Nick Wellnhofer
e75e878e02
doc: Update and fix documentation
2024-05-20 14:23:39 +02:00
Nick Wellnhofer
9523438ad4
doc: Allow missing author
2024-05-20 14:22:56 +02:00
Nick Wellnhofer
a800e0035c
doc: Allow missing desc if we have a retdesc
...
Allow missing function descriptions if the return value is documented.
2024-05-20 14:22:56 +02:00
Nick Wellnhofer
b47a95fe31
parser: Don't make xmlCtxtErrIO public
2024-05-20 14:22:56 +02:00
Nick Wellnhofer
caa8bb3848
fuzz: Move back to xmlSetExternalEntityLoader
...
xmlParserInputBufferCreateFilenameDefault can't report malloc failures.
2024-05-19 19:39:22 +02:00
Nick Wellnhofer
4fefba4cf6
parser: Rework handling of undeclared entities
...
Throw an error if entity substitution was requested.
Now we only downgrade to a warning if
- XML_PARSE_DTDLOAD wasn't specified, and
- entity aren't substituted or XML_PARSE_NO_XXE was specified.
Should fix #724 .
2024-05-15 17:58:48 +02:00
Nick Wellnhofer
51b5d1e378
fuzz: Don't enable zlib and liblzma with MSan
...
We'd need our own instrumented builds of these libraries.
2024-05-15 16:21:11 +02:00
Nick Wellnhofer
f895af0989
fuzz: Remove OSS-Fuzz timeout option
...
Custom timeouts aren't fully supported on OSS-Fuzz.
2024-05-14 16:08:37 +02:00
Nick Wellnhofer
ec2f68f164
parser: Report malloc failure in xmlNewInputFromFile
2024-05-14 16:04:56 +02:00
Nick Wellnhofer
8d215ac5cc
xpath: Fix quadratic runtime accounting
2024-05-14 15:55:18 +02:00
Nick Wellnhofer
592546267f
threads: Deprecate remaining ThrDef functions
2024-05-14 15:44:50 +02:00
Nick Wellnhofer
b117a912b6
fuzz: Enable xmllint fuzzer on OSS-Fuzz
2024-05-13 13:42:43 +02:00
Nick Wellnhofer
0651ad667c
valid: Report malloc failure after xmlRegExecPushString
2024-05-13 13:08:14 +02:00
Nick Wellnhofer
609d2666fa
Stop defining _REENTRANT
...
This macro is obsolete, see `man feature_test_macros`.
2024-05-13 13:08:14 +02:00
Nick Wellnhofer
b3cb41be8b
fuzz: Add xmllint fuzzer
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
16fb1028a2
reader: Fix error reporting with walker
...
Abort earlier in xmlTextReaderRead if an error was raised.
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
a846719b9c
pattern: Fix memory leak xmlCompileStepPattern
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
4ff2dccf9f
SAX2: Warn if URI resolution failed
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
4fe116ebd3
parser: Don't report error on invalid URI
...
Only fragment identifiers are an error.
This removes the last user of xmlErrMsg*. Now every error reported by
the parser should result in one of ctxt->wellFormed, ctxt->nsWellFormed
or ctxt->valid being set to zero.
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
3dea98eff9
xmllint: Don't free DTD with --dropdtd
...
Entity references point to entities in the DTD, so only unlink the DTD
and don't destroy it.
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
3ad7f81624
[CVE-2024-34459] Fix buffer overread with xmllint --htmlout
...
Add a missing bounds check.
Fixes #720 .
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
c83147bff2
xmllint: Fix --pedantic option
...
Regressed in 74c84a8c
.
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
3665d667f6
xmllint: Clean up option handling
...
Remove unnecessary globals and make some local.
Remove unnecessary calls to xmlTextReaderSetParserProp.
Remove unused "oldout" code.
Fix skipArgs.
2024-05-13 12:50:08 +02:00
Nick Wellnhofer
f8ff4d8688
xmllint: Rework parsing
...
Merge a few code paths, making options like --valid or --htmlout work
with some other options.
Improve error handling.
2024-05-07 17:11:18 +02:00
Nick Wellnhofer
0bef170486
c14n: Fix memory leak after malloc failure
2024-05-07 17:11:18 +02:00
Nick Wellnhofer
5bfaab77f6
fuzz: Fix reader fuzzer
2024-05-07 17:11:18 +02:00
Nick Wellnhofer
72e9267c32
html: Fix memory leak after malloc failure
2024-05-06 17:40:15 +02:00
Nick Wellnhofer
3afaff7e8e
xmllint: Check for NULL input in xmlHTMLValidityError
...
