuzz: Fix IO error check in reader fuzzer 2024-12-13 12:39:34 +01:00
Nick Wellnhofer
3b38f19b40 fuzz: Silence more OOM errors 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
9f652e57c1 fuzz: Inject IO failures 
We use the same counter for injecting malloc and IO failures. This
mostly renames several functions and variables.
 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
754843abda fuzz: Remove xmlFuzzEntityLoader 
Unused after commit de0c7791.
 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
de0c779116 fuzz: Switch to xmlCtxtValidateDocument 
This allows to check malloc failure reports during post-validation.
 2024-11-19 00:03:37 +01:00
Nick Wellnhofer
bf3619c328 fuzz: Don't unlink DTD when replacing nodes 
OP_XML_REPLACE_NODE needs the same check as OP_XML_UNLINK_NODE.
 2024-10-10 12:14:47 +02:00
Nick Wellnhofer
0c56eb8215 tree: Restore return value of xmlNodeListGetString with NULL list 
When passing a NULL list to xmlNodeListGetString or
xmlNodeListGetRawString, return NULL instead of "" to match the old
behavior.

Fixes #783.
 2024-08-12 21:38:50 +02:00
Nick Wellnhofer
eb66d03ef7 io: Deprecate a few functions 2024-07-16 17:42:10 +02:00
Nick Wellnhofer
8af55c8d20 parser: Rename new input API functions 
These weren't made public yet.
 2024-07-11 01:33:29 +02:00
Nick Wellnhofer
ae6e2ee7ec fuzz: Adjust reader fuzzer 2024-07-10 22:26:11 +02:00
Nick Wellnhofer
8c4cc0be35 fuzz: Improve debug output of reader fuzzer 2024-07-09 14:25:16 +02:00
Nick Wellnhofer
de3221b179 fuzz: Adjust for xmlNodeParseContent changes 
xmlStringGetNodeList returns NULL again for empty strings.
 2024-07-06 15:33:06 +02:00
Rosen Penev
5d542feff1 libxml: define ATTRIBUTE_UNUSED for clang 
Silences warnings under Clang on Windows.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2024-06-20 15:24:15 -07:00
Nick Wellnhofer
208f27f964 include: Don't define ATTRIBUTE_UNUSED in public header 
Stop polluting namespace with unprefixed names.
 2024-06-15 19:13:08 +02:00
Nick Wellnhofer
df40f64edf fuzz: Avoid accessing internal struct members 
Switch to xmlNewIOInputStream.
 2024-06-13 18:01:23 +02:00
Nick Wellnhofer
5238404325 parser: Pass resource type to resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
f96dca9c0e xmllint: Switch to resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
780e432a5c fuzz: Move to per-context error handler 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
116d8c0166 fuzz: Move to per-context resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
b7f30bae7b fuzz: Fix aarch64 build on OSS-Fuzz 2024-05-28 22:52:30 +02:00
Nick Wellnhofer
caa8bb3848 fuzz: Move back to xmlSetExternalEntityLoader 
xmlParserInputBufferCreateFilenameDefault can't report malloc failures.
 2024-05-19 19:39:22 +02:00
Nick Wellnhofer
51b5d1e378 fuzz: Don't enable zlib and liblzma with MSan 
We'd need our own instrumented builds of these libraries.
 2024-05-15 16:21:11 +02:00
Nick Wellnhofer
f895af0989 fuzz: Remove OSS-Fuzz timeout option 
Custom timeouts aren't fully supported on OSS-Fuzz.
 2024-05-14 16:08:37 +02:00
Nick Wellnhofer
b117a912b6 fuzz: Enable xmllint fuzzer on OSS-Fuzz 2024-05-13 13:42:43 +02:00
Nick Wellnhofer
b3cb41be8b fuzz: Add xmllint fuzzer 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
5bfaab77f6 fuzz: Fix reader fuzzer 2024-05-07 17:11:18 +02:00
Nick Wellnhofer
d644a23e8f fuzz: Improve xml.dict 
- Add standalone declaration
- Add doctype declaration
- Expand ATTLIST matrix in xml.dict
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
68e440eec4 fuzz: Use all test directories for XML seed corpus 
It's probably better to add as many files as possible to the seed corpus
even if they're less specific to a fuzzer.
 2024-04-24 22:52:06 +02:00
Nick Wellnhofer
0977d7a3af fuzz: Build with compression support on OSS-Fuzz 2024-04-23 22:39:53 +02:00