1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-12-24 21:33:51 +03:00
Commit Graph

432 Commits

Author SHA1 Message Date
Nick Wellnhofer
1dd5e76a69 xinclude: Don't remove root element
Don't replace include element at root with empty nodeset.
2024-06-18 20:12:03 +02:00
Nick Wellnhofer
52ce0d70f9 tests: Add XInclude test for issue #733 2024-06-17 17:35:12 +02:00
Nick Wellnhofer
669bd34993 xpointer: Remove support for XPointer locations
The latest spec for what it essentially an XPath extension seems to be
this working draft from 2002:

    https://www.w3.org/TR/xptr-xpointer/

The xpointer() scheme is listed as "being reviewed" in the XPointer
registry since at least 2006. libxml2 seems to be the only modern
software that tries to implement this spec, but the code has many bugs
and quality issues.

If you configure --with-legacy, old symbols are retained for ABI
compatibility.
2024-06-12 18:20:01 +02:00
Nick Wellnhofer
651465f98c test: Remove unused test files 2024-04-24 22:50:53 +02:00
Nick Wellnhofer
45fe9924f0 parser: Don't create reference in xmlLookupGeneralEntity
This should only be done in xmlParseReference.

The handling of undeclared entities is still somewhat inconsistent. In
element content we create references even if entity substitution is
enabled. In attribute values undeclared entities are always ignored.
2024-04-23 18:36:15 +02:00
Nick Wellnhofer
f506ec6654 parser: Always decode entities in namespace URIs
Also decode entities in namespace URIs if entity substitution wasn't
requested. This should fix some corner cases when comparing namespace
URIs. The Namespaces in XML 1.0 spec says:

> In a namespace declaration, the URI reference is the normalized value
> of the attribute, so replacement of XML character and entity
> references has already been done before any comparison.

Make the serialization code escape special characters in namespace URIs
like in attribute values. This fixes serialization if entities were
substituted when parsing.

Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/106
2024-04-15 12:34:26 +02:00
Seiya Nakata
5bb84b47b8 relaxng: Fix tree corruption in xmlRelaxNGParseNameClass
Don't create cycles in tree structure. This will lead to an infinite
loop or call stack overflow later.

Closes: https://gitlab.gnome.org/GNOME/libxml2/-/issues/711
2024-04-05 13:45:06 +02:00
Nick Wellnhofer
186562a182 parser: Fix detection of duplicate attributes in XML namespace
Fixes a regression from commit e0dd330b, resulting in duplicate
attributes in the predefined XML namespace not being detected or
extraneous default attributes being passed.

Fixes #704.
2024-03-12 20:02:52 +01:00
Nick Wellnhofer
f237e5b934 parser: Avoid duplicate namespace errors
Don't report an extra attribute uniqueness error if a namespace is
undeclared. This matches old behavior.
2024-01-05 20:39:40 +01:00
Nick Wellnhofer
37c6618be5 parser: Rework parsing of attribute and entity values
Don't use a separate function to handle "complex" attributes. Validate
UTF-8 byte sequences without decoding. This should improve performance
considerably when parsing multi-byte UTF-8 sequences.

Use a string buffer to avoid unnecessary allocations and copying when
expanding entities.

Normalize attribute values in a single pass while expanding entities.

Be more lenient in recovery mode.

If no entity substitution was requested, validate entities without
expanding. Fixes #596.

Also fixes #655.
2024-01-02 15:42:03 +01:00
Nick Wellnhofer
d944a41515 parser: Fix in-parameter-entity and in-external-dtd checks
Use in ctxt->input->entity instead of ctxt->inputNr to determine whether
we are inside a parameter entity.

Stop using ctxt->external to check whether we're in an external DTD.
This is signaled by ctxt->inSubset == 2.
2023-12-29 01:19:56 +01:00
Nick Wellnhofer
b8313b589f xpath: Rewrite substring-before and substring-after
Don't use buffers. Check malloc failures.
2023-12-28 16:47:45 +01:00
Nick Wellnhofer
f3fa34dcad parser: Fix general entity parsing
Clear namespace database.

Ignore non-fatal errors.
2023-12-28 16:47:41 +01:00
Nick Wellnhofer
6e3a2ac660 xinclude: Rework xml:base fixup
The xml:base fixup was broken in more complex cases.

Also avoid parsing and building the included URI multiple times.
2023-12-25 23:38:40 +01:00
Nick Wellnhofer
f0df3e6d00 tests: Try to fix RelaxNG test cases
These were added recently in ea695ac0 and 8074b881 but were a total mess
of symbolic links and apparently mixed up files.

