Nick Wellnhofer
791a1e80b9
fuzz: Set filename in xmlFuzzEntityLoader
2023-02-28 21:23:11 +01:00
Nick Wellnhofer
cbd9c6c5af
fuzz: Allow xmlFuzzReadString(NULL)
2023-02-28 21:23:11 +01:00
Nick Wellnhofer
aa6b7ed1ed
fuzz: Fix Makefile dependencies
2023-02-28 21:23:11 +01:00
Nick Wellnhofer
524654ed3c
xpath: Fix harmless integer overflow in xmlXPathTranslateFunction
2023-02-27 17:18:11 +01:00
Nick Wellnhofer
8608b71fbc
Revert "xpath: Fix popping of values in xmlXPathPopNodeset"
...
This reverts commit 47b0e0a620
.
2023-02-27 17:18:11 +01:00
Nick Wellnhofer
bc9f372c10
malloc-fail: Fix memory leak in xmlXPathDistinctSorted
...
Found with libFuzzer, see #344 .
2023-02-27 17:18:08 +01:00
Nick Wellnhofer
6f9604f0e3
malloc-fail: Fix memory leak in xmlXPathCacheNewNodeSet
...
Found with libFuzzer, see #344 .
2023-02-27 17:18:06 +01:00
Nick Wellnhofer
4499143a87
malloc-fail: Check for malloc failure in xmlHashAddEntry
...
Found with libFuzzer, see #344 .
2023-02-27 17:18:05 +01:00
Nick Wellnhofer
a442d16a5f
malloc-fail: Fix memory leak in xmlGetNsList
...
Found with libFuzzer, see #344 .
2023-02-27 17:18:02 +01:00
Nick Wellnhofer
44947afba0
malloc-fail: Fix null deref after xmlPointerListAddSize
...
Found with libFuzzer, see #344 .
2023-02-27 17:17:50 +01:00
Nick Wellnhofer
70b21c9f2a
malloc-fail: Fix null deref in xmlXPathCompiledEvalInternal
...
Found with libFuzzer, see #344 .
2023-02-27 17:14:25 +01:00
Nick Wellnhofer
0f112d0289
malloc-fail: Fix use-after-free related to xmlXPathNodeSetFilter
...
Found with libFuzzer, see #344 .
2023-02-26 13:25:01 +01:00
Nick Wellnhofer
a3e11b385c
malloc-fail: Fix memory leak in xmlXPathEqualNodeSetFloat
...
Found with libFuzzer, see #344 .
2023-02-26 13:24:55 +01:00
Nick Wellnhofer
b51478dc95
Revert "malloc-fail: Avoid use-after-free after unsuccessful valuePush"
...
This reverts commit 6a12be77c6
.
There's too much code reading ctxt->value directly and making the wrong
assumptions.
2023-02-26 13:23:47 +01:00
Alexander Kutelev
f931178e5f
cmake: Link against dl
and dld
only when LIBXML2_WITH_MODULES
is enabled
2023-02-24 12:45:01 +00:00
Nick Wellnhofer
47b0e0a620
xpath: Fix popping of values in xmlXPathPopNodeset
...
After 6a12be77
, valuePop can fail even if ctxt->value is non-NULL.
If it turns out that too much code relies on this assumption, a better
fix is needed.
2023-02-23 15:43:15 +01:00
Nick Wellnhofer
359313c1a7
threads: Really fix crash with weak pthread symbols
...
Fix more regressions from 7010d877
and 71931233
.
Fixes #488 .
2023-02-23 14:30:45 +01:00
Nick Wellnhofer
ae8a12f175
schematron: Use logical and
2023-02-22 14:25:29 +01:00
Nick Wellnhofer
4f0a0fb7a2
xinclude: Fix include guard
2023-02-22 14:24:24 +01:00
Nick Wellnhofer
1eb2ca9f47
relaxng: Remove useless if statement
...
ctxt and define are non-NULL at this point.
Fixes #482 .
2023-02-21 15:46:06 +01:00
Nick Wellnhofer
0ce1f8427b
schemas: Remove useless if statement
...
bucket->origTargetNamespace is always NULL in this branch.
Fixes #481 .
2023-02-21 15:46:06 +01:00
Nick Wellnhofer
a509694c17
pattern: Merge identical branches
...
Fixes #479 .
2023-02-21 15:46:06 +01:00
Nick Wellnhofer
85057e5131
regexp: Add sanity check in xmlRegCalloc2
...
These arguments should be non-zero, but add a sanity check to avoid
division by zero.
Fixes #450 .
