kmx git

Commit	Date	Message
253f260b	2023-10-18T20:06:35	threads: Fix --with-thread-alloc Fixes #606.
4f132bcd	2023-10-14T22:49:29	fuzz: Raise rss_limit_mb
e019d97f	2023-10-14T22:47:20	fuzz: Test XML_PARSE_XINCLUDE \| XML_PARSE_VALID
c13a0191	2023-10-14T22:48:12	fuzz: Test xmlTextReaderRead after EOF or failure
86ef190e	2023-10-14T22:43:25	parser: Fix stack handling in xmlParseTryOrFinish After commit e0dd330b, this latent bug could cause use-after-free errors in rare circumstances like using the reader API with recovery and XIncludes.
7dfcea03	2023-10-11T14:19:04	dict: Fix integer overflow in xmlDictAddString Short-lived regression. Older versions didn't check for integer overflow, but limited name length to INT_MAX / 2. Reintroduce this limit. Found by OSS-Fuzz.
fef12ed8	2023-10-11T13:32:54	buf: Also reset input in error case Avoid dangling pointers if memory allocation failed. This could cause a use-after-free after recent changes. Found by OSS-Fuzz.
514ab399	2023-10-11T13:25:49	parser: Don't overwrite error state in xmlParseTextDecl If a memory allocation fails, this could cause a null deref after recent changes. Found by OSS-Fuzz.
821a0370	2023-10-09T15:20:00	parser: Fix memory leak in xmlLoadEntityContent Found by OSS-Fuzz.
4fc5340e	2023-10-08T14:17:46	parser: Also grow comment buffer if SAX is disabled Fix short-lived regression from 8afd321a, found by OSS-Fuzz.
36374bc9	2023-10-08T14:08:44	parser: Fix error handling in xmlLoadEntityContent Backup more members of context struct. Fix small accounting error.
b76d81da	2023-10-06T11:50:29	parser: Fix regression when push parsing parameter entities Short-lived regression from 834b8123. Also shrink parameter entity buffers when push parsing.
134d2ad8	2023-10-06T00:31:44	parser: Protect against quadratic default attribute expansion
8afd321a	2023-10-05T22:02:56	parser: Missing checks for disableSAX
6337a14a	2023-10-06T10:44:38	tests: Handle entities in SAX tests
7615fae6	2023-10-05T23:52:55	parser: Make XML_PARSE_NSCLEAN option work again
0ba22c05	2023-10-05T22:05:04	parser: Support encoded external PEs in entity values Corner case which was never supported.
713ded60	2023-10-06T10:43:38	entities: Make xmlFreeEntity public
97e99f41	2023-10-05T17:11:24	parser: Acknowledge that entities with namespaces are broken Entities which reference out-of-scope namespace have always been broken. xmlParseBalancedChunkMemoryInternal tried to reuse the namespaces currently in scope but these namespaces were ignored by the SAX handler. Besides, there could be different namespaces in scope when expanding the entity again. For example: <!DOCTYPE doc [ <!ENTITY ent "<ns:elem/>"> ]> <doc> <decl1 xmlns:ns="urn:ns1"> &ent; </decl1> <decl2 xmlns:ns="urn:ns2"> &ent; </decl2> </doc> Add some comments outlining possible solutions to this problem. For now, we stop copying namespaces to the temporary parser context in xmlParseBalancedChunkMemoryInternal. This has never really worked and the recent changes contained a partial fix which uncovered other problems like a use-after-free with the XML Reader interface, found by OSS-Fuzz.
b8e03e13	2023-10-02T15:07:55	examples: Don't use sprintf Avoids warnings on macOS.
1734d27d	2023-10-02T15:04:18	encoding: Suppress -Wcast-align warnings
71aae4e9	2023-10-02T14:42:51	dict: Compare strings with strncmp Using memcmp can result in OOB reads. Short-lived regression found by OSS-Fuzz.
eb69c1d3	2023-10-02T12:16:05	parser: Fix initialization of namespace data Move initialization to xmlInitSAXParserCtxt. Also add missing XML_HIDDEN to xmlParserNsFree. Fixes #597.
fc496793	2023-10-02T12:05:36	parser: Fix error handling in xmlParseQNameHashed Short-lived regression found by OSS-Fuzz.
6dd87f5e	2023-09-30T17:11:25	malloc-fail: Fix memory leak in xmlParseBalancedChunkMemoryInternal Short-lived regression found by OSS-Fuzz.
f0a703da	2023-09-30T17:05:47	dict: Fix null-deref with empty subdict Short lived regression found by OSS-Fuzz.
61e29b69	2023-09-30T17:02:46	malloc-fail: Grow hash tables before making allocations Fix short-lived memory leak found by OSS-Fuzz.
80a0580f	2023-09-30T15:47:46	xinclude: Expand comment about fuzz timeouts
fa481873	2023-09-30T14:45:53	fuzz: Disable XML_PARSE_SAX1 option in xml fuzzer There a no plans to fix quadratic behavior in the legacy SAX1 interface.
5c150acc	2023-09-29T16:07:45	doc: Add notes about runtest to MAINTAINERS.md
