IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Consolidate code paths evaluating XPath predicates and filters.
Don't push context node on stack when evaluating predicates. I have no
idea why this was done. It seems completely useless and trying to pop
the context node from a corrupted stack has already caused security
issues.
Filter nodesets in-place and don't create node sets with NULL gaps which
allows to simplify merging a great deal. Simply move matched nodes
backward and create a compact node set.
Merge xmlXPathCompOpEvalPositionalPredicate into
xmlXPathCompOpEvalPredicate.
Rewrite conversion of double to int in xmlXPathSubstringFunction, adding
range checks to avoid undefined behavior. Make sure to add start and
length as floating-point numbers before converting to int. Fix a bug
when rounding negative start indices.
Remove unneeded calls to xmlXPathIs{Inf,NaN} and rely on IEEE math
instead. Avoid computing the string length. xmlUTF8Strsub works as
expected if the length of the requested substring exceeds the input.
Found with libFuzzer and UBSan.
Fix two bugs in xmlXPathNodeValHash which could lead to errors when
comparing nodesets to strings:
- Only use contents of text nodes to compute the hash for element nodes.
Comments, PIs, and other node types don't affect the string-value and
must be ignored.
- Reset `string` to NULL for node types other than text.
Reported by Aleksei on the mailing list:
https://mail.gnome.org/archives/xml/2017-September/msg00016.html
Don't count leading zeros towards the fraction size limit. This allows
to parse numbers like
0.0000000000000000000000000000000000000000000000000000000001
which is the only standard-conformant way to represent such numbers, as
scientific notation isn't allowed in XPath 1.0. (It is allowed in XPath
2.0 and in libxml2 as an extension, though.)
Overall accuracy is still bad, see bug 783238.
Use the C library's floor and ceil functions. The old code was overly
complicated for no apparent reason and could result in undefined
behavior when handling NaNs (found with afl-fuzz and UBSan).
Fix wrong comment in xmlXPathRoundFunction. The implementation was
already following the spec and rounding half up.
When traversing the "preceding" axis from an attribute node, we must
first go up to the attribute's containing element. Otherwise, text
children of other attributes could be returned. This made it possible
to hit a code path in xmlXPathNextAncestor which contained another bug:
The attribute node was initialized with the context node instead of the
current node. Normally, this code path is only hit via
xmlXPathNextAncestorOrSelf in which case the current and context node
are the same.
The combination of the two bugs could result in an infinite loop, found
with libFuzzer.
Traversing the "following" and the "preceding" axis from namespace nodes
should be handled similarly. This wasn't supported at all previously.
The old code would invoke the broken xmlXPtrRangeToFunction. range-to
isn't really a function but a special kind of location step. Remove
this function and always handle range-to in the XPath code.
The old xmlXPtrRangeToFunction could also be abused to trigger a
use-after-free error with the potential for remote code execution.
Found with afl-fuzz.
Fixes CVE-2016-5131.
Make sure that xmlXPathNodeSetAddNs is called for namespace nodes when
matched with a namespace::node() step. This correctly sets the parent
of namespace nodes. Note that xmlXPathNodeSetAddNs must only be called
if working on the namespace axis. Otherwise, the context node is not
the parent of the namespace node and the standard XP_TEST_HIT macro
must be invoked. This explains the errors in the C14N tests that the
old TODO comment mentioned.
The NCName parser would allow any NameChar as start character. For
example, the following XPath expressions would compile:
self::-abc
self::0abc
self::.abc
If the context node is an attribute, the attribute itself is on the
descendant-or-self axis. The principal node type of this axis is element,
so the only node test that can return the attribute is "node()". In other
words, "@attr/descendant-or-self::node()" is equivalent to "@attr".
This matches the behavior of Saxon-CE.
* HTMLparser.c parser.c SAX2.c debugXML.c tree.c valid.c xmlreader.c
xmllint.c include/libxml/HTMLparser.h include/libxml/parser.h:
added a parser XML_PARSE_COMPACT option to allocate small
text nodes (less than 8 bytes on 32bits, less than 16bytes on 64bits)
directly within the node, various changes to cope with this.
* result/XPath/tests/* result/XPath/xptr/* result/xmlid/*: this
slightly change the output
Daniel
* pattern.c, xpath.c, include/libxml/pattern.h: Further
enhancement for XPath streaming, consolidated with
schemas usage of pattern.c. Added a new enum
xmlPatternFlags.
* doc/*, testapi.c, elfgcchack.h: updated to reflect new
enum.
