1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-12-24 21:33:51 +03:00
Commit Graph

315 Commits

Author SHA1 Message Date
Rosen Penev
217e9b7af2 clang-tidy: don't return in void functions
Found with readability-redundant-control-flow

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2024-06-20 20:37:34 +00:00
Nick Wellnhofer
ef8dc4f673 schemas: Add callbacks for resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
869f72442a schemas: Fix ADD_ANNOTATION
Fix adding multiple annotations.
2024-03-17 16:14:04 +01:00
Nick Wellnhofer
d0d6174e81 valid: Rework xmlAddID 2024-03-15 19:47:07 +01:00
Benjamin Gilbert
653ef99902 schemas: fix spurious warning about truncated snprintf output
Fix warning:

    xmlschemas.c: In function 'xmlSchemaVAttributesComplex':
    xmlschemas.c:25506:63: warning: 'snprintf' output may be truncated before the last format character [-Wformat-truncation=]
    xmlschemas.c:25506:29: note: 'snprintf' output between 3 and 13 bytes into a destination of size 12

On my system (GCC 13.2.1 x86_64) the warning only appears with -O0.
counter can't exceed 1000, so there's no real bug.
2024-03-02 17:03:28 +09:00
Nick Wellnhofer
c8f1f4a280 doc: Improve documentation of error handlers 2023-12-21 17:36:17 +01:00
Nick Wellnhofer
531d06add6 error: Stop printing some errors by default
Unfortunately, it's long-standing behavior for libxml2 to print all
reported errors to stderr by default. This default behavior is now
partially disabled. If no error handler is set, only parser and
validation errors are passed to a generic error handler or printed to
stderr. Other errors are still available via xmlGetLastError and can be
captured with a structured error handler.
2023-12-21 15:02:24 +01:00
Nick Wellnhofer
06c00f6582 schemas: Improve error handling
Introduce xmlSchema*ErrFull which checks for memory allocation failures
during error reporting.

Remove arguments from memory error handlers.

Use xmlRaiseMemoryError.

Remove TODO macro.
2023-12-21 02:46:27 +01:00
Nick Wellnhofer
da703eaaea schemas: Fix reallocation in xmlSchemaXPathProcessHistory
See #614.
2023-11-05 02:03:05 +01:00
Nick Wellnhofer
45470611b0 error: Make xmlGetLastError return a const error
This is a slight break of the API, but users really shouldn't modify the
global error struct. The goal is to make xmlLastError use static buffers
for its strings eventually. This should warn people if they're abusing
the struct.
2023-09-22 13:29:07 +02:00
Nick Wellnhofer
4e1c13ebfd debug: Remove debugging code
This is barely useful these days and only clutters the code base.
2023-09-19 17:35:09 +02:00
Nick Wellnhofer
90d5b79958 schemas: Fix memory leak of annotations in notations
Found by OSS-Fuzz.
2023-09-14 15:30:38 +02:00
Nick Wellnhofer
d88763ccad schemas: Fix filename in xmlSchemaValidateFile
Make sure that filename appears in error messages.
2023-04-30 21:45:39 +02:00
Nick Wellnhofer
165f3436fc schemas: Fix line numbers in streaming validation 2023-04-30 21:45:39 +02:00
Nick Wellnhofer
57d88da675 schemas: Fix memory leak in xmlSchemaValidateStream
Regressed in 9a82b94a.

Fixes #530.
2023-04-30 21:45:39 +02:00
Nick Wellnhofer
e4f85f1bd2 [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType
Fix a null pointer dereference when parsing (invalid) XML schemas.

Thanks to Robby Simpson for the report!

Fixes #491.
2023-04-11 14:29:50 +02:00
Nick Wellnhofer
f8efa589e8 malloc-fail: Handle malloc failures in xmlSchemaInitTypes
Note that this changes the return value of public function
xmlSchemaInitTypes from void to int. This shouldn't break the ABI on
most platforms.