06e2f3a4	2023-09-29T13:18:34	legacy: Add private declarations for stubs Required after 8c084ebd.
0533daf5	2023-09-29T02:45:20	encoding: Fix infinite loop in xmlCharEncInput Short-lived regression from 95e81a36.
e0dd330b	2023-09-29T00:18:44	parser: Use hash tables to avoid quadratic behavior Use a hash table to lookup namespaces by prefix. The hash table stores an index into the namespace table. Auxiliary data for namespaces is stored in a separate array along the main namespace table. Use a hash table to verify attribute uniqueness. The hash table stores an index into the attribute table. Reuse hash value from the dictionary to avoid computing them twice. See #346.
e48f3d8e	2023-09-27T16:47:37	tests: Add more tests for redefined attributes
a873191c	2023-09-25T14:51:35	parser: Introduce xmlParseQNameHashed
cb927e85	2023-09-25T14:35:43	parser: Don't skip CR in xmlCurrentChar Skip over carriage returns later in xmlNextChar.
19161bab	2023-09-25T14:00:48	dict: Internal API to look up hash values
d147f564	2023-09-11T05:37:55	dict: Rewrite dictionary hash table code Rewrite the dictionary hash table to use open addressing with Robin Hood probing. See previous commit.
4a513d56	2023-09-16T19:12:25	hash: Rewrite hash table code This is a complete rewrite of the code in hash.c Move from a chained hash table implementation to open addressing with Robin Hood probing. This allows to increase the maximum fill factor and further reduce the growth factor, saving considerable amounts of memory without sacrificing performance. To make this work, hash values are now cached in the table entry also avoiding many key comparisons. Tables are created lazily with a smaller minimum size. Insertion functions now report an error if growing the table resulted in a memory allocation failure. Some string comparisons were optimized to call directly into libc instead of using the xmlstring API. The length of inserted keys is computed along with the hash improving allocation performance. Bounds checking was made more robust. In dictionary-based mode, unneeded interning of strings is avoided.
4f221a77	2023-09-12T19:08:07	hash: Add hash table tests Make sure to properly test removal from hash tables.
1425d8f6	2023-09-16T19:08:10	dict: Separate RNG code
42a0bc6d	2023-09-16T19:45:30	tests: Add ATTRIBUTE_NO_SANITIZE_INTEGER macro
845bd99f	2023-09-25T00:19:28	string: Fix UTF-8 validation in xmlGetUTF8Char
3e7673bc	2023-09-23T17:31:55	malloc-fail: Report malloc failure in xmlFARegExec
b31813e6	2023-09-28T15:34:08	include: Add more missing stdio.h includes
b8961a75	2023-09-27T17:22:17	parser: Fix reinitialization
c7ff438b	2023-09-10T13:00:31	cmake: Only use pkg-config for .pc files, not for building binaries Using `pkg_check_modules(FOO IMPORTED_TARGET foo)` with `target_link_libraries()` leads to `INTERFACE_LINK_LIBRARIES` in the resulting export file having `\$<LINK_ONLY:PkgConfig::FOO>` rather than the currently expected `\$<LINK_ONLY:FOO::FOO>`, leading to breakage. This can be worked around like so: target_link_libraries(UseFoo PUBLIC "$<BUILD_INTERFACE:PkgConfig::FOO>" INTERFACE "$<INSTALL_INTERFACE:FOO::FOO>" ) However, following some discussion, it is preferable to primarily use find modules as before and only use `pkg_check_modules` for correctly populating the .pc file. Also move `find_package()` calls earlier so that builds fail faster when dependencies are missing.
9d534522	2023-09-10T13:50:18	cmake: Check whether static linking dependencies found in config files If they were required when building libxml2 then they will also be required when statically linking against it. Failing to find them will just lead to undefined references later so detect this early.
8617d8aa	2023-09-10T13:07:49	cmake: Find threads dep early as it may be needed for later checks
b7d56ef7	2023-09-22T17:03:56	malloc-fail: Report malloc failure in xmlRegEpxFromParse Also check whether malloc failures are reported when fuzzing.
d94f0b0b	2023-09-22T15:46:11	doc: Update MAINTAINERS and NEWS
84e1ffc8	2023-09-22T15:44:17	doc: Don't document internal macros in xmlversion.h
b9db3d7d	2023-09-22T15:45:20	parser: Simplify xmlStringCurrentChar Start to move away from using this function.
f98fa863	2023-09-22T15:25:40	regexp: Fix status codes and handle invalid UTF-8 Fixes #561.
b94283fb	2023-09-22T14:23:27	regexp: Add missing include
