shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2024-10-26 20:25:14 +03:00
Code Releases Activity
6,727 Commits 8 Branches 223 Tags 32 MiB
5a9a0e6fe6
Commit Graph

116 Commits

Author SHA1 Message Date
Nick Wellnhofer
208f27f964 include: Don't define ATTRIBUTE_UNUSED in public header 
Stop polluting namespace with unprefixed names.
 2024-06-15 19:13:08 +02:00
Nick Wellnhofer
df40f64edf fuzz: Avoid accessing internal struct members 
Switch to xmlNewIOInputStream.
 2024-06-13 18:01:23 +02:00
Nick Wellnhofer
5238404325 parser: Pass resource type to resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
f96dca9c0e xmllint: Switch to resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
780e432a5c fuzz: Move to per-context error handler 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
116d8c0166 fuzz: Move to per-context resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
b7f30bae7b fuzz: Fix aarch64 build on OSS-Fuzz 2024-05-28 22:52:30 +02:00
Nick Wellnhofer
caa8bb3848 fuzz: Move back to xmlSetExternalEntityLoader 
xmlParserInputBufferCreateFilenameDefault can't report malloc failures.
 2024-05-19 19:39:22 +02:00
Nick Wellnhofer
51b5d1e378 fuzz: Don't enable zlib and liblzma with MSan 
We'd need our own instrumented builds of these libraries.
 2024-05-15 16:21:11 +02:00
Nick Wellnhofer
f895af0989 fuzz: Remove OSS-Fuzz timeout option 
Custom timeouts aren't fully supported on OSS-Fuzz.
 2024-05-14 16:08:37 +02:00
Nick Wellnhofer
b117a912b6 fuzz: Enable xmllint fuzzer on OSS-Fuzz 2024-05-13 13:42:43 +02:00
Nick Wellnhofer
b3cb41be8b fuzz: Add xmllint fuzzer 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
5bfaab77f6 fuzz: Fix reader fuzzer 2024-05-07 17:11:18 +02:00
Nick Wellnhofer
d644a23e8f fuzz: Improve xml.dict 
- Add standalone declaration
- Add doctype declaration
- Expand ATTLIST matrix in xml.dict
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
68e440eec4 fuzz: Use all test directories for XML seed corpus 
It's probably better to add as many files as possible to the seed corpus
even if they're less specific to a fuzzer.
 2024-04-24 22:52:06 +02:00
Nick Wellnhofer
0977d7a3af fuzz: Build with compression support on OSS-Fuzz 2024-04-23 22:39:53 +02:00
Nick Wellnhofer
510c7988e0 fuzz: Remove reader pass from XML fuzzers 
The reader API is fuzzed separately now.
 2024-04-23 18:43:12 +02:00
Nick Wellnhofer
6641a7e824 fuzz: Enable reader fuzzer on OSS-Fuzz 2024-04-23 18:36:15 +02:00
Nick Wellnhofer
b62ccf7f10 fuzz: Add fuzzer for XML reader API 2024-04-22 12:44:12 +02:00
Nick Wellnhofer
971ce40409 fuzz: Also set fuzzAllocFailed if a real allocation fails 
Avoid false positives in real OOM situations.
 2024-04-14 19:40:22 +02:00
Nick Wellnhofer
1f18d37798 fuzz: Add a few more comments 2024-04-09 13:04:50 +02:00
Nick Wellnhofer
fe3cbf897e fuzz: Check node type before xmlDocSetRootElement 2024-03-29 15:29:53 +01:00
Nick Wellnhofer
ea0ee36546 tree: Align xmlAddChild with other node insertion functions 
Make xmlAddChild unlink the child before insertion. Originally, linked
children would most likely cause tree corruption. The first fix
disallowed linked nodes, but there are cases where insertion of such
nodes could succeed.

Don't abort if the node is already a child of parent. In this case,
the node will be moved to the end of the child list.
 2024-03-29 12:57:20 +01:00
Nick Wellnhofer
bfb02fbca9 fuzz: Fix xmlSetProp in API fuzzer 
Finding the old attribute node is a bit more involved.
 2024-03-28 11:30:05 +01:00
Nick Wellnhofer
887ad90a1a fuzz: Restrict input size of API fuzzer 2024-03-26 14:23:51 +01:00
Nick Wellnhofer
6c5248e2a9 fuzz: Restrict number of copies in API fuzzer 
Avoid timeouts with large inputs.
 2024-03-26 14:21:47 +01:00
Nick Wellnhofer
52efb20a18 fuzz: Enable float-divide-by-zero on OSS-Fuzz 
This was recently disabled globally:

