kmx git

Commit	Date	Message
3adb396d	2024-09-07T15:18:13	html: Parse bogus comments instead of ignoring them Also treat XML processing instructions as bogus comments.
84440175	2024-09-07T14:21:12	html: Add missing calls to htmlCheckParagraph()
0d324bde	2024-09-07T03:45:09	html: Simplify node info accounting
59511792	2024-09-03T15:52:44	html: Parse named character references according to HTML5
dcb2abb2	2023-05-04T15:16:29	html: Parse tag and attribute names according to HTML5 HTML5 allows bascially all characters in tag and attribute names.
d5cd0f07	2022-07-15T17:00:36	html: Prefer SKIP(1) over NEXT in HTML parser Use SKIP(1) where it's safe to avoid a function call.
ccb61f59	2024-09-07T03:15:50	html: Remove duplicate calls to htmlAutoClose
dc2d4983	2023-05-04T17:47:38	html: Rework htmlLookupSequence Rename to htmlLookupString and use strstr for increased performance.
637215a4	2023-05-04T17:16:51	html: Always terminate doctype declarations on '>' Align with HTML5 spec. This allows to remove the old quote handling in htmlLookupSequence.
86d6b9b0	2024-09-07T04:18:06	html: Deduplicate some code
72e29f9a	2023-05-04T17:03:22	html: Fix quadratic behavior in push parser Fix quadratic behavior related to unquoted attribute values. We really have to replicate parts of the HTML5 state machine to find the end of tags relibably. Fixes #533.
a80f8b64	2023-05-04T15:59:31	html: Allow attributes in end tags Attribute are syntactically allowed in HTML5 end tags but otherwise ignored.
f9ed30e9	2024-09-06T17:49:04	html: HTML5 character data states
f2272c23	2023-05-04T15:33:27	html: Handle unexpected-solidus-in-tag according to HTML5
939b53ee	2023-05-04T15:25:24	html: Stop skipping tag content Tag and attributes names should always be parsed succesfully now.
5d36664f	2024-07-16T00:35:53	memory: Deprecate xmlGcMemSetup
8af55c8d	2024-07-06T22:14:21	parser: Rename new input API functions These weren't made public yet.
d74ca594	2024-07-06T22:04:06	parser: Rename internal xmlNewInput functions
4f329dc5	2024-07-10T03:27:47	parser: Implement xmlCtxtParseContent This implements xmlCtxtParseContent, a better alternative to xmlParseInNodeContext or xmlParseBalancedChunkMemory. It accepts a parser context and a parser input, making it a lot more versatile. xmlParseInNodeContext is now implemented in terms of xmlCtxtParseContent. This makes sure that xmlParseInNodeContext never modifies the target document, improving thread safety. xmlParseInNodeContext is also more lenient now with regard to undeclared entities. Fixes #727.
2e63656e	2024-07-07T19:21:46	parser: Check return value of inputPush inputPush typically doesn't fail because we pre-allocate the input table. The return value should be checked nevertheless.
fdfeecfe	2024-07-02T21:54:26	parser: Reenable ctxt->directory Unused internally, but used in downstream code. Should fix #753.
30ef7755	2024-07-02T04:02:16	parser: Don't use deprecated xmlCopyChar
dd8e3785	2024-06-28T21:15:27	HTML: Rework UTF8ToHtml Optimize code. Check for XML_ENC_ERR_SPACE. Use error macros.
f505dcae	2024-06-26T14:11:34	tree: Remove underscores from xmlRegisterCallbacks
1112699c	2024-06-17T02:42:18	legacy: Remove most legacy functions from public headers Also remove warning messages.
039ce1e8	2024-06-14T16:41:43	parser: Pass global object to sax->setDocumentLocator Revert part of commit c011e760. Fixes #732.
89fcae4d	2024-06-11T16:19:58	parser: Don't report malloc failures when creating context We don't want messages to stderr before an error handler could be set on a parser context.
e75e878e	2024-05-20T13:58:22	doc: Update and fix documentation
a4c2b723	2024-05-05T17:26:31	io: Don't set close callback in xmlParserInputBufferCreateFd
05654cfe	2024-04-28T17:54:20	html: Deprecate htmlHandleOmittedElem