bc4e82ff	2023-09-22T13:37:28	globals: Don't use thread-local storage on Darwin It seems that thread-local storage destructors are run before pthread thread-specific data destructors on Darwin, defeating our scheme to use TSD to clean up TLS. Here's an example program that reports a use-after-free when compiled with `-fsanitize=address` on macOS: #include <pthread.h> typedef struct { int v; } my_struct; static _Thread_local my_struct tls; pthread_key_t key; void dtor(void tsd) { my_struct s = (my_struct ) tsd; / * This will crash ASan, apparently because * TLS has already been freed. / s->v = 1; } void thread(void *p) { pthread_setspecific(key, &tls); return NULL; } int main(void) { pthread_key_create(&key, dtor); pthread_t handle; pthread_create(&handle, NULL, thread, NULL); pthread_join(handle, NULL); return 0; }
45470611	2023-09-21T23:52:52	error: Make xmlGetLastError return a const error This is a slight break of the API, but users really shouldn't modify the global error struct. The goal is to make xmlLastError use static buffers for its strings eventually. This should warn people if they're abusing the struct.
fc26934e	2023-09-21T23:29:18	memory: Fix memory debugging with Windows threads On Windows, malloc hooks can be called after the final call to xmlCleanupParser in various tests. This means that xmlMemMutex can still be accessed if memory debugging is enabled, so the mutex should not be cleaned. This also means that tests may report spurious memory leaks on Windows. The old implementation avoided the issue by keeping track of all global state objects in a doubly linked list, so they could be cleaned during xmlCleanupParser. But as far as I can tell all memory will be freed eventually, so this is mostly an issue with our test suite.
6eb2a00d	2023-09-21T22:58:02	tests: Update testapi.c
8c084ebd	2023-09-21T22:57:33	doc: Make apibuild.py happy
e4091bcf	2023-09-21T22:54:57	doc: Allow 'unsigned' without 'int'
46d7aaec	2023-09-21T22:54:30	doc: Add ignored tokens to apibuild.py
6c4ea468	2023-09-21T21:31:52	python: Fix tests Revert part of commit 138213ac.
05135536	2023-09-21T20:40:32	globals: Fix build --with-threads --without-output Fixes #593.
c5890716	2023-09-21T17:01:35	html: Fix logic in htmlAutoClose Note that the function is never called with a NULL newtag. Fixes #591.
81741ea4	2023-09-21T16:29:28	xmlreader: Fix EOF detection in xmlTextReaderPushData
89ee0369	2023-09-21T15:13:16	python: Fix potential crash in tests/thread2.py Memory debugging must be initialized.
72262030	2023-09-21T14:52:14	parser: Readd some includes to parser.h and xmlreader.h Fix backward compatibility.
9fc5090c	2023-09-16T19:58:42	hash: Clean up libxml/hash.h Rename variables, fix subincludes, whitespace.
de4b270a	2023-09-21T14:31:31	autotools: Make --with-minimum disable lzma support Fix an oversight when handling the --with-minimum option.
f9d717af	2023-09-21T13:05:49	fuzz: Allow to fuzz without push, reader or output modules
fe1bfb34	2023-09-21T12:33:46	gitlab-ci: Add a "medium" config build Also run CI tests with a build where most modules except a few are disabled. This is the minimum configuration required for libxslt: --with-tree --with-xpath --with-output --with-html Also add --with-threads.
e7f0d88b	2023-09-21T01:38:26	build: Remove some GCC warnings -Wnested-externs produces spurious warnings after implicit declaration of functions. -Winline is useless since we don't use inlines. -Wredundant-decls was already removed for autotools.
da274bfa	2023-09-21T01:29:40	build: Fix build when certain modules are disabled
9b5cce7a	2023-09-21T00:44:50	include: Remove more unnecessary includes
f0e8358e	2023-09-20T23:07:58	globals: Final fixes
d6ba4033	2023-09-20T20:49:59	globals: Move remaining declarations to correct places globals.h is now deprecated. Sanity is restored.
1117fae0	2023-09-20T19:20:41	include: Remove unneeded includes
736327df	2023-09-20T19:09:15	include: Break inclusion cycle between tree.h and xmlregexp.h
699299ca	2023-09-20T18:54:39	globals: Stop including globals.h
11a1839d	2023-09-20T17:54:48	globals: Move remaining globals back to correct header files This undoes a lot of damage.
7909ff08	2023-09-20T17:38:26	include: Remove unnecessary includes - Don't include tree.h from encoding.h - Don't include parser.h from xmlIO.h
