IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When an entity reference cycle is detected, the entity content is
cleared by setting its first byte to zero. But the entity content might
be allocated from a dict. In this case, the dict entry becomes corrupted
leading to all kinds of logic errors, including memory errors like
double-frees.
Stop storing entity content, orig, ExternalID and SystemID in a dict.
These values are unlikely to occur multiple times in a document, so they
shouldn't have been stored in a dict in the first place.
Thanks to Ned Williamson and Nathan Wachholz working with Google Project
Zero for the report!
Also impose size limits when XML_PARSE_HUGE is set. Limit size of names
to XML_MAX_TEXT_LENGTH (10 million bytes) and other content to
XML_MAX_HUGE_LENGTH (1 billion bytes).
Move some the length checks to the end of the respective loop to make
them strict.
xmlParseEntityValue didn't have a length limitation at all. But without
XML_PARSE_HUGE, this should eventually trigger an error in xmlGROW.
Thanks to Maddie Stone working with Google Project Zero for the report!
Fix memory leak in case xmlParseAttValueInternal is called with a NULL
`len` a non-NULL `alloc` argument. This static function is never called
with such arguments internally, but the misleading code should be fixed
nevertheless.
Fixes#422.
Hardcode the required library on MinGW because winsock uses non-standard
calling conventions on 32-bit Windows which makes AC_SEARCH_LIBS fail.
Should fix#406.
On MinGW, cmake requires curl which requires nghttp2 which requires
libxml2. But having a system libxml2 interferes with the Python tests
for now. Ultimately, we should use Python's os.add_dll_directory() on
Windows. I'm not sure why the current solution using PATH even works.
Makefile rules with multiple output files don't work reliably with
parallel builds. There are several ways to fix this issue with GNU Make,
but they aren't portable. I'd be really interested in a totally
reliable, cross-platform solution to this problem.
.NOTPARALLEL is also understood by BSD make, at least.
Setting the $MSYSTEM environment variable and invoking shell scripts
with 'bash -lc' sets up the correct MinGW environment.
See https://www.msys2.org/docs/ci/