aa04838e	2024-03-26T14:10:58	html: Use binary search in htmlEntityValueLookup
3efbe916	2024-01-05T00:11:29	parser: Mark 'token' member as unused in xmlParserCtxt
b82fd81d	2024-01-04T23:25:06	parser: Rework xmlCtxtParseDocument Make xmlCtxtParseDocument take a parser input which can be popped after parsing.
7e0bbbc1	2023-12-27T18:33:30	parser: New input API Provide a new set of functions to create xmlParserInputs. These can be used for the document entity or from external entity loaders. - Don't require xmlParserInputBuffer. - All functions take a base URI. - All functions take an encoding as string. - xmlNewInputURL also takes a public ID. - xmlNewInputMemory takes a size_t. - Optimization hints for memory buffers. Improve documentation. Only call xmlInitParser before allocating a new parser context. Call xmlCtxtUseOptions as early as possible.
6a9a88a1	2023-12-26T03:13:05	parser: Move progressive flag into input struct
d944a415	2023-12-26T02:10:35	parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.
477a7ed8	2023-12-28T19:06:32	html: Abort earlier on fatal errors
c1bddd4c	2023-12-23T01:09:17	parser: Mark 'length' member of xmlParserInput as unused
955c177f	2023-12-23T00:58:36	parser: Stop using 'directory' struct member This was only used as a pointless fallback for URI resolution.
8cd56317	2023-12-21T02:32:01	html: Don't close fd in htmlCtxtReadFd Long-standing bug. The XML fix from 2003 was never ported to the HTML parser. htmlReadFd was fixed with fe6890e2.
13043691	2023-12-20T00:33:34	parser: Rename xmlErrParser to xmlCtxtErr
8d0aaf4b	2023-12-19T20:47:36	parser: Remove xmlErrEncoding Use xmlFatalErr or xmlCtxtErrIO.
54c70ed5	2023-12-18T19:31:29	parser: Improve error handling Introduce xmlCtxtSetErrorHandler allowing to set a structured error for a parser context. There already was the "serror" SAX handler but this always receives the parser context as argument. Start to use xmlRaiseMemoryError. Remove useless arguments from memory error functions. Rename xmlErrMemory to xmlCtxtErrMemory. Remove a few calls to xmlGenericError. Remove support for runtime entity debugging.
c2bbeed1	2023-12-12T23:51:32	io: Fix memory lifetime issue with input buffers xmlParserInputBufferCreateMem must make a copy of the buffer. This fixes a regression from 2.11 which could cause reads from freed memory depending on the use case. Undeprecate xmlParserInputBufferCreateStatic which can avoid copying the whole buffer.
abd74186	2023-12-10T19:07:32	html: Report malloc failures Fix many places where malloc failures aren't reported. Stop checking for ctxt->instate.
c011e760	2023-12-06T01:09:31	globals: Remove unused globals from thread storage Setting these deprecated globals hasn't had an effect for a long time. Make them constants. This reduces the size of per-thread storage from ~700 to ~250 bytes.
c7629c9e	2023-11-30T16:52:34	parser: Clarify documentation regarding xmlReadMemory buffer size Fixes #638.
e3959461	2023-11-30T16:15:46	html: Reenable buggy detection of XML declarations Switch to UTF-8 if a document starts with '<?xm' to match old behavior. Also enable this check in the push parser. Fixes #637.
ff6c3188	2023-11-23T15:22:59	include: Remove useless 'const' from function arguments
b9db3d7d	2023-09-22T15:45:20	parser: Simplify xmlStringCurrentChar Start to move away from using this function.
8c084ebd	2023-09-21T22:57:33	doc: Make apibuild.py happy
c5890716	2023-09-21T17:01:35	html: Fix logic in htmlAutoClose Note that the function is never called with a NULL newtag. Fixes #591.
9b5cce7a	2023-09-21T00:44:50	include: Remove more unnecessary includes
11a1839d	2023-09-20T17:54:48	globals: Move remaining globals back to correct header files This undoes a lot of damage.