eb985d6f	2023-09-20T17:17:49	globals: Move error globals back to xmlerror.c
d1336fd3	2023-09-20T17:00:50	globals: Move malloc hooks back to xmlmemory.h
a77f9ab8	2023-09-20T16:57:22	globals: Don't include SAX2.h from globals.h
2e6c49a7	2023-09-20T14:43:14	globals: Don't store xmlParserVersion in global state This is a constant.
0830fcfa	2023-09-20T14:30:12	globals: Deprecate xmlLastError The last error should be accessed with xmlGetLastError.
db8b9722	2023-09-20T13:56:16	parser: Deprecate global parser options Note that setting global options has no effect anyway when using any of the modern parser API functions which take an option argument like xmlReadMemory or when using xmlCtxtUseOptions. Global options only have an effect when using old API functions xmlParse* or xmlSAXParse* or when using an xmlParserCtxt without calling xmlCtxtUseOptions. Unfortunately, many downstream projects still modify global parser options often without realizing that it has no effect. If necessary, switch to the modern API. Then you can safely remove all code that changes global options. Here's a list of deprecated functions and global variables together with the corresponding parser options. - xmlSubstituteEntitiesDefault, xmlSubstituteEntitiesDefaultValue Parser option XML_PARSE_NOENT - xmlKeepBlanksDefault, xmlKeepBlanksDefaultValue Inverse of parser option XML_PARSE_NOBLANKS - xmlPedanticParserDefault, xmlPedanticParserDefaultValue Parser option XML_PARSE_PEDANTIC - xmlLineNumbersDefault, xmlLineNumbersDefaultValue Always enabled by new API - xmlDoValidityCheckingDefaultValue Parser option XML_PARSE_DTDVALID - xmlGetWarningsDefaultValue Inverse of parser option XML_PARSE_NOWARNING - xmlLoadExtDtdDefaultValue Parser options XML_PARSE_DTDLOAD and XML_PARSE_DTDATTR
209516ac	2023-09-20T15:49:03	tests: Don't use deprecated symbols
692a5c40	2023-09-20T13:51:26	xmllint: Don't set deprecated globals
ea29b951	2023-09-20T13:30:01	globals: Abort if lazy allocation of global state failed There's really nothing we can do in this situation, so it's better to abort with an error message.
868b94b8	2023-09-20T13:10:29	globals: Reformat libxml/globals.h
bbf08608	2023-09-20T13:05:02	globals: Move buffer callback declarations to xmlIO.h
dc3382ef	2023-09-20T12:58:03	globals: Move xmlRegisterNodeDefault to tree.c Code in globals.c must not try to access globals itself since the accessor macros aren't defined and we would only see the main variable.
75976742	2023-09-20T12:45:14	globals: Add a few comments
ecbd634c	2023-09-19T17:21:30	threads: Fix double-checked locking in xmlInitParser Hopefully work around the classic problem with double-checked locking: Another thread could read xmlParserInitialized == 1 but doesn't see other initialization results yet due to compiler or hardware reordering. While unlikely, this seems theoretically possible. The solution is to add a memory barrier after initializing the data but before setting xmlParserInitialized. It might be enough to use a second initialization flag which is only used inside the locked section and update xmlParserInitialized after unlocking. But I haven't seen this approach in many articles discussing this issue, so it's possibly flawed as well.
f7a403c2	2023-09-19T13:52:53	globals: Move xmlIsMainThread to globals.c xmlIsMainThread is mainly needed for global variables.
b173b724	2023-09-19T13:17:00	globals: Use thread-local storage if available Also use thread-local storage to store globals on POSIX platforms. Most importantly, this makes sure that global variable access can't fail when allocating the global state struct.
e7b6ca15	2023-09-18T13:25:06	globals: Rework global state destruction on Windows If DllMain is used, rely on it working as expected. The old code seemed to attempt to free global state of other threads if, for some reason, the DllMain mechanism didn't work. In a static build, register a destructor with RegisterWaitForSingleObject. Make public functions xmlGetGlobalState and xmlInitializeGlobalState no-ops. Move initialization and registration of global state objects to xmlInitGlobalState. Lookup global state with xmlGetThreadLocalStorage which can be inlined nicely. Also cleanup global state when using TLS. xmlLastError must be reset.
39a275a5	2023-09-18T21:25:35	globals: Define globals using macros Declare and define globals and helper functions by (ab)using the preprocessor.