Found when investigating #500.
2023-03-14 15:14:38 +01:00
Nick Wellnhofer
73bd5d52ae malloc-fail: Fix type confusion after xmlSchemaFixupTypeAttributeUses
Found with libFuzzer, see #344.
2023-03-08 13:17:49 +01:00
Nick Wellnhofer
767ae50bc9 malloc-fail: Fix null deref after xmlSchemaItemList{Add,Insert}
Found with libFuzzer, see #344.
2023-03-08 13:17:49 +01:00
Nick Wellnhofer
961a4f35bf malloc-fail: Fix memory leak in xmlSchemaParseUnion
Also report malloc failure from xmlStrndup.

Found with libFuzzer, see #344.
2023-03-08 13:17:49 +01:00
Nick Wellnhofer
260d6b8d77 malloc-fail: Fix another memory leak in xmlSchemaBucketCreate
Found with libFuzzer, see #344.
2023-03-08 13:17:48 +01:00
Nick Wellnhofer
31844c74df malloc-fail: Fix null deref in xmlSchemaParseUnion
Found with libFuzzer, see #344.
2023-03-08 13:17:48 +01:00
Nick Wellnhofer
9afb6c5fb8 malloc-fail: Fix memory leak in WXS_ADD_{LOCAL,GLOBAL}
It's somewhat dangerous to add the cleanup code to a macro, but
otherwise we'd have to fix all the call sites.

Found with libFuzzer, see #344.
2023-03-08 13:17:48 +01:00
Nick Wellnhofer
a5787229e5 malloc-fail: Fix memory leak in xmlSchemaBucketCreate
Found with libFuzzer, see #344.
2023-03-08 13:17:48 +01:00
Nick Wellnhofer
e15838ab54 malloc-fail: Fix null deref in xmlSchemaParseWildcardNs
Found with libFuzzer, see #344.
2023-03-08 13:17:48 +01:00
Nick Wellnhofer
ba290a8663 malloc-fail: Fix memory leak in xmlSchemaItemListAddSize
Found with libFuzzer, see #344.
2023-03-08 13:17:47 +01:00
Nick Wellnhofer
0263b35756 malloc-fail: Fix null deref in xmlGet{Min,Max}Occurs
Also report memory error in xmlSchemaGetNodeContent.

Found with libFuzzer, see #344.
2023-03-08 13:17:47 +01:00
Nick Wellnhofer
cfbc1f48ee malloc-fail: Fix memory leak in xmlSchemaParse
Found with libFuzzer, see #344.
2023-03-08 13:17:47 +01:00
Nick Wellnhofer
0ce1f8427b schemas: Remove useless if statement
bucket->origTargetNamespace is always NULL in this branch.

Fixes #481.
2023-02-21 15:46:06 +01:00
Nick Wellnhofer
dd3569eaa5 Remove XMLDECL macro from .c files 2022-12-08 02:43:17 +01:00
Nick Wellnhofer
abb5a93fed schemas: Fix infinite loop in xmlSchemaCheckElemSubstGroup
Types like xmlSchemaTypeAnyTypeDef have a base type pointing to itself,
resulting in an infinite loop.

Fixes #430.
2022-11-02 10:55:29 +01:00
Nick Wellnhofer
b6f1298ae7 warnings: Remove set-but-unused variables
Fixes compiler warnings with clang 15.
2022-10-25 19:34:38 +02:00
Nick Wellnhofer
1d4f5d24ac schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK
Found by OSS-Fuzz.
2022-09-13 16:56:59 +02:00
Nick Wellnhofer
0f568c0b73 Consolidate private header files
Private functions were previously declared

- in header files in the root directory
- in public headers guarded with IN_LIBXML
- in libxml.h
- redundantly in source files that used them.

Consolidate all private header files in include/private.
2022-08-26 02:11:56 +02:00
Nick Wellnhofer
9a82b94a94 Introduce xmlNewSAXParserCtxt and htmlNewSAXParserCtxt
Add API functions to create a parser context with a custom SAX handler
without having to mess with ctxt->sax manually.
2022-08-24 14:07:55 +02:00
Nick Wellnhofer
a09c89545d Fix memory leak with invalid XSD
xmlSchemaClearElemInfo can add new items to the "matcher" cache, so the
cache must be cleared after calling this function, not before. This
only seems to affect invalid XSDs.