4e1c13eb	2023-09-18T14:45:10	debug: Remove debugging code This is barely useful these days and only clutters the code base.
e48f2695	2023-08-29T17:41:18	parser: Remove push parser debugging code
0d24fc0a	2023-08-14T12:53:49	html: Remove encoding hack in htmlCreateFileParserCtxt Switch encoding directly instead of calling htmlCheckEncoding with faked content.
5db5a704	2023-08-09T18:39:14	html: Fix UAF in htmlCurrentChar Short-lived regression found by OSS-Fuzz.
95e81a36	2023-08-08T15:21:31	parser: Decode all data in xmlCharEncInput Even with flush set to true, xmlCharEncInput didn't guarantee to decode all data. This complicated the push parser. Remove the flush flag and always decode all available data. Also fix ICU code where the flush flag has a different meaning. Always set flush to false and retry even with empty input buffers.
834b8123	2023-08-08T15:21:28	parser: Stream data when reading from memory Don't create a copy of the whole input buffer. Read the data chunk by chunk to save memory. Historically, it was probably envisioned to read data from memory without additional copying. This doesn't work reliably with the current design of the XML parser which requires a terminating null byte at the end of input buffers. This lead to xmlReadMemory interfaces, which expect pointer and size arguments, being changed to make a zero-terminated copy of the input buffer. Interfaces based on xmlReadDoc, which actually expect a zero-terminated string and would make zero-copy operation work, were then simplified to rely on xmlReadMemoryi, resulting in an unnecessary copy. To avoid copying (possibly gigabytes) of memory temporarily, we now stream in-memory input just like content read from files in a chunk-by-chunk fashion (using a somewhat outdated INPUT_CHUNK size of 250 bytes). As a side effect, we also avoid another copy of the whole input when handling non-UTF-8 data which was made possible by some earlier commits. Interfaces expecting zero-terminated strings now make use of strnlen which unfortunately isn't part of the standard C library and only mandated since POSIX 2008.
facc2a06	2023-08-08T15:21:21	parser: Don't overwrite EOF parser state
59fa0bb3	2023-08-08T15:21:14	parser: Simplify input pointer updates The base member always points to the beginning of the buffer.
ec7be506	2023-08-08T15:19:46	parser: Rework encoding detection Introduce XML_INPUT_HAS_ENCODING flag for xmlParserInput which is set when xmlSwitchEncoding is called. The parser can use the flag to reliably detect whether an encoding was already set via user override, BOM or other auto-detection. In this case, the encoding declaration won't be used to switch the encoding. Before, an inscrutable mix of ctxt->charset, ctxt->input->encoding and ctxt->input->buf->encoder was used. Introduce private helper functions to switch encodings used by both the XML and HTML parser: - xmlDetectEncoding which skips over the BOM, allowing to remove the BOM checks from other encoding functions. - xmlSetDeclaredEncoding, replacing htmlCheckEncodingDirect, which warns about encoding mismatches. If users override the encoding, store the declared instead of the actual encoding in xmlDoc. In this case, the actual encoding is known and the raw value from the doc is more useful. Also use the input flags to store the ISO-8859-1 fallback state. Restrict the fallback to cases where no encoding was specified. (The fallback is only useful in recovery mode and these days broken UTF-8 is probably more likely than ISO-8859-1, so it might eventually be removed completely.) The 'charset' member of xmlParserCtxt is now unused. The 'encoding' member of xmlParserInput is now unused. The 'standalone' member of xmlParserInput is renamed to 'flags'. A new parser state XML_PARSER_XML_DECL is added for the push parser.