253f260b

2023-10-18T20:06:35

threads: Fix --with-thread-alloc Fixes #606.

4f132bcd

2023-10-14T22:49:29

fuzz: Raise rss_limit_mb

e019d97f

2023-10-14T22:47:20

fuzz: Test XML_PARSE_XINCLUDE | XML_PARSE_VALID

c13a0191

2023-10-14T22:48:12

fuzz: Test xmlTextReaderRead after EOF or failure

86ef190e

2023-10-14T22:43:25

parser: Fix stack handling in xmlParseTryOrFinish After commit e0dd330b, this latent bug could cause use-after-free errors in rare circumstances like using the reader API with recovery and XIncludes.

7dfcea03

2023-10-11T14:19:04

dict: Fix integer overflow in xmlDictAddString Short-lived regression. Older versions didn't check for integer overflow, but limited name length to INT_MAX / 2. Reintroduce this limit. Found by OSS-Fuzz.

fef12ed8

2023-10-11T13:32:54

buf: Also reset input in error case Avoid dangling pointers if memory allocation failed. This could cause a use-after-free after recent changes. Found by OSS-Fuzz.

514ab399

2023-10-11T13:25:49

parser: Don't overwrite error state in xmlParseTextDecl If a memory allocation fails, this could cause a null deref after recent changes. Found by OSS-Fuzz.

821a0370

2023-10-09T15:20:00

parser: Fix memory leak in xmlLoadEntityContent Found by OSS-Fuzz.

4fc5340e

2023-10-08T14:17:46

parser: Also grow comment buffer if SAX is disabled Fix short-lived regression from 8afd321a, found by OSS-Fuzz.

36374bc9

2023-10-08T14:08:44

parser: Fix error handling in xmlLoadEntityContent Backup more members of context struct. Fix small accounting error.

b76d81da

2023-10-06T11:50:29

parser: Fix regression when push parsing parameter entities Short-lived regression from 834b8123. Also shrink parameter entity buffers when push parsing.

134d2ad8

2023-10-06T00:31:44

parser: Protect against quadratic default attribute expansion

8afd321a

2023-10-05T22:02:56

parser: Missing checks for disableSAX

6337a14a

2023-10-06T10:44:38

tests: Handle entities in SAX tests

7615fae6

2023-10-05T23:52:55

parser: Make XML_PARSE_NSCLEAN option work again

0ba22c05

2023-10-05T22:05:04

parser: Support encoded external PEs in entity values Corner case which was never supported.

713ded60

2023-10-06T10:43:38

entities: Make xmlFreeEntity public

97e99f41

2023-10-05T17:11:24

parser: Acknowledge that entities with namespaces are broken Entities which reference out-of-scope namespace have always been broken. xmlParseBalancedChunkMemoryInternal tried to reuse the namespaces currently in scope but these namespaces were ignored by the SAX handler. Besides, there could be different namespaces in scope when expanding the entity again. For example: <!DOCTYPE doc [ <!ENTITY ent "<ns:elem/>"> ]> <doc> <decl1 xmlns:ns="urn:ns1"> &ent; </decl1> <decl2 xmlns:ns="urn:ns2"> &ent; </decl2> </doc> Add some comments outlining possible solutions to this problem. For now, we stop copying namespaces to the temporary parser context in xmlParseBalancedChunkMemoryInternal. This has never really worked and the recent changes contained a partial fix which uncovered other problems like a use-after-free with the XML Reader interface, found by OSS-Fuzz.

b8e03e13

2023-10-02T15:07:55

examples: Don't use sprintf Avoids warnings on macOS.

1734d27d

2023-10-02T15:04:18

encoding: Suppress -Wcast-align warnings

71aae4e9

2023-10-02T14:42:51

dict: Compare strings with strncmp Using memcmp can result in OOB reads. Short-lived regression found by OSS-Fuzz.

eb69c1d3

2023-10-02T12:16:05

parser: Fix initialization of namespace data Move initialization to xmlInitSAXParserCtxt. Also add missing XML_HIDDEN to xmlParserNsFree. Fixes #597.

fc496793

2023-10-02T12:05:36

parser: Fix error handling in xmlParseQNameHashed Short-lived regression found by OSS-Fuzz.

6dd87f5e

2023-09-30T17:11:25

malloc-fail: Fix memory leak in xmlParseBalancedChunkMemoryInternal Short-lived regression found by OSS-Fuzz.

f0a703da

2023-09-30T17:05:47

dict: Fix null-deref with empty subdict Short lived regression found by OSS-Fuzz.

61e29b69

2023-09-30T17:02:46

malloc-fail: Grow hash tables before making allocations Fix short-lived memory leak found by OSS-Fuzz.