    https://github.com/google/oss-fuzz/pull/11567
 2024-03-24 13:43:25 +01:00
Nick Wellnhofer
d8741b8196 fuzz: Fix namespaces after xmlDOMWrapRemoveNode 2024-03-22 14:55:22 +01:00
Nick Wellnhofer
d4d1f3f33d fuzz: Enable API fuzzer on OSS-Fuzz 2024-03-20 18:45:10 +01:00
Nick Wellnhofer
5ea2970357 fuzz: Reorder API fuzzer ops 2024-03-20 18:41:26 +01:00
Nick Wellnhofer
da32c852a4 fuzz: Check text nodes after merging 
Avoid exponential growth of text.
 2024-03-20 18:33:40 +01:00
Nick Wellnhofer
3f05508a53 tree: Report malloc failures in attribute setters 2024-03-18 15:14:43 +01:00
Nick Wellnhofer
6a49bb777c tree: Introduce xmlSearchNsSafe 
After the failed experiment with a static XML namespace, introduce
versions of xmlSearchNs that report malloc failures.

Optimize the no-document case by only adding the XML namespace
declaration if it wasn't found in an ancestor.
 2024-03-17 21:07:46 +01:00
Nick Wellnhofer
c0edd792ba fuzz: Move fuzzer options to environment variable 2024-03-16 15:20:08 +01:00
Nick Wellnhofer
55175f7537 fuzz: Add OSS-Fuzz build.sh 
Move build.sh to our repo to facilitate changes.
 2024-03-15 22:07:23 +01:00
Nick Wellnhofer
f14f089fe3 fuzz: Add some comments in api.c 2024-03-15 22:07:23 +01:00
Nick Wellnhofer
ee0c1f87c0 fuzz: New tree API fuzzer 2024-03-15 19:54:27 +01:00
Nick Wellnhofer
ce8f3d2c1d fuzz: Improve README 2024-03-10 15:04:00 +01:00
Nick Wellnhofer
d463733fce fuzz: Reenable malloc failure check when serializing 2024-02-04 14:33:19 +01:00
Nick Wellnhofer
84e50a0c48 fuzz: Don't check for malloc failures when serializing 
DTD serialization doesn't report malloc failures yet.
 2024-02-01 17:02:24 +01:00
Nick Wellnhofer
fd801845c8 fuzz: Cap URL size 
Cap URL size to avoid quadratic behavior when generating error messages.
 2024-01-07 16:33:30 +01:00
Nick Wellnhofer
83c1ae13d8 fuzz: Add missing include 
Fix build failure.
 2024-01-07 15:42:46 +01:00
Nick Wellnhofer
30d839776a fuzz: Disable catalogs 
The catalogs API doesn't report OOM errors. It's basically impossible
to use it safely in its current form.
 2024-01-04 15:18:14 +01:00
Nick Wellnhofer
54c70ed57f parser: Improve error handling 
Introduce xmlCtxtSetErrorHandler allowing to set a structured error for
a parser context. There already was the "serror" SAX handler but this
always receives the parser context as argument.

Start to use xmlRaiseMemoryError.

Remove useless arguments from memory error functions. Rename
xmlErrMemory to xmlCtxtErrMemory.

Remove a few calls to xmlGenericError.

Remove support for runtime entity debugging.
 2023-12-21 02:46:27 +01:00
Nick Wellnhofer
4e23892cf0 fuzz: Enable value profile 2023-12-11 22:13:06 +01:00
Nick Wellnhofer
abd74186f9 html: Report malloc failures 
Fix many places where malloc failures aren't reported.

Stop checking for ctxt->instate.
 2023-12-11 22:13:06 +01:00
Nick Wellnhofer
e115194e6f fuzz: Check malloc failure reports in XML fuzzers 2023-12-11 22:13:06 +01:00
Nick Wellnhofer
f19a95108a parser: Report malloc failures 
Fix many places where malloc failures aren't reported.

Make xmlErrMemory public. This is useful for custom external entity
loaders.

Introduce new API function xmlSwitchEncodingName.

Change the way how we store whether the the parser is stopped. This used
to be signaled by setting ctxt->instate to XML_PARSER_EOF which was
misdesigned and error-prone. Set ctxt->disableSAX to 2 instead and
introduce a macro PARSER_STOPPED. Also stop to remove parser inputs in
xmlHaltParser. This allows to remove many checks of ctxt->instate.

Introduce xmlErrParser to handle errors if a parser context is
available.
 2023-12-11 22:13:05 +01:00
Nick Wellnhofer
1a354d5b30 regexp: Report malloc failures 
Fix places where malloc failures aren't reported.
 2023-12-11 22:13:05 +01:00
Nick Wellnhofer
e632d9f02e xpath: Report malloc failures 
Fix many places where malloc failures aren't reported.

Rework XPath object cache to store free objects in a linked list to
avoid allocating an additional array. Remove some unneeded object pools.
 2023-12-11 22:13:05 +01:00