Fixes #390.
2022-08-15 12:19:25 +02:00
Nick Wellnhofer
3e7b4f37aa Avoid calling xmlSetTreeDoc
Create text nodes with xmlNewDocText or set the document directly to
avoid xmlSetTreeDoc being called when the node is inserted.
2022-06-20 01:49:39 +02:00
Damjan Jovanovic
2fe372a0aa Properly fold whitespace around the QName value when validating an XSD schema.
(May also need fixing in other places.)

Issue: 239
2022-03-02 14:22:36 +00:00
Nick Wellnhofer
346c3a930c Remove elfgcchack.h
The same optimization can be enabled with -fno-semantic-interposition
since GCC 5. clang has always used this option by default.
2022-02-20 21:49:04 +01:00
Nick Wellnhofer
1c7d91abe4 Fix handling of XSD with empty namespace
An empty namespace means no default namespace.

Fixes #303.
2022-02-03 23:31:19 +01:00
huangduirong
e4c91f7473 Fix Null-deref-in-xmlSchemaGetComponentTargetNs 2022-01-16 16:24:47 +01:00
Nick Wellnhofer
c35628a24c Revert "Make schema validation fail with multiple top-level elements"
This reverts commit 4f2aee18f6.

Fixes #305.
2022-01-15 18:18:22 +01:00
Nick Wellnhofer
8ca3a59b2e Fix integer overflow in xmlSchemaGetParticleTotalRangeMin
The function is only used once and its return value is only checked for
zero. Disable the function like its Max counterpart and add an
implementation for the special case.

Found by OSS-Fuzz.
2020-12-15 20:14:28 +01:00
Michael Matz
faea2fa9b8 Avoid quadratic checking of identity-constraints
key/unique/keyref schema attributes currently use qudratic loops
to check their various constraints (that keys are unique and that
keyrefs refer to existing keys).  That becomes extremely slow if
there are many elements with keys.  This happens in the wild with
e.g. the OVAL XML descriptions of security patches.  You need the
openscap schemata, and then an example xml file:

% zypper in openscap-utils
% wget ftp://ftp.suse.com/pub/projects/security/oval/opensuse.leap.15.1.xml
% time xmllint --schema /usr/share/openscap/schemas/oval/5.5/oval-definitions-schema.xsd opensuse.leap.15.1.xml > /dev/null
opensuse.leap.15.1.xml validates

real    16m59,857s
user    16m55,787s
sys     0m1,060s

This patch makes libxml use a hash table to avoid the quadratic
behaviour.  The existing hash table only accepts strings as keys, so
we're mostly reusing the canonical representation of key values to derive
such strings (with the caveat given in a comment).  The alternative
would be to rework the hash table code to accept either numbers or free
functions as hash workers, but the code is fast enough as is.

With the patch we have this then:

% time LD_LIBRARY_PATH=./libxml2/.libs/ ./libxml2/.libs/xmllint --schema /usr/share/openscap/schemas/oval/5.5/oval-definitions-schema.xsd opensuse.leap.15.1.xml > /dev/null
opensuse.leap.15.1.xml validates

real    0m3,531s
user    0m3,427s
sys     0m0,103s

So, a ~300x speedup.  This patch survives 'make check' and 'make tests'.
2020-11-30 11:22:54 +01:00
Nick Wellnhofer
070d635e77 Fix integer overflow when parsing {min,max}Occurs
Clamp value to INT_MAX.

Found with libFuzzer and UBSan.
2020-06-23 16:20:28 +02:00
Nick Wellnhofer
4f2aee18f6 Make schema validation fail with multiple top-level elements
Closes #126.
2020-05-04 14:03:52 +02:00
Nick Wellnhofer
20c60886e4 Fix typos
Resolves #133.
2020-03-08 17:41:53 +01:00
Zhipeng Xie
7ffcd44d7e Fix memory leak in xmlSchemaValidateStream
When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun
alloc a new schema for ctxt->schema and set vctxt->xsiAssemble
to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize
vctxt->xsiAssemble to 0 again which cause the alloced schema
can not be freed anymore.

Found with libFuzzer.

Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>
2020-02-11 11:38:56 +01:00
Nick Wellnhofer
9bd7abfba4 Remove useless comparisons
Found by lgtm.com
2020-01-02 14:14:48 +01:00
Jared Yanovich
2a350ee9b4 Large batch of typo fixes
Closes #109.
2019-09-30 18:04:38 +02:00