80a0580f

2023-09-30T15:47:46

xinclude: Expand comment about fuzz timeouts

fa481873

2023-09-30T14:45:53

fuzz: Disable XML_PARSE_SAX1 option in xml fuzzer There a no plans to fix quadratic behavior in the legacy SAX1 interface.

5c150acc

2023-09-29T16:07:45

doc: Add notes about runtest to MAINTAINERS.md

06e2f3a4

2023-09-29T13:18:34

legacy: Add private declarations for stubs Required after 8c084ebd.

0533daf5

2023-09-29T02:45:20

encoding: Fix infinite loop in xmlCharEncInput Short-lived regression from 95e81a36.

e0dd330b

2023-09-29T00:18:44

parser: Use hash tables to avoid quadratic behavior Use a hash table to lookup namespaces by prefix. The hash table stores an index into the namespace table. Auxiliary data for namespaces is stored in a separate array along the main namespace table. Use a hash table to verify attribute uniqueness. The hash table stores an index into the attribute table. Reuse hash value from the dictionary to avoid computing them twice. See #346.

e48f3d8e

2023-09-27T16:47:37

tests: Add more tests for redefined attributes

a873191c

2023-09-25T14:51:35

parser: Introduce xmlParseQNameHashed

cb927e85

2023-09-25T14:35:43

parser: Don't skip CR in xmlCurrentChar Skip over carriage returns later in xmlNextChar.

19161bab

2023-09-25T14:00:48

dict: Internal API to look up hash values

d147f564

2023-09-11T05:37:55

dict: Rewrite dictionary hash table code Rewrite the dictionary hash table to use open addressing with Robin Hood probing. See previous commit.

4a513d56

2023-09-16T19:12:25

hash: Rewrite hash table code This is a complete rewrite of the code in hash.c Move from a chained hash table implementation to open addressing with Robin Hood probing. This allows to increase the maximum fill factor and further reduce the growth factor, saving considerable amounts of memory without sacrificing performance. To make this work, hash values are now cached in the table entry also avoiding many key comparisons. Tables are created lazily with a smaller minimum size. Insertion functions now report an error if growing the table resulted in a memory allocation failure. Some string comparisons were optimized to call directly into libc instead of using the xmlstring API. The length of inserted keys is computed along with the hash improving allocation performance. Bounds checking was made more robust. In dictionary-based mode, unneeded interning of strings is avoided.

4f221a77

2023-09-12T19:08:07

hash: Add hash table tests Make sure to properly test removal from hash tables.

1425d8f6

2023-09-16T19:08:10

dict: Separate RNG code

42a0bc6d

2023-09-16T19:45:30

tests: Add ATTRIBUTE_NO_SANITIZE_INTEGER macro

845bd99f

2023-09-25T00:19:28

string: Fix UTF-8 validation in xmlGetUTF8Char

3e7673bc

2023-09-23T17:31:55

malloc-fail: Report malloc failure in xmlFARegExec

b31813e6

2023-09-28T15:34:08

include: Add more missing stdio.h includes

b8961a75

2023-09-27T17:22:17

parser: Fix reinitialization

c7ff438b

2023-09-10T13:00:31

cmake: Only use pkg-config for .pc files, not for building binaries Using `pkg_check_modules(FOO IMPORTED_TARGET foo)` with `target_link_libraries()` leads to `INTERFACE_LINK_LIBRARIES` in the resulting export file having `\$<LINK_ONLY:PkgConfig::FOO>` rather than the currently expected `\$<LINK_ONLY:FOO::FOO>`, leading to breakage. This can be worked around like so: target_link_libraries(UseFoo PUBLIC "$<BUILD_INTERFACE:PkgConfig::FOO>" INTERFACE "$<INSTALL_INTERFACE:FOO::FOO>" ) However, following some discussion, it is preferable to primarily use find modules as before and only use `pkg_check_modules` for correctly populating the .pc file. Also move `find_package()` calls earlier so that builds fail faster when dependencies are missing.

9d534522

2023-09-10T13:50:18

cmake: Check whether static linking dependencies found in config files If they were required when building libxml2 then they will also be required when statically linking against it. Failing to find them will just lead to undefined references later so detect this early.

