IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This adds support for some non-standard escape sequences observed
in Microsoft's MSXML DLLs and used by Windows apps, and thus
needed by Wine. Some are also used in other XML implementations,
eg. Java's.
This isn't intended to be final. We probably wish to toggle these
non-standard escape sequences on and off somehow, as needed by
the caller.
Further discussion: https://gitlab.gnome.org/GNOME/libxml2/-/issues/260
XSD validation fails when some atomic types contain surrounding whitespace
even though XML Schema Part 2: Datatypes Second Edition, section 4.3.6
says they should be collapsed. Fix this.
(I am not sure whether the test is correct.)
Issue: #278
Before, we tried to reset the last error in xmlCleanupParser. But if
xmlCleanupParser wasn't called from the main thread, this would reset
the thread-local error object. xmlCleanupGlobals has access to the
error object of the main thread and can reset it reliably.
We never want translation of newlines when reading files, so it should
be safe to always specify "rb". On sane platforms, the "b" flag is
simply ignored.
From what I can tell, some really early Cygwin versions from around
1998-2000 used to erroneously define _WIN32. This was eventually fixed,
but these days, the `defined(_WIN32) && !defined(__CYGWIN__)` idiom is
unnecessary.
Now, we only check for __CYGWIN__ in xmlexports.h when deciding whether
to use __declspec.
Only try to parse a start tag if there's a '<' followed by an ASCII
letter. This is more in line with HTML5 and the old behavior in
recovery mode. Emit a literal '<' if the following character is
invalid.
Fixes#101.
Fixes#339.
Fix runtest and Python bindings when building --without-valid.
The Python tests still fail. There doesn't seem to be a mechanism to
disable tests depending on feature flags.
These functions are only needed internally for validation.
xmlGetRefs is inherently unsafe because the ref table isn't updated
if attributes are removed (unlike the ids table).
None of the Ubuntu 20.04 packages depending on libxml2 use any of these
functions (except xmlFreeRefTable in libxslt), so it seems perfectly
safe to deprecate them.
Remove xmlIsRef and xmlRemoveRef from the Python bindings.
Downgrade the error message to a warning since the error was ignored,
anyway. Also print the name of redeclared entity. For a proper fix that
also shows filename and line number of the invalid redeclaration, we'd
have to
- pass the parser context to the entity functions somehow, or
- make these functions return distinct error codes.
Partial fix for #308.
When parsing without entity substitution, IDs or IDREFs containing
unexpanded entity reference like "abc&x;def" could be created. We could
try to expand these entities like in validation mode, but it seems
safer to honor the request not to expand entities. We silently ignore
such IDs for now.
Now that no references to ID and IDREF attributes are stored in
streaming validation mode, there's no need to try and remove them.
Also remove xmlTextReaderFreeIDTable which was identical to
xmlFreeIDTable.
Use a bitmask instead of magic values to
- keep track whether the validation context is part of a parser context
- keep track whether xmlValidateDtdFinal was called
This allows to add addtional flags later.
Note that this deliberately changes the name of a public struct member,
assuming that this was always private data never to be used by client
code.
If a document is parsed with XML_PARSE_DTDVALID and without
XML_PARSE_NOENT, the value of ID attributes has to be normalized after
potentially expanding entities in xmlRemoveID. Otherwise, later calls
to xmlGetID can return a pointer to previously freed memory.
ID attributes which are empty or contain only whitespace after
entity expansion are affected in a similar way. This is fixed by
not storing such attributes in the ID table.
The test to detect streaming mode when validating against a DTD was
broken. In connection with the defects above, this could result in a
use-after-free when using the xmlReader interface with validation.
Fix detection of streaming mode to avoid similar issues. (This changes
the expected result of a test case. But as far as I can tell, using the
XML reader with XIncludes referencing the root document never worked
properly, anyway.)
All of these issues can result in denial of service. Using xmlReader
with validation could result in disclosure of memory via the error
channel, typically stderr. The security impact of xmlGetID returning
a pointer to freed memory depends on the application. The typical use
case of calling xmlGetID on an unmodified document is not affected.