* test/XPath/tests/mixedpat, test/XPath/docs/mixed,
result/XPath/mixedpat: added regression test for problems
reported in bug306348
* xpath.c: fixed the bug in lang() as raised by Elliotte Rusty Harold
* result/XPath/tests/langsimple test/XPath/tests/langsimple
test/XPath/docs/lang: added a regression test
Daniel
* check-xinclude-test-suite.py: improved the script accordingly
to the XInclude regression tests updates
* xpointer.c: Implemented XPointer element() Scheme W3C PR of 13
November 2002
* result/XPath/xptr/chapterschildseq result/XPath/xptr/vidchildseq
test/XPath/xptr/chapterschildseq test/XPath/xptr/vidchildseq:
augmented the Xpointer testsuite for the element() scheme
Daniel
* xpath.c: applied patch from Richard Jinks for the namespace
axis + fixed a memory error.
* parser.c parserInternals.c: applied patches from Peter Jacobi
removing ctxt->token for good.
* xmlschemas.c xmlschemastypes.c: fixed a few memory leaks
popped out by the regression tests.
* Makefile.am: patch for threads makefile from Gary Pennington
Daniel
* test/XPath/expr/floats test/XPath/expr/functions
result/XPath/expr/floats result/XPath/expr/functions
xpath.c: another XPath conformance patch from Richard Jinks
Daniel
* xpath.c: another patch from Richard Jinks for substring conformance
* test/XPath/expr/floats test/XPath/expr/strings
result/XPath/expr/floats result/XPath/expr/strings: update of the
test suite to check those.
Daniel
* trionan.c trionan.h xpath.c: more patches from Richard Jinks
* test/XPath/expr/compare test/XPath/expr/equality
test/XPath/expr/floats test/XPath/expr/functions
test/XPath/expr/strings result/XPath/expr/compare
result/XPath/expr/equality result/XPath/expr/floats
result/XPath/expr/functions result/XPath/expr/strings: Updated
tests though they show a divergence on Linux
Daniel
Fixes in the plane:
- xpath.c: fixed a [] evaluation problem reported
- test/XPath/tests/simpleaddr: extended test
- result/XPath/simpleaddr: updated result
Daniel
- xpath.c result/XPath/tests/chaptersprefol: bugfixes on order and
on predicate
- HTMLparser.[ch] HTMLtree.c result/HTML/doc3.htm.err
result/HTML/doc3.htm.sax result/HTML/wired.html: sometimes one
really want to have tags closed on output even if we accept
unclosed ones on input
Daniel
- HTMLparser.c: some fixes on auto-open of html/head/body
- encoding.c: fixed a compilation error on some gcc env
- xpath.c xpointer.[ch] xpathInternals.h: improved the
XPointer implementation
- test/XPath/xptr/strpoint test/XPath/xptr/strrange3: added
related XPointer tests and associated results
Daniel
- xpointer.c: added support for the 2 extra parameters of
string-range, fixed a stoopid error when '0' was present
in XPointer expressions
- test/XPath/xptr/strrange2 result/XPath/xptr/strrange2: added
testsuite for the above
Daniel
- xpath.c xpointer.c: XPointer reorder of ranges start/end and
string-range for empty strings
- test/XPath/docs/str test/XPath/xptr/chaptersrange
test/XPath/xptr/strrange: augmented the XPointer testsuite
Daniel
- testXPath.c xpath.[ch]: moved some debug functions to xpath core
- xpointer.c: implemented string-range() at least a good first version
- test/XPath/docs/str test/XPath/xptr/strrange
result/XPath/xptr/strrange: the string-range() tests
Daniel
Added XPointer:
- configure.in Makefile.am include/makefile.am: adding XPointer
and XPtrtests target
- xpointer.[ch] : new files for XPointer support
- test/XPath/xptr result/XPath/xptr: added XPointer testsuite and
more XPath tests
Daniel
- configure.in Makefile.am win32config.h.in: trying to cleanup
make distcheck .... huh ...
- include/Makefile.am include/win32config.h: new directory
for includes
- win32/Makefile.mingw win32/README.MSDev win32/libxml2/libxml2.dsp
updated teh makefiles and instructions for WIN32
- xpath.c: small fixes
- test/XPath/ results/XPath: updated the testcases and results
- HTMLparser.c nanohttp.c testXPath.c: incorporated provided or
suggested patches
- valid.c: fixed an ID bug
Daniel
- debugXML.c testXPath.c xpath.[ch]: More work on XPath/Xpointer,
incorporated "(TOM)" <ptittom@free.fr> patches rebuilt the XPath
examples with the extra test
Daniel
- xpath.[ch] debugXML.c testXPath.c: fixed the XPath evaluation
engine, should be far more stable, incorporated a new version of
preceding/following axis, need testing
- uri.c: fixed file:///c:/a/b/c problem
- test/XPath/tests/idsimple: augmented the XPath tests
Daniel
Added xmlValidGetValidElements and xmlValidGetPotentialChildren,
Completed and cleaned up the tests,
Added doc for new modules gnome-xml-xmlmemory.html and gnome-xml-nanohttp.html,
Daniel