8617d8aa

2023-09-10T13:07:49

cmake: Find threads dep early as it may be needed for later checks

b7d56ef7

2023-09-22T17:03:56

malloc-fail: Report malloc failure in xmlRegEpxFromParse Also check whether malloc failures are reported when fuzzing.

d94f0b0b

2023-09-22T15:46:11

doc: Update MAINTAINERS and NEWS

84e1ffc8

2023-09-22T15:44:17

doc: Don't document internal macros in xmlversion.h

b9db3d7d

2023-09-22T15:45:20

parser: Simplify xmlStringCurrentChar Start to move away from using this function.

f98fa863

2023-09-22T15:25:40

regexp: Fix status codes and handle invalid UTF-8 Fixes #561.

b94283fb

2023-09-22T14:23:27

regexp: Add missing include

bc4e82ff

2023-09-22T13:37:28

globals: Don't use thread-local storage on Darwin It seems that thread-local storage destructors are run before pthread thread-specific data destructors on Darwin, defeating our scheme to use TSD to clean up TLS. Here's an example program that reports a use-after-free when compiled with `-fsanitize=address` on macOS: #include <pthread.h> typedef struct { int v; } my_struct; static _Thread_local my_struct tls; pthread_key_t key; void dtor(void *tsd) { my_struct *s = (my_struct *) tsd; /* * This will crash ASan, apparently because * TLS has already been freed. */ s->v = 1; } void *thread(void *p) { pthread_setspecific(key, &tls); return NULL; } int main(void) { pthread_key_create(&key, dtor); pthread_t handle; pthread_create(&handle, NULL, thread, NULL); pthread_join(handle, NULL); return 0; }

45470611

2023-09-21T23:52:52

error: Make xmlGetLastError return a const error This is a slight break of the API, but users really shouldn't modify the global error struct. The goal is to make xmlLastError use static buffers for its strings eventually. This should warn people if they're abusing the struct.

fc26934e

2023-09-21T23:29:18

memory: Fix memory debugging with Windows threads On Windows, malloc hooks can be called after the final call to xmlCleanupParser in various tests. This means that xmlMemMutex can still be accessed if memory debugging is enabled, so the mutex should not be cleaned. This also means that tests may report spurious memory leaks on Windows. The old implementation avoided the issue by keeping track of all global state objects in a doubly linked list, so they could be cleaned during xmlCleanupParser. But as far as I can tell all memory will be freed eventually, so this is mostly an issue with our test suite.

6eb2a00d

2023-09-21T22:58:02

tests: Update testapi.c

8c084ebd

2023-09-21T22:57:33

doc: Make apibuild.py happy

e4091bcf

2023-09-21T22:54:57

doc: Allow 'unsigned' without 'int'

46d7aaec

2023-09-21T22:54:30

doc: Add ignored tokens to apibuild.py

6c4ea468

2023-09-21T21:31:52

python: Fix tests Revert part of commit 138213ac.

05135536

2023-09-21T20:40:32

globals: Fix build --with-threads --without-output Fixes #593.

c5890716

2023-09-21T17:01:35

html: Fix logic in htmlAutoClose Note that the function is never called with a NULL newtag. Fixes #591.

81741ea4

2023-09-21T16:29:28

xmlreader: Fix EOF detection in xmlTextReaderPushData

89ee0369

2023-09-21T15:13:16

python: Fix potential crash in tests/thread2.py Memory debugging must be initialized.

72262030

2023-09-21T14:52:14

parser: Readd some includes to parser.h and xmlreader.h Fix backward compatibility.

9fc5090c

2023-09-16T19:58:42

hash: Clean up libxml/hash.h Rename variables, fix subincludes, whitespace.

de4b270a

2023-09-21T14:31:31

autotools: Make --with-minimum disable lzma support Fix an oversight when handling the --with-minimum option.

f9d717af

2023-09-21T13:05:49

fuzz: Allow to fuzz without push, reader or output modules

fe1bfb34

2023-09-21T12:33:46

gitlab-ci: Add a "medium" config build Also run CI tests with a build where most modules except a few are disabled. This is the minimum configuration required for libxslt: --with-tree --with-xpath --with-output --with-html Also add --with-threads.

e7f0d88b

2023-09-21T01:38:26

build: Remove some GCC warnings -Wnested-externs produces spurious warnings after implicit declaration of functions. -Winline is useless since we don't use inlines. -Wredundant-decls was already removed for autotools.

da274bfa

2023-09-21T01:29:40

build: Fix build when certain modules are disabled

9b5cce7a

2023-09-21T00:44:50

include: Remove more unnecessary includes

f0e8358e

2023-09-20T23:07:58

globals: Final fixes

d6ba4033

2023-09-20T20:49:59

globals: Move remaining declarations to correct places globals.h is now deprecated. Sanity is restored.

1117fae0

2023-09-20T19:20:41

include: Remove unneeded includes

736327df

2023-09-20T19:09:15

include: Break inclusion cycle between tree.h and xmlregexp.h

699299ca

2023-09-20T18:54:39

globals: Stop including globals.h

11a1839d

2023-09-20T17:54:48

globals: Move remaining globals back to correct header files This undoes a lot of damage.

