1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-03-13 20:58:16 +03:00

4335 Commits

Author SHA1 Message Date
Juergen Keil
33f658c969 wrong error column in structured error when parsing attribute values
For https://bugzilla.gnome.org/show_bug.cgi?id=734280

libxml2 reports wrong error column numbers (field int2 in xmlError)
in structured error handler, after parsing XML attribute values.

Example XML:

<?xml version="1.0" encoding="UTF-8"?>
<root
xmlns="urn:colbug">&</root>
<!--
         1         2         3         4
1234567890123456789012345678901234567890
-->

Expected location of the error would be line 3, column 21.

The actual location of the error is line 3, column 9:

$ ./xmlparse colbug2.xml
colbug2.xml:3:9: xmlParseEntityRef: no name

The 12 characters of the xmlns attribute value "urn:colbug" are
not accounted for in the error column value.
2014-08-07 17:30:36 +08:00
Juergen Keil
5d4310af45 wrong error column in structured error when skipping whitespace in xml decl
For https://bugzilla.gnome.org/show_bug.cgi?id=734276

libxml2 reports wrong error column numbers (field int2 in xmlError)
in structured error handler, after an XML declaration containing
whitespace.

Example XML:

<?xml  version="1.0"  encoding="UTF-8"     ?><root>&</root>
<!--
         1         2         3         4         5         6
123456789012345678901234567890123456789012345678901234567890
-->

Expected location of the error would be line 1, column 53.

The actual location of the error is line 1, column 44:

$ ./xmlparse colbug1.xml
colbug1.xml:1:44: xmlParseEntityRef: no name
2014-08-07 16:28:09 +08:00
Juergen Keil
d201e71ed0 no error column in structured error handler for xml schema validation errors
For https://bugzilla.gnome.org/show_bug.cgi?id=734363

When using xml schema validation, structured error callbacks do not get
passed a valid column number in xmlError field "int2".

$ ./xmlsaxparse colbug5.xml colbug5.xsd
colbug5.xml:3:0: Element '{urn:colbug5}bx': This element is not
expected.
Expected is ( {urn:colbug5}b ).

The schema error is reported for line 3, column 0 (= N/A).

I'd like to have the column number of the error passed in the xmlError
structure.  With this test case: line 3, column 9.
2014-08-07 11:42:07 +08:00
Gaurav Gupta
658b86c0ea Couple of Missing Null checks
For https://bugzilla.gnome.org/show_bug.cgi?id=734328

Missing Null check could cause crash, if a pointer is dereferenced.

Found problem at two places in valid.c
2014-08-07 11:19:03 +08:00
Kyle VanderBeek
1db9969966 Support element node traversal in document fragments.
https://bugzilla.gnome.org/show_bug.cgi?id=733900
2014-08-05 19:29:06 +08:00
Gaurav Gupta
b8480ae781 Remove a couple of dead conditions
For https://bugzilla.gnome.org/show_bug.cgi?id=733711
2014-07-26 21:14:53 +08:00
Daniel Veillard
42870f46cc Add couple of missing Null checks
For https://bugzilla.gnome.org/show_bug.cgi?id=733710
Reported by Gaurav but with slightly different fixes
2014-07-26 21:04:54 +08:00
Daniel Veillard
2f9b126a5c typo in error messages "colon are forbidden from..."
For https://bugzilla.gnome.org/show_bug.cgi?id=731511
Pointed byt vincent Lefevre
2014-07-26 20:29:36 +08:00
Philip Withnall
4ba5d31769 xmlschemastypes: Fix potential array overflow
The year and month need validating before being put into the
MAX_DAYINMONTH macro.

Coverity issue: #60436

https://bugzilla.gnome.org/show_bug.cgi?id=731990
2014-07-26 20:20:11 +08:00
Philip Withnall
5777ae75ee runtest: Fix a memory leak on parse failure
Coverity issue: #60439

https://bugzilla.gnome.org/show_bug.cgi?id=731990
2014-07-26 20:16:33 +08:00
Philip Withnall
31aa38158a xmlIO: Fix an FD leak on gzdopen() failure
According to the documentation, gzdopen() does not close the FD on
failure (but does effectively close it on success, since gzclose()
closes it).

Coverity issues: #60440, #60441

https://bugzilla.gnome.org/show_bug.cgi?id=731990
2014-07-26 20:13:11 +08:00
Philip Withnall
7746f2f609 xmlcatalog: Fix a memory leak on quit
Coverity issue: #60442

https://bugzilla.gnome.org/show_bug.cgi?id=731990
2014-07-26 20:11:35 +08:00
Philip Withnall
579ebbcb3c HTMLparser: Correctly initialise a stack allocated structure
If not initialised, the ‘node’ member remains undefined.