2023-02-21 15:43:32 +01:00
Nick Wellnhofer
c9e4c6d416
catalog: Fix memory leaks
...
Fixes #377 .
2023-02-21 15:22:01 +01:00
Nick Wellnhofer
7bd77873db
threads: Fix crash with weak pthread symbols
...
Regressed in 7010d877
. Should fix #488 .
2023-02-20 10:56:03 +01:00
Nick Wellnhofer
5d55315e32
parser: Fix OOB read when formatting error message
...
Don't try to print characters beyond the end of the buffer.
Found by OSS-Fuzz.
2023-02-18 17:29:07 +01:00
Nick Wellnhofer
1743c4c3fc
malloc-fail: Fix OOB read after xmlRegGetCounter
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:59 +01:00
Nick Wellnhofer
40bc1c699a
malloc-fail: Fix memory leak in xmlFAParseCharProp
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:55 +01:00
Nick Wellnhofer
e64653c0e7
malloc-fail: Fix leak of xmlRegAtom
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:55 +01:00
Nick Wellnhofer
ed615967df
malloc-fail: Fix memory leak in xmlRegexpCompile
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:55 +01:00
Nick Wellnhofer
53d1cc98cf
malloc-fail: Fix error code in htmlParseChunk
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:51 +01:00
Nick Wellnhofer
15b0ed0815
malloc-fail: Fix infinite loop in htmlParseDocTypeDecl
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:47 +01:00
Nick Wellnhofer
041789d9ec
malloc-fail: Fix null deref in htmlnamePush
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:43 +01:00
Nick Wellnhofer
0ec9c91064
malloc-fail: Fix infinite loop in htmlParseStartTag
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:38 +01:00
Nick Wellnhofer
04c2955197
malloc-fail: Fix infinite loop in htmlParseContentInternal
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:34 +01:00
Nick Wellnhofer
f3e62035d8
malloc-fail: Fix memory leak in htmlCreatePushParserCtxt
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:29 +01:00
Nick Wellnhofer
fc256953d2
malloc-fail: Fix memory leak in htmlCreateMemoryParserCtxt
...
Found with libFuzzer, see #344 .
2023-02-17 17:18:25 +01:00
Nick Wellnhofer
643b4e90eb
malloc-fail: Fix infinite loop in htmlParseStartTag
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
ec05f04d8b
malloc-fail: Fix memory leak in xmlXIncludeLoadTxt
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
c02df68651
malloc-fail: Fix memory leak in xmlXIncludeLoadDoc
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
bc7740b3c3
malloc-fail: Fix memory leak in xmlCopyPropList
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
8d22e06588
malloc-fail: Fix memory leak after calling xmlXPathNodeSetMerge
...
Destroy the first argument in xmlXPathNodeSetMerge if the function
fails. This is somewhat dangerous but matches the expectations of users.
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
d31a0e8e75
malloc-fail: Fix memory leak after calling xmlXPathWrapString
...
Destroy the string in xmlXPathWrapString if the function fails. This is
somewhat dangerous but matches the expectations of users.
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
3dc645227e
malloc-fail: Fix memory leak in xmlXPathEqualValuesCommon
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:52 +01:00
Nick Wellnhofer
691f7eb44d
malloc-fail: Fix memory leak in xmlXPathCompareValues
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:51 +01:00
Nick Wellnhofer
ac746afd33
malloc-fail: Fix memory leak in xmlXPathTryStreamCompile
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:51 +01:00
Nick Wellnhofer
85bc313e79
malloc-fail: Fix memory leak after calling valuePush
...
Destroy the object in valuePush if the function fails. This is somewhat
dangerous but matches the expectations of users.
Found with libFuzzer, see #344 .
2023-02-17 17:16:51 +01:00
Nick Wellnhofer
f5e1174933
malloc-fail: Fix memory leak after calling xmlXPathWrapNodeSet
...
Destroy the node set in xmlXPathWrapNodeSet if the function fails.
This is somewhat dangerous but matches the expectations of users.
Found with libFuzzer, see #344 .
2023-02-17 17:16:51 +01:00
Nick Wellnhofer
3b59fdf001
malloc-fail: Fix memory leak in xmlXIncludeAddNode
...
Found with libFuzzer, see #344 .
2023-02-17 17:16:51 +01:00
Nick Wellnhofer
e60c9f4c4b
malloc-fail: Fix memory leak after xmlRegNewState
...
Invoke xmlRegNewState from xmlRegStatePush to simplify error handling.
Found with libFuzzer, see #344 .
2023-02-17 17:16:51 +01:00