Symbolic links don't work on Windows.

Try to salvage one of the tests.
2023-12-21 15:02:24 +01:00
Nick Wellnhofer
83c6aeef49 relaxng: Improve error handling
Pass RelaxNG structured error handler to XML parser.

Handle malloc failure from xmlRaiseError.

Remove argument from memory error handler.

Use xmlRaiseMemoryError.

Don't use xmlGenericError.

Remove TODO macro.
2023-12-21 15:01:42 +01:00
Nick Wellnhofer
7d446e9736 parser: Fix namespaces redefined from default attributes
This regressed in commit e0dd330b.

Also fixes a long-standing issue where namespaces from default
attributes weren't added if they match an existing namespace.

Fixes #643.
2023-12-08 12:19:16 +01:00
Nick Wellnhofer
e395946194 html: Reenable buggy detection of XML declarations
Switch to UTF-8 if a document starts with '<?xm' to match old behavior.
Also enable this check in the push parser.

Fixes #637.
2023-11-30 16:22:59 +01:00
Nick Wellnhofer
43b511fa71 parser: Make CRLF increment line number
Partial revert of cb927e85 fixing CRLFs not incrementing the line
number.

This requires to rework xmlParseQNameHashed. The original implementation
prompted the change to xmlCurrentChar which really shouldn't modify the
'cur' pointer as side effect. But the NEXTL macro relies on this
behavior.

Ultimately, we should reintroduce the change to xmlCurrentChar and fix
the NEXTL macro. This will lead to single CRs incrementing the line
number as well which seems more consistent.

Fixes #628.
2023-11-26 15:18:09 +01:00
Nick Wellnhofer
a2b5c90a44 hash: Fix deletion of entries during scan
Functions like xmlCleanSpecialAttr scan a hash table and possibly delete
entries in the callback. xmlHashScanFull must detect such deletions and
rescan the entry.

This regressed when rewriting the hash table code in 4a513d56.

Fixes #626.
2023-11-21 15:28:59 +01:00
Nick Wellnhofer
7a2d412f68 parser: Copy default namespace in xmlParseBalancedChunkMemory 2023-10-31 20:19:27 +01:00
Nick Wellnhofer
e0c2f14d83 parser: Copy namespaces in xmlParseBalancedChunkMemory
Reenable copying of namespaces but don't set SAX data. This should
match the old behavior.
2023-10-31 14:04:57 +01:00
Nick Wellnhofer
b76d81dab3 parser: Fix regression when push parsing parameter entities
Short-lived regression from 834b8123.

Also shrink parameter entity buffers when push parsing.
2023-10-06 13:11:19 +02:00
Nick Wellnhofer
134d2ad890 parser: Protect against quadratic default attribute expansion 2023-10-06 12:47:24 +02:00
Nick Wellnhofer
0ba22c0513 parser: Support encoded external PEs in entity values
Corner case which was never supported.
2023-10-06 12:28:59 +02:00
Nick Wellnhofer
e48f3d8e0a tests: Add more tests for redefined attributes 2023-09-29 12:43:08 +02:00
Nick Wellnhofer
53050b1dd8 parser: More fixes to push parser error handling 2023-08-29 20:06:43 +02:00
Nick Wellnhofer
bbd918b2e7 parser: Fix detection of null bytes
Also suppress misleading extra errors.

Fixes #122.
2023-08-29 18:43:10 +02:00
Nick Wellnhofer
855818bd2b parser: Check for truncated multi-byte sequences
When decoding input data, check whether the "raw" buffer is empty after
parsing the document. Otherwise, the input ends with a truncated
multi-byte sequence which shouldn't be silently ignored.
2023-08-08 15:21:37 +02:00
Nick Wellnhofer
e4f85f1bd2 [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType
Fix a null pointer dereference when parsing (invalid) XML schemas.

Thanks to Robby Simpson for the report!

Fixes #491.
2023-04-11 14:29:50 +02:00
Nick Wellnhofer
d7d0bc6581 SAX2: Ignore namespaces in HTML documents
In commit 21ca8829, we started to ignore namespaces in HTML element
names but we still called xmlSplitQName, effectively stripping the
namespace prefix. This would cause elements like <o:p> being parsed
as <p>. Now we leave the name untouched.