Coverity issue: #60466

https://bugzilla.gnome.org/show_bug.cgi?id=731990
2014-07-26 20:09:42 +08:00
Daniel Veillard
319e159b11 Fix building when configuring without xpath and xptr
For https://bugzilla.gnome.org/show_bug.cgi?id=732735
schematron little used code and xptr rely on XPath, fix the
configure script.
2014-07-15 11:13:15 +08:00
David Kilzer
30cf439efc Check for tmon in _xmlSchemaDateAdd() is incorrect
For https://bugzilla.gnome.org/show_bug.cgi?id=732705
In _xmlSchemaDateAdd(), the check for |tmon| should be the following
since MAX_DAYINMONTH() expects a month in the range [1,12]:

    if (tmon < 1)
	tmon = 1;

Regression introduced in
https://git.gnome.org/browse/libxml2/commit/?id=14b5643947845df089376106517c4f7ba061e4b0
2014-07-14 22:29:56 +08:00
Gaurav Gupta
e036cb3160 Avoid Possible Null Pointer in trio.c
For https://bugzilla.gnome.org/show_bug.cgi?id=730005
While using assert in libxml2 is really not a good idea, it's
still better to assert than crash
2014-07-14 21:22:07 +08:00
Daniel Veillard
a6ea72ad19 Fix processing in SAX2 in case of an allocation failure
Related to https://bugzilla.gnome.org/show_bug.cgi?id=731360
2014-07-14 20:29:34 +08:00
Daniel Veillard
23243301a6 XMl Shell command "cd" does not handle "/" at end of path
For https://bugzilla.gnome.org/show_bug.cgi?id=731832
small fix
2014-07-14 17:59:31 +08:00
Gaurav Gupta
1811add768 Fix various Missing Null checks
For https://bugzilla.gnome.org/show_bug.cgi?id=732823
2014-07-14 17:50:27 +08:00
Daniel Veillard
c836ba66e5 Fix a potential NULL dereference
For https://bugzilla.gnome.org/show_bug.cgi?id=733040

xmlDictLookup() may return NULL in case of allocation error,
though very unlikely it need to be checked.
2014-07-14 16:39:50 +08:00
Gaurav Gupta
54c4b1aa71 Add a couple of misisng check in xmlRelaxNGCleanupTree
For https://bugzilla.gnome.org/show_bug.cgi?id=733041

check cur->parent before dereferencing the pointer even if
a null parent there should not happen
Also fix a typo
2014-07-14 16:14:44 +08:00
Gaurav Gupta
7d2e8c950f Add a missing argument check
For https://bugzilla.gnome.org/show_bug.cgi?id=733042

the states argument of xmlRelaxNGAddStates() ought to be checked too
2014-07-14 16:08:28 +08:00
Gaurav Gupta
6d753994b9 Adding a check in case of allocation error
For https://bugzilla.gnome.org/show_bug.cgi?id=733043

There is missing Null condition in xmlRelaxNGValidateInterleave of
relaxng.c
Dereferencing it may cause a crash.
2014-07-14 16:01:10 +08:00
Daniel Veillard
4e73bfaee6 Fix a link to James SAX documentation old page 2014-07-12 17:46:46 +08:00
Dennis Filder
8eb55d782a xmlSaveUri() incorrectly recomposes URIs with rootless paths
For https://bugzilla.gnome.org/show_bug.cgi?id=731063

xmlSaveUri() of libxml2 (snapshot 2014-05-31 and earlier) returns
bogus values when called with URIs that have rootless paths
(e.g. "urx🅱️b" becomes "urx://b%3Ab" where "urx:b%3Ab" would be
correct)
2014-06-13 14:56:14 +08:00
Gaurav
3e0eec4319 Adding some missing NULL checks
in SAX2 DOM building code and in the HTML parser
2014-06-13 14:45:20 +08:00
Daniel Veillard
c35af8b18d Fixes for xmlInitParserCtxt
let's make sure that parser options are updated too when a corrsponding
global variable or other field of the context is set.
2014-06-11 17:00:39 +08:00
Daniel Veillard
dd8367da17 Fix regressions introduced by CVE-2014-0191 patch
A number of issues have been raised after the fix, and this patch
tries to correct all of them, though most were related to
postvalidation.
https://bugzilla.gnome.org/show_bug.cgi?id=730290
and other reports on list, off-list and on Red Hat bugzilla
2014-06-11 17:00:39 +08:00
Daniel Veillard
a16eb96807 erroneously ignores a validation error if no error callback set
Reported by Stefan Behnel
https://bugzilla.gnome.org/show_bug.cgi?id=724903
2014-06-10 16:06:14 +08:00
Jonas Eriksson
fcb1bb56ff configure: Add --with-python-install-dir
Cross-compiling the python bindings is a bit difficult today, as the
configure script will figure out the site packages dir
(PYTHON_SITE_PACKAGES) by either:

- Generating the path to the site-package target directories using
  libdir, and see if it exists. As it is not possible to point to the
  full path of the sysroot, since that will yield the wrong install
  path, and that the directory does not neccessarily exist on the host,
  this approach will not work.

