shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-10-26 20:25:14 +03:00
Code Releases Activity
6,611 Commits 8 Branches 223 Tags 32 MiB
4fefba4cf6
Commit Graph

6611 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Wellnhofer
4fefba4cf6 parser: Rework handling of undeclared entities 
Throw an error if entity substitution was requested.

Now we only downgrade to a warning if

- XML_PARSE_DTDLOAD wasn't specified, and
- entity aren't substituted or XML_PARSE_NO_XXE was specified.

Should fix #724.
 2024-05-15 17:58:48 +02:00
Nick Wellnhofer
51b5d1e378 fuzz: Don't enable zlib and liblzma with MSan 
We'd need our own instrumented builds of these libraries.
 2024-05-15 16:21:11 +02:00
Nick Wellnhofer
f895af0989 fuzz: Remove OSS-Fuzz timeout option 
Custom timeouts aren't fully supported on OSS-Fuzz.
 2024-05-14 16:08:37 +02:00
Nick Wellnhofer
ec2f68f164 parser: Report malloc failure in xmlNewInputFromFile 2024-05-14 16:04:56 +02:00
Nick Wellnhofer
8d215ac5cc xpath: Fix quadratic runtime accounting 2024-05-14 15:55:18 +02:00
Nick Wellnhofer
592546267f threads: Deprecate remaining ThrDef functions 2024-05-14 15:44:50 +02:00
Nick Wellnhofer
b117a912b6 fuzz: Enable xmllint fuzzer on OSS-Fuzz 2024-05-13 13:42:43 +02:00
Nick Wellnhofer
0651ad667c valid: Report malloc failure after xmlRegExecPushString 2024-05-13 13:08:14 +02:00
Nick Wellnhofer
609d2666fa Stop defining _REENTRANT 
This macro is obsolete, see `man feature_test_macros`.
 2024-05-13 13:08:14 +02:00
Nick Wellnhofer
b3cb41be8b fuzz: Add xmllint fuzzer 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
16fb1028a2 reader: Fix error reporting with walker 
Abort earlier in xmlTextReaderRead if an error was raised.
 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
a846719b9c pattern: Fix memory leak xmlCompileStepPattern 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
4ff2dccf9f SAX2: Warn if URI resolution failed 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
4fe116ebd3 parser: Don't report error on invalid URI 
Only fragment identifiers are an error.

This removes the last user of xmlErrMsg*. Now every error reported by
the parser should result in one of ctxt->wellFormed, ctxt->nsWellFormed
or ctxt->valid being set to zero.
 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
3dea98eff9 xmllint: Don't free DTD with --dropdtd 
Entity references point to entities in the DTD, so only unlink the DTD
and don't destroy it.
 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
3ad7f81624 [CVE-2024-34459] Fix buffer overread with xmllint --htmlout 
Add a missing bounds check.

Fixes #720.
 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
c83147bff2 xmllint: Fix --pedantic option 
Regressed in 74c84a8c.
 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
3665d667f6 xmllint: Clean up option handling 
Remove unnecessary globals and make some local.

Remove unnecessary calls to xmlTextReaderSetParserProp.

Remove unused "oldout" code.

Fix skipArgs.
 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
f8ff4d8688 xmllint: Rework parsing 
Merge a few code paths, making options like --valid or --htmlout work
with some other options.

Improve error handling.
 2024-05-07 17:11:18 +02:00
Nick Wellnhofer
0bef170486 c14n: Fix memory leak after malloc failure 2024-05-07 17:11:18 +02:00
Nick Wellnhofer
5bfaab77f6 fuzz: Fix reader fuzzer 2024-05-07 17:11:18 +02:00
Nick Wellnhofer
72e9267c32 html: Fix memory leak after malloc failure 2024-05-06 17:40:15 +02:00
Nick Wellnhofer
3afaff7e8e xmllint: Check for NULL input in xmlHTMLValidityError 
`ctxt->input` can be NULL after commit 61b4c42f.
 2024-05-06 17:36:17 +02:00
Nick Wellnhofer
ef6e6012e2 xmllint: Fix parsing of maxmem option 
Fix corner cases like 'xmllint --encode --maxmem 123'.

