shaba/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-03-09 04:58:16 +03:00
Code
5,615 Commits 8 Branches 226 Tags
Commit Graph

5615 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Wellnhofer
9c63cea5a6 test: Add test for push parser boundaries 2022-11-20 21:27:59 +01:00
Nick Wellnhofer
691a771956 parser: Fix 'consumed' accounting when switching encodings 2022-11-20 21:27:59 +01:00
Nick Wellnhofer
c93679381c html: Fix check for end of comment in push parser 
Make sure to reset checkIndex. Handle case where "--" or "--!" is at the
end of the buffer. Fix "avail" check in htmlParseOrTryFinish.
 2022-11-20 21:27:59 +01:00
Nick Wellnhofer
55fb8f72ac parser: Fix push parser with 1-3 byte initial chunk 
Make sure that ctxt->charset is initialized properly.
 2022-11-20 21:27:59 +01:00
Nick Wellnhofer
68a6518c45 parser: Rewrite push parser boundary checks 
Remove inaccurate xmlParseCheckTransition check.

Remove non-incremental xmlParseGetLasts check.

Add functions that check for several boundary constructs more
accurately, keeping track of progress in ctxt->checkIndex.

Fixes #439.
 2022-11-20 21:27:08 +01:00
Nick Wellnhofer
2059df5358 buf: Deprecate static/immutable buffers 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
1ca0dfec35 reader: Switch to xmlParserInputBufferCreateMem 
This is less efficient but can't result in input buffer overreads.

Fixes #326.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
f30adb54f5 uri: Allow port without host 
Don't set port to -1 when host is missing. Host can be empty according
to spec.

Fixes #71.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
76d6b0d768 html: Don't escape ASCII chars in href attributes 
In several cases, href attributes can contain ASCII characters which are
illegal in URIs. Escaping them often does more harm than good.

Fixes #321.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
4955e0c9e1 io: Don't shrink memory input buffers 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
117bab2256 parser: Don't call xmlSHRINK from push parser 
xmlSHRINK also calls xmlParserInputGrow which isn't needed in the push
parser.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
f00739c12e parser: Ignore cdata argument in xmlParseCharData 
It never could be used to parse CDATA sections.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
e4f56a7213 parser: Simplify xmlParseConditionalSections 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
3582b07bd2 parser: Fix content parser progress checks 
This is another attempt at fixing parser progress checks. Instead of
relying on in->consumed, which could overflow, change some content
parser functions to make guaranteed progress on certain byte sequences.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
f7ad338e09 parser: Fix attribute parser progress checks 
This is another attempt at fixing parser progress checks. Instead of
relying on in->consumed, which could overflow, make the attribute parser
functions return a NULL name only if they don't make progress.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
f61b8a6233 parser: Fix DTD parser progress checks 
This is another attempt at fixing parser progress checks. Instead of
relying on in->consumed, which could overflow, change some DTD parser
functions to make guaranteed progress on certain byte sequences.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
249cee4b2a io: Fix a few integer overflows in I/O statistics 
There are still many places where arithmetic on "consumed" stats isn't
checked for overflow, affecting platforms with a 32-bit long type.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
6b57061909 io: Rearrange code in xmlSwitchInputEncodingInt 
No functional change.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
1ef4938fd0 io: Rework xmlParserInputBufferGrow with encodings 
Read data directly into the "raw" buffer when converting encodings.
Make sure not to grow memory input buffers.
 2022-11-20 21:16:03 +01:00
Nick Wellnhofer
46cd7d224e io: Remove xmlInputReadCallbackNop 
In some cases, for example when using encoders, the read callback was
set to NULL, in other cases it was set to xmlInputReadCallbackNop.
xmlGROW only tested for xmlInputReadCallbackNop, resulting in errors
when parsing large encoded content from memory.

Always use a NULL callback for memory buffers to avoid ambiguities.

Fixes #262.
 2022-11-20 21:12:18 +01:00
Nick Wellnhofer
9feafbc5c5 io: Check for memory buffer early in xmlParserInputGrow 2022-11-13 18:08:34 +01:00
Nick Wellnhofer
22d879bf0a io: Fix "buffer full" error with certain buffer sizes 
Remove a useless check in xmlParserInputBufferGrow that could be
triggered after changing xmlBufAvail in c14cac8b.

Fixes #438.
 2022-11-13 15:21:22 +01:00
Nick Wellnhofer
0d1765fdb7 doc: Mention new location of XML catalog as breaking change 2022-11-13 15:21:22 +01:00
Nick Wellnhofer
a249372112 doc: Mention potentially breaking changes in NEWS 2022-11-04 15:10:48 +01:00
Nick Wellnhofer
b693905f9b doc: Remove xmlDllMain from documentation and version script 
This is a Windows-only symbol.
 2022-11-04 14:50:39 +01:00
Nick Wellnhofer
d48faf1a7d doc: Mention ${sysconfdir} in man pages 
Fixes #395.
 2022-11-04 14:35:34 +01:00
Nick Wellnhofer
3ab57bf475 doc: Document xmlcatalog --convert 
Fixes #417.
 2022-11-04 14:35:33 +01:00
Nick Wellnhofer
ae7096a173 doc: Document xmllint --nodict and --pedantic 
Fixes #418.
 2022-11-04 14:35:33 +01:00
Nick Wellnhofer
736487dffb doc: Fix indentation in source XML files 2022-11-04 14:35:33 +01:00
Nick Wellnhofer
a70f7d4715 parser: Fix error message in xmlParseCommentComplex 
Fixes #421.
 2022-11-04 14:03:31 +01:00
Markus Jörg
1fa4d14fbe Bypass proxy in nanoHTTP for hosts in "no_proxy" 2022-11-04 12:34:39 +00:00
Nick Wellnhofer
b45927095e malloc-fail: Fix memory leak in xmlStringGetNodeList 
Also make sure to return NULL on error instead of a partial node list.