- Fetch the site packages dir from the python interpreter as pointed to
  by --with-python. Since this python interpreter will point to the
  sysroot, the install dir generated will be inside the sysroot and thus
  not work.

This patch approaches the problem by adding the possibility of
explicitly stating the install dir of the python packages, leaving it up
to the cross-compilation environment to specify it. The patch does not
affect the default case (non-cross compilation).

Signed-off-by: Jonas Eriksson <jonas.eriksson@enea.com>
2014-06-10 14:44:03 +08:00
Jan Pokorný
acace88c4a Fix typos in relaxng.c
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
2014-06-10 14:41:06 +08:00
Sérgio Batista
d9ea913225 xmllint was not parsing the --c14n11 flag
Cut and paste error, using the wrong variable
2014-06-09 22:10:15 +08:00
Gaurav
7966a761b7 Avoid Possible null pointer dereference in memory debug mode
Fix a use before check on pointer
For https://bugzilla.gnome.org/show_bug.cgi?id=729849
2014-05-09 17:00:08 +08:00
Gaurav
41b0d1c4e5 Avoid Double Null Check
Cleanup
For https://bugzilla.gnome.org/show_bug.cgi?id=729851
2014-05-09 16:52:32 +08:00
Daniel Veillard
9cd1c3cfbd Do not fetch external parameter entities
Unless explicitely asked for when validating or replacing entities
with their value. Problem pointed out by Daniel Berrange <berrange@redhat.com>
CVE-2014-0191
2014-05-06 22:31:51 +08:00
Tristan Van Berkom
f0dd6e11aa xmlNodeSetName: Allow setting the name to a substring of the currently set name
Avoid freeing the currently set name until after having assigned the new name,
this allows one to call xmlNodeSetName (node, node->name + 1) to set the new
name of the node to a substring of the current name without introducing any
crash and without requiring an extra strdup().
2014-04-23 10:42:57 +08:00
Eric Zurcher
7d508fed99 Added macros for argument casts 2014-04-07 09:18:54 +08:00
Daniel Veillard
7e35abeb5f Fix a doc typo
Raised by Blasius Bieselbert on IRC
2014-03-28 22:58:26 +08:00
Nick Wellnhofer
07def30fa7 Restore context size and position after XPATH_OP_ARG
Fixes a bug with predicates:
https://mail.gnome.org/archives/xml/2014-March/msg00014.html
2014-03-24 13:02:06 +01:00
Daniel Veillard
6faa126fc3 Fix xmlParseInNodeContext() if node is not element
We really need to have ctxt->instate == XML_PARSER_CONTENT when
jumping in content parsing
Bug reported by Frank Gross
2014-03-21 17:05:51 +08:00
Gaurav
085b997cfd Avoid a possible NULL pointer dereference
For https://bugzilla.gnome.org/show_bug.cgi?id=708355
2014-02-18 11:47:43 +08:00
Nicolas Le Cam
41586ca667 Fix compilation with minimum and xinclude.
xinclude needs xmlAddNextSibling().
Compile out use of xmlLocationSetPtr when xptr is disabled.
Include xpath header.
2014-02-10 10:36:40 +08:00
Nicolas Le Cam
52010c639a Compile out use of xmlValidateNCName() when not available.
Fix compilation with minimum and valid.
2014-02-10 10:36:20 +08:00
Nicolas Le Cam
1af8b7b22e Fix compilation with minimum and schematron.
Add a hard dependancy on tree.
Disable write and close callbacks when output is disabled.
2014-02-10 10:33:31 +08:00
Nicolas Le Cam
77b5b46409 Legacy needs xmlSAX2StartElement() and xmlSAX2EndElement().
Fix compilation with minimum and legacy.
2014-02-10 10:32:45 +08:00
Nicolas Le Cam
3313d14f9d Don't use xmlValidateName() when not available.
Fix compilation with minimum and debug.
2014-02-10 10:26:30 +08:00
Daniel Veillard
c9ecf45d1b Fix xmlTextWriterWriteElement when a null content is given 2014-02-08 02:23:27 +08:00
Longstreth Jon
190a0b8939 Fix a portability issue on Windows
Apparently an verflow when comparing macro and unsigned long
2014-02-06 10:58:17 +01:00
Daniel Veillard
b0c7e7e57f Fix an typo 'onrest' in htmlScriptAttributes
As pointed out by "Laurent <guitarneck@free.fr>"
2014-02-06 10:50:35 +01:00
Jan Pokorný
75801652a2 Fix typos in {tree,xpath}.c (errror)
Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
2014-02-06 10:47:47 +01:00