Also fixes --path without LIBXML_VALID_ENABLED.
 2024-05-06 17:36:15 +02:00
Nick Wellnhofer
907a5a4885 xmllint: Fix memory leak in walkDoc 2024-05-06 17:35:26 +02:00
Nick Wellnhofer
a7854e2646 http: Don't pass NULL pointer as memcpy source 2024-05-06 17:35:26 +02:00
Nick Wellnhofer
f4826c8412 xmllint: Add macro for error stream 
Prepare for fuzzing.
 2024-05-06 00:33:19 +02:00
Nick Wellnhofer
d644a23e8f fuzz: Improve xml.dict 
- Add standalone declaration
- Add doctype declaration
- Expand ATTLIST matrix in xml.dict
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
826baf00d4 xmllint: Fix --insert option 
Make sure that parent is an element when calling
xmlValidGetValidElements.
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
20a0de95b4 xmllint: Fix --pushsmall option 
This is only a debugging aid but also useful when fuzzing.
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
81611e06da reader: Don't call xmlCtxtErrMemory with NULL ctxt 
This can happen in "walker" mode.
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
a39e862b96 xmllint: Add explicit cast for -fsanitize=integer 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
a4c2b7233f io: Don't set close callback in xmlParserInputBufferCreateFd 2024-05-05 17:27:12 +02:00
Nick Wellnhofer
422ae4623a xmllint: Make some strings const 2024-05-05 17:26:11 +02:00
Nick Wellnhofer
71a7a33e18 parser: Fix base URI of internal parameter entities 
Search parent inputs of internal parameter entities for base URI.

Fixes a long-standing bug, which manifested in a different way after
commit 955c177f. Reproduce with

    xmllint --noent xmlconf/eduni/errata-2e/E18.xml
 2024-05-03 11:53:45 +02:00
Nick Wellnhofer
fdc5ff3657 parser: Always throw entity errors if external DTD is loaded 
When parsing with XML_PARSE_DTDLOAD, missing entities are always an
error.

Also consolidate behavior when validating. See b717abdd.
 2024-05-03 11:52:54 +02:00
Nick Wellnhofer
39e5b35bd0 parser: Don't create undeclared entity refs in substitution mode 
We never want to create entity reference nodes if entity substitution
is enabled. This also applies to undeclared entities.
 2024-05-03 11:46:01 +02:00
Nick Wellnhofer
ae23a4ce56 unicode: Deprecate most xmlUCSIs* functions 
These don't seem to be used by downstream code.
 2024-04-30 17:42:59 +02:00
Nick Wellnhofer
e637953527 Remove references to old mailing list 2024-04-30 17:00:01 +02:00
Nick Wellnhofer
d2f623d183 reader: Report malloc failure in xmlTextReaderConstValue 2024-04-30 16:36:44 +02:00
Nick Wellnhofer
b8597f46df tree: Handle predefined entities in xmlBufGetEntityRefContent 
It's possible to create references to predefined entities using the tree
API. This edge case was exposed by making predefined entities const in
commit 63ce5f9a.
 2024-04-30 16:05:42 +02:00
Nick Wellnhofer
619e2808b5 tree: Don't call xmlNewCharRef in xmlNodeParseContent 
xmlNewCharRef also tries to handle strings like '&name;' but in
xmlNodeParseContentInternal, we really want to use the possibly invalid
name without modification. Otherwise, content like '&"' could
create a reference to a predefined entity.
 2024-04-30 15:53:08 +02:00
Tomáš Ženčák
ae960cac96 Allow unlimited length decimals, integers etc. 2024-04-30 12:33:47 +02:00
Nick Wellnhofer
bffef46c4c doc: Don't install example code 2024-04-28 22:58:06 +02:00
Nick Wellnhofer
5f75c9560f doc: Remove tutorial 
The tutorial was moved to the Wiki:

https://gitlab.gnome.org/GNOME/libxml2/-/wikis/Tutorial
 2024-04-28 22:57:02 +02:00
Nick Wellnhofer
d381e5de4a doc: Move doc/examples to example 2024-04-28 21:55:34 +02:00
Nick Wellnhofer
1cdfece12b memory: Remove memory debugging 
This is useless compared to sanitizers or valgrind and has a
considerable performance impact if enabled accidentally.
 2024-04-28 20:42:55 +02:00
Nick Wellnhofer
5e80f4381b tree: Deprecate xmlRegisterNodeDefault 
This rarely used feature should be phased out.
 2024-04-28 19:30:40 +02:00
Nick Wellnhofer
88169bfda6 tree: Deprecate xmlSetCompressMode 2024-04-28 19:30:39 +02:00
Nick Wellnhofer
05654cfe00 html: Deprecate htmlHandleOmittedElem 2024-04-28 18:58:27 +02:00