3a64f394	2023-08-08T15:19:25	html: Remove some debugging code in htmlParseTryOrFinish
20f5c734	2023-06-07T14:05:34	parser: Recover more input from encoding errors Don't halt the parser in xmlParserGrow to allow more input to be recovered in case of encoding errors. Fixes #543.
320f5084	2023-04-30T18:25:09	parser: Improve handling of encoding and IO errors Make sure that xmlCharEncInput, xmlParserInputBufferPush and xmlParserInputBufferGrow set the correct error code in the xmlParserInputBuffer. Handle errors when calling these functions.
1061537e	2023-03-26T22:40:54	malloc-fail: Fix buffer overread with HTML doctype declarations Found by OSS-Fuzz, see #344.
7fbd454d	2023-03-21T13:26:36	parser: Grow input buffer earlier when reading characters Make more bytes available after invoking CUR_CHAR or NEXT.
04d1bedd	2023-03-21T13:08:44	parser: Rework shrinking of input buffers Don't try to grow the input buffer in xmlParserShrink. This makes sure that no memory allocations are made and the function always succeeds. Remove unnecessary invocations of SHRINK. Invoke SHRINK at the end of DTD parsing loops. Shrink before growing.
44ecefc8	2023-03-20T15:52:38	malloc-fail: Fix buffer overread after htmlParseScript Found by OSS-Fuzz, see #344.
067986fa	2023-03-18T14:44:28	parser: Fix regressions from previous commits - Fix memory leak in xmlParseNmtoken. - Fix buffer overread after htmlParseCharDataInternal.
9ef2a9ab	2023-03-17T14:06:28	html: Rely on CUR_CHAR to grow the input buffer - Remove useless invocations of GROW. - Add some error checks. - Fix invocations of SHRINK.
62f199ed	2023-03-17T12:40:46	malloc-fail: Add error check in htmlParseHTMLAttribute This function must return NULL is an error occurs. Found by OSS-Fuzz, see #344.
8090e585	2023-03-17T12:27:07	malloc-fail: Fix buffer overread in htmlParseScript Found by OSS-Fuzz, see #344.
ca2bfece	2023-03-15T16:18:11	malloc-fail: Fix buffer overread when reading from input Found by OSS-Fuzz, see #344.
4b3452d1	2023-03-15T16:56:36	html: Fix quadratic behavior in htmlParseTryOrFinish Fix check for end of script content. Found by OSS-Fuzz.
14c62e0d	2023-03-15T16:22:13	html: Use NEXTL in htmlParseHTMLAttribute This is more efficient than NEXT.
2099441f	2023-03-13T17:51:13	parser: Stop calling xmlParserInputShrink Introduce xmlParserShrink which takes a parser context to simplify error handling.
cabde70f	2023-03-12T19:07:23	parser: Simplify calculation of available buffer space
b75976e0	2023-03-12T19:06:19	parser: Use size_t when subtracting input buffer pointers Avoid integer overflows.
9a6ca816	2023-03-12T19:03:11	parser: Check for integer overflow when updating checkIndex Unfortunately, checkIndex is a long, not a size_t. Check for integer overflow before updating the value.
bd63d730	2023-03-12T17:40:55	html: Impose some length limits Impose length limits on names, attribute values, PIs and comments, similar to the XML parser.
3eb6bf03	2023-03-12T16:47:15	parser: Stop calling xmlParserInputGrow Introduce xmlParserGrow which takes a parser context to simplify error handling.
53d1cc98	2023-02-16T15:09:32	malloc-fail: Fix error code in htmlParseChunk Found with libFuzzer, see #344.
15b0ed08	2023-02-16T15:09:02	malloc-fail: Fix infinite loop in htmlParseDocTypeDecl Found with libFuzzer, see #344.
041789d9	2023-02-16T15:02:08	malloc-fail: Fix null deref in htmlnamePush Found with libFuzzer, see #344.
0ec9c910	2023-02-16T14:57:24	malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.
04c29551	2023-02-16T14:53:29	malloc-fail: Fix infinite loop in htmlParseContentInternal Found with libFuzzer, see #344.
f3e62035	2023-02-16T14:49:06	malloc-fail: Fix memory leak in htmlCreatePushParserCtxt Found with libFuzzer, see #344.