`ctxt->input` can be NULL after commit 61b4c42f
.
2024-05-06 17:36:17 +02:00
Nick Wellnhofer
ef6e6012e2
xmllint: Fix parsing of maxmem option
...
Fix corner cases like 'xmllint --encode --maxmem 123'.
Also fixes --path without LIBXML_VALID_ENABLED.
2024-05-06 17:36:15 +02:00
Nick Wellnhofer
907a5a4885
xmllint: Fix memory leak in walkDoc
2024-05-06 17:35:26 +02:00
Nick Wellnhofer
a7854e2646
http: Don't pass NULL pointer as memcpy source
2024-05-06 17:35:26 +02:00
Nick Wellnhofer
f4826c8412
xmllint: Add macro for error stream
...
Prepare for fuzzing.
2024-05-06 00:33:19 +02:00
Nick Wellnhofer
d644a23e8f
fuzz: Improve xml.dict
...
- Add standalone declaration
- Add doctype declaration
- Expand ATTLIST matrix in xml.dict
2024-05-06 00:32:08 +02:00
Nick Wellnhofer
826baf00d4
xmllint: Fix --insert option
...
Make sure that parent is an element when calling
xmlValidGetValidElements.
2024-05-06 00:32:08 +02:00
Nick Wellnhofer
20a0de95b4
xmllint: Fix --pushsmall option
...
This is only a debugging aid but also useful when fuzzing.
2024-05-06 00:32:08 +02:00
Nick Wellnhofer
81611e06da
reader: Don't call xmlCtxtErrMemory with NULL ctxt
...
This can happen in "walker" mode.
2024-05-06 00:32:08 +02:00
Nick Wellnhofer
a39e862b96
xmllint: Add explicit cast for -fsanitize=integer
2024-05-06 00:32:08 +02:00
Nick Wellnhofer
a4c2b7233f
io: Don't set close callback in xmlParserInputBufferCreateFd
2024-05-05 17:27:12 +02:00
Nick Wellnhofer
422ae4623a
xmllint: Make some strings const
2024-05-05 17:26:11 +02:00
Nick Wellnhofer
71a7a33e18
parser: Fix base URI of internal parameter entities
...
Search parent inputs of internal parameter entities for base URI.
Fixes a long-standing bug, which manifested in a different way after
commit 955c177f
. Reproduce with
xmllint --noent xmlconf/eduni/errata-2e/E18.xml
2024-05-03 11:53:45 +02:00
Nick Wellnhofer
fdc5ff3657
parser: Always throw entity errors if external DTD is loaded
...
When parsing with XML_PARSE_DTDLOAD, missing entities are always an
error.
Also consolidate behavior when validating. See b717abdd
.
2024-05-03 11:52:54 +02:00
Nick Wellnhofer
39e5b35bd0
parser: Don't create undeclared entity refs in substitution mode
...
We never want to create entity reference nodes if entity substitution
is enabled. This also applies to undeclared entities.
2024-05-03 11:46:01 +02:00
Nick Wellnhofer
ae23a4ce56
unicode: Deprecate most xmlUCSIs* functions
...
These don't seem to be used by downstream code.
2024-04-30 17:42:59 +02:00
Nick Wellnhofer
e637953527
Remove references to old mailing list
2024-04-30 17:00:01 +02:00
Nick Wellnhofer
d2f623d183
reader: Report malloc failure in xmlTextReaderConstValue
2024-04-30 16:36:44 +02:00
Nick Wellnhofer
b8597f46df
tree: Handle predefined entities in xmlBufGetEntityRefContent
...
It's possible to create references to predefined entities using the tree
API. This edge case was exposed by making predefined entities const in
commit 63ce5f9a
.
2024-04-30 16:05:42 +02:00
Nick Wellnhofer
619e2808b5
tree: Don't call xmlNewCharRef in xmlNodeParseContent
...
xmlNewCharRef also tries to handle strings like '&name;' but in
xmlNodeParseContentInternal, we really want to use the possibly invalid
name without modification. Otherwise, content like '&"' could
create a reference to a predefined entity.
2024-04-30 15:53:08 +02:00
Tomáš Ženčák
ae960cac96
Allow unlimited length decimals, integers etc.
2024-04-30 12:33:47 +02:00
Nick Wellnhofer
bffef46c4c
doc: Don't install example code
2024-04-28 22:58:06 +02:00
Nick Wellnhofer
5f75c9560f
doc: Remove tutorial
...
The tutorial was moved to the Wiki:
https://gitlab.gnome.org/GNOME/libxml2/-/wikis/Tutorial
2024-04-28 22:57:02 +02:00