Found with libFuzzer, see #344.
 2022-11-02 16:22:54 +01:00
Nick Wellnhofer
5a19e21605 malloc-fail: Fix use-after-free in xmlXIncludeAddNode 
Found with libFuzzer, see #344.
 2022-11-02 16:13:27 +01:00
Nick Wellnhofer
afc7e3a7f4 malloc-fail: Fix memory leak in xmlParseReference 
Found with libFuzzer, see #344.
 2022-11-02 16:11:00 +01:00
Nick Wellnhofer
7ceaee9430 malloc-fail: Fix memory leak in xmlSAX2ExternalSubset 
Found with libFuzzer, see #344.
 2022-11-02 16:05:05 +01:00
Nick Wellnhofer
e129c1d1a2 malloc-fail: Fix infinite loop in xmlSkipBlankChars 
Found with libFuzzer, see #344.
 2022-11-02 16:02:39 +01:00
Nick Wellnhofer
dd50cfeb61 malloc-fail: Fix memory leak in xmlNewDocNodeEatName 
Found with libFuzzer, see #344.
 2022-11-02 15:58:31 +01:00
Nick Wellnhofer
fa361de0b7 malloc-fail: Fix memory leak in xmlNewPropInternal 
Also fixes a memory leak if called with a non-element node.

Found with libFuzzer, see #344.
 2022-11-02 15:57:54 +01:00
Nick Wellnhofer
865e142c41 malloc-fail: Fix memory leak in xmlCreatePushParserCtxt 
Found with libFuzzer, see #344.
 2022-11-02 15:57:53 +01:00
Nick Wellnhofer
a22bd982bf malloc-fail: Fix memory leak in xmlStaticCopyNodeList 
Found with libFuzzer, see #344.
 2022-11-02 15:57:53 +01:00
Nick Wellnhofer
abb5a93fed schemas: Fix infinite loop in xmlSchemaCheckElemSubstGroup 
Types like xmlSchemaTypeAnyTypeDef have a base type pointing to itself,
resulting in an infinite loop.

Fixes #430.
 2022-11-02 10:55:29 +01:00
Nick Wellnhofer
9aba613b14 fuzz: Add new XInclude test directory to corpus 2022-10-31 17:09:54 +01:00
Nick Wellnhofer
b456e3bb42 xinclude: Always allow XPtr expressions in external documents 2022-10-31 16:49:36 +01:00
Nick Wellnhofer
f14529baf5 xinclude: Fix more memory leaks in xmlXIncludeLoadDoc 2022-10-30 14:12:55 +01:00
Nick Wellnhofer
eef0a7395c xinclude: Implement "streaming" mode 
When using xmlreader, XPointer expressions in XIncludes simply cannot
work. Expressions can reference nodes which weren't parsed yet or which
were already deleted.

After fixing nested XIncludes, we reference includes which were parsed
previously. When streaming, these nodes could have been deleted, leading
to use-after-free errors.

Disallow XPointer expressions and truncate the include table in
streaming mode.
 2022-10-30 14:12:55 +01:00
Nick Wellnhofer
7e078cc1fe xinclude: Clean up xmlXIncludeDoProcess 
Only scan new includes in the second pass. Always reset the "replace"
flag.

This only matters if xmlXIncludeDoProcess is called multiple times on
the same document which currently only happens when called from
xmlreader.
 2022-10-30 14:12:55 +01:00
Nick Wellnhofer
075cee9e9f xinclude: Fix memory leak when fuzzing 
This only affects the fuzzing build mode.
 2022-10-29 15:42:01 +02:00
Nick Wellnhofer
b59ff58728 xinclude: Fix memory leak in xmlXIncludeLoadDoc 
Regressed in a recent commit.
 2022-10-28 20:08:02 +02:00
Nick Wellnhofer
66f781cf38 gitlab-ci: Upgrade image to Ubuntu 22.10, reenable MSan 
MSan and 64-bit stat was broken on Ubuntu 22.04 (glibc >= 2.33,
LLVM <= 14), see https://github.com/llvm/llvm-project/commit/1f82d0f7
 2022-10-25 19:34:38 +02:00
Nick Wellnhofer
80e43d1b76 gitlab-ci: Reenable LeakSanitizer 
Let's hope it works on the asan runners.
 2022-10-25 19:34:38 +02:00