7909ff08

2023-09-20T17:38:26

include: Remove unnecessary includes - Don't include tree.h from encoding.h - Don't include parser.h from xmlIO.h

eb985d6f

2023-09-20T17:17:49

globals: Move error globals back to xmlerror.c

d1336fd3

2023-09-20T17:00:50

globals: Move malloc hooks back to xmlmemory.h

a77f9ab8

2023-09-20T16:57:22

globals: Don't include SAX2.h from globals.h

2e6c49a7

2023-09-20T14:43:14

globals: Don't store xmlParserVersion in global state This is a constant.

0830fcfa

2023-09-20T14:30:12

globals: Deprecate xmlLastError The last error should be accessed with xmlGetLastError.

db8b9722

2023-09-20T13:56:16

parser: Deprecate global parser options Note that setting global options has no effect anyway when using any of the modern parser API functions which take an option argument like xmlReadMemory or when using xmlCtxtUseOptions. Global options only have an effect when using old API functions xmlParse* or xmlSAXParse* or when using an xmlParserCtxt without calling xmlCtxtUseOptions. Unfortunately, many downstream projects still modify global parser options often without realizing that it has no effect. If necessary, switch to the modern API. Then you can safely remove all code that changes global options. Here's a list of deprecated functions and global variables together with the corresponding parser options. - xmlSubstituteEntitiesDefault, xmlSubstituteEntitiesDefaultValue Parser option XML_PARSE_NOENT - xmlKeepBlanksDefault, xmlKeepBlanksDefaultValue Inverse of parser option XML_PARSE_NOBLANKS - xmlPedanticParserDefault, xmlPedanticParserDefaultValue Parser option XML_PARSE_PEDANTIC - xmlLineNumbersDefault, xmlLineNumbersDefaultValue Always enabled by new API - xmlDoValidityCheckingDefaultValue Parser option XML_PARSE_DTDVALID - xmlGetWarningsDefaultValue Inverse of parser option XML_PARSE_NOWARNING - xmlLoadExtDtdDefaultValue Parser options XML_PARSE_DTDLOAD and XML_PARSE_DTDATTR

209516ac

2023-09-20T15:49:03

tests: Don't use deprecated symbols

692a5c40

2023-09-20T13:51:26

xmllint: Don't set deprecated globals

ea29b951

2023-09-20T13:30:01

globals: Abort if lazy allocation of global state failed There's really nothing we can do in this situation, so it's better to abort with an error message.

868b94b8

2023-09-20T13:10:29

globals: Reformat libxml/globals.h

bbf08608

2023-09-20T13:05:02

globals: Move buffer callback declarations to xmlIO.h

dc3382ef

2023-09-20T12:58:03

globals: Move xmlRegisterNodeDefault to tree.c Code in globals.c must not try to access globals itself since the accessor macros aren't defined and we would only see the main variable.

75976742

2023-09-20T12:45:14

globals: Add a few comments

ecbd634c

2023-09-19T17:21:30

threads: Fix double-checked locking in xmlInitParser Hopefully work around the classic problem with double-checked locking: Another thread could read xmlParserInitialized == 1 but doesn't see other initialization results yet due to compiler or hardware reordering. While unlikely, this seems theoretically possible. The solution is to add a memory barrier after initializing the data but before setting xmlParserInitialized. It might be enough to use a second initialization flag which is only used inside the locked section and update xmlParserInitialized after unlocking. But I haven't seen this approach in many articles discussing this issue, so it's possibly flawed as well.

f7a403c2

2023-09-19T13:52:53

globals: Move xmlIsMainThread to globals.c xmlIsMainThread is mainly needed for global variables.

b173b724

2023-09-19T13:17:00

globals: Use thread-local storage if available Also use thread-local storage to store globals on POSIX platforms. Most importantly, this makes sure that global variable access can't fail when allocating the global state struct.

e7b6ca15

2023-09-18T13:25:06

globals: Rework global state destruction on Windows If DllMain is used, rely on it working as expected. The old code seemed to attempt to free global state of other threads if, for some reason, the DllMain mechanism didn't work. In a static build, register a destructor with RegisterWaitForSingleObject. Make public functions xmlGetGlobalState and xmlInitializeGlobalState no-ops. Move initialization and registration of global state objects to xmlInitGlobalState. Lookup global state with xmlGetThreadLocalStorage which can be inlined nicely. Also cleanup global state when using TLS. xmlLastError must be reset.

39a275a5

2023-09-18T21:25:35

globals: Define globals using macros Declare and define globals and helper functions by (ab)using the preprocessor.

kc3-lang/libxml2

Log