Fixes #508.
2023-03-31 17:08:43 +02:00
Nick Wellnhofer
3f69fc805c parser: Tighten expansion limits
- Lower the amount of expansion which is always allowed from
  10MB to 1MB.
- Lower the maximum amplification factor from 10 to 5.
- Lower the "fixed cost" from 50 to 20.
2023-03-08 13:58:49 +01:00
Nick Wellnhofer
e20f4d7a65 xinclude: Fix quadratic behavior in xmlXIncludeLoadTxt
Also make text inclusions work with memory buffers, for example when
using a custom entity loader, and fix a memory leak in case of invalid
characters.

Fixes #483.
2023-02-14 12:25:07 +01:00
Nick Wellnhofer
608c65bb8e xpath: number('-') should return NaN
Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/81
2023-01-18 15:15:41 +01:00
Nick Wellnhofer
d320a683d1 parser: Fix entity check in attributes
Don't set the "checked" flag when checking entities in default attribute
values. These entities could reference other entities which weren't
defined yet, so the check isn't reliable.

This fixes a short-lived regression which could lead to a call stack
overflow later in xmlStringGetNodeList.
2023-01-17 13:59:24 +01:00
Nick Wellnhofer
cfc036bda8 testrecurse: Test parameter entity accounting 2022-12-21 20:35:31 +01:00
Nick Wellnhofer
079da5b26d testrecurse: Add external entities to huge test 2022-12-21 20:21:51 +01:00
Nick Wellnhofer
01bcb23de1 testrecurse: Add test cases for external entities
Add test cases for external general and parameter entities.
2022-12-21 20:21:51 +01:00
Nick Wellnhofer
046f99c543 testrecurse: Add lol_param.xml
Add test case contributed by Sebastian Pipping for CVE-2021-3541.
2022-12-21 20:20:11 +01:00
Nick Wellnhofer
fafa025209 testrecurse: Rename test files 2022-12-21 20:20:11 +01:00
Nick Wellnhofer
ae0c9cfa05 uri: Fix handling of port numbers
Allow port number without host, real fix for #71.

Also compare port numbers in xmlBuildRelativeURI.

Fix handling of port numbers in xmlUriEscape.
2022-12-13 01:43:49 +01:00
Nick Wellnhofer
76c6da4209 error: Make sure that error messages are valid UTF-8
This has caused issues with the Python bindings for a long time.

Should fix #64.
2022-12-04 23:34:19 +01:00
Nick Wellnhofer
9c63cea5a6 test: Add test for push parser boundaries 2022-11-20 21:27:59 +01:00
Nick Wellnhofer
b456e3bb42 xinclude: Always allow XPtr expressions in external documents 2022-10-31 16:49:36 +01:00
Nick Wellnhofer
eef0a7395c xinclude: Implement "streaming" mode
When using xmlreader, XPointer expressions in XIncludes simply cannot
work. Expressions can reference nodes which weren't parsed yet or which
were already deleted.

After fixing nested XIncludes, we reference includes which were parsed
previously. When streaming, these nodes could have been deleted, leading
to use-after-free errors.

Disallow XPointer expressions and truncate the include table in
streaming mode.
2022-10-30 14:12:55 +01:00
Nick Wellnhofer
20e2fb4c1c xinclude: Avoid creation of subcontexts
Don't create subcontext in xmlXIncludeRecurseDoc. Save and restore 'doc'
and 'incTab' instead.

Make xmlXIncludeLoadFallback call xmlXIncludeCopyNode which seems safer
than xmlXIncludeDoProcess since the latter may modify the document.
This should also be more performant since we need to copy the whole
fallback subtree anyway. Also make sure to avoid replacements in
fallback elements in xmlXIncludeDoProcess.
2022-10-25 19:34:38 +02:00
Nick Wellnhofer
d2ed1e4f99 xinclude: Limit recursion depth
This avoids call stack overflows.
2022-10-23 18:52:56 +02:00
Nick Wellnhofer
34496f26db xinclude: Test for inclusion loops 2022-10-23 14:27:05 +02:00
Nick Wellnhofer
bc267cb9bc xinclude: Expand includes in xmlXIncludeCopyNode
This should make nested includes work reliably.

Fixes #424.
2022-10-23 14:27:05 +02:00
Nick Wellnhofer
c99cde3f21 xinclude: Also test error messages
The reader interface with XIncludes is somewhat broken and can generate
different error messages. Start to move tests which are sketchy with
reader to a separate directory.
2022-10-23 14:26:59 +02:00