fc256953	2023-02-16T14:47:41	malloc-fail: Fix memory leak in htmlCreateMemoryParserCtxt Found with libFuzzer, see #344.
643b4e90	2023-02-16T14:45:06	malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.
59b33661	2022-12-27T14:15:51	error: Limit number of parser errors Reporting errors is expensive and some abusive test cases can generate an error for each invalid input byte. This causes the parser to spend most of the time with error handling. Limit the number of errors and warnings to 100.
4b959ee1	2022-12-01T13:23:09	Remove hacky heuristic from b2dc5675e94aa6b5557ba63f7d66b0f08dd17e4d Checking whether the context is close to the parent context by hardcoding 250 is not portable (I noticed tests were failing on Morello since the value is 288 there due to pointers being 128 bits). Instead we should ensure that the XML_VCTXT_USE_PCTXT flag is not set in cases where the user data is not actually a parser context (or ideally add a separate field but that would be an ABI break. From what I can see in the source, the XML_VCTXT_USE_PCTXT is only set if the userData field points to a valid context, and if this is not the case the flag should be cleared when changing userData rather than relying on the offset between the two. Looking at the history, I think d7cb33cf44aa688f24215c9cd398c1a26f0d25ff fixed most of the need for this workaround, but it looks like there are a few more locations that need updating; This commit changes two more places to set/clear/copy the XML_VCTXT_USE_PCTXT flag, so this heuristic should not be needed anymore. I've also drop two = NULL assignment in xmllint since this is not needed after a call to memset(). There was also an uninitialized vctxt.flags (and other fields) in `xmlShellValidate()`, which I've fixed by adding a memset() call.
c715ded0	2022-12-01T12:53:15	Avoid creating an out-of-bounds pointer by rewriting a check Creating more than one-past-the-end pointers is undefined behaviour in C and while this code is unlikely to be miscompiled, I discovered that an out-of-bounds pointer is being created using UBSan on a CHERI-enabled system.
c7a9b85c	2022-11-30T17:11:33	html: Improve parsing of nested lists Allow ul/ol as immediate children of ul/ol. This is more in line with the HTML5 spec. Fixes #447.
e414f825	2022-11-25T15:01:22	html: Fix htmlInitAutoClose documentation
c9367938	2022-11-20T19:54:34	html: Fix check for end of comment in push parser Make sure to reset checkIndex. Handle case where "--" or "--!" is at the end of the buffer. Fix "avail" check in htmlParseOrTryFinish.
68a6518c	2022-11-15T18:23:33	parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.
6843fc72	2022-09-01T02:58:00	Remove or annotate char casts
2cac6269	2022-09-01T03:14:13	Don't use sizeof(xmlChar) or sizeof(char)

3adb396d

2024-09-07T15:18:13

html: Parse bogus comments instead of ignoring them Also treat XML processing instructions as bogus comments.

84440175

2024-09-07T14:21:12

html: Add missing calls to htmlCheckParagraph()

0d324bde

2024-09-07T03:45:09

html: Simplify node info accounting

59511792

2024-09-03T15:52:44

html: Parse named character references according to HTML5

dcb2abb2

2023-05-04T15:16:29

html: Parse tag and attribute names according to HTML5 HTML5 allows bascially all characters in tag and attribute names.

d5cd0f07

2022-07-15T17:00:36

html: Prefer SKIP(1) over NEXT in HTML parser Use SKIP(1) where it's safe to avoid a function call.

ccb61f59

2024-09-07T03:15:50

html: Remove duplicate calls to htmlAutoClose

dc2d4983

2023-05-04T17:47:38

html: Rework htmlLookupSequence Rename to htmlLookupString and use strstr for increased performance.

637215a4

2023-05-04T17:16:51

html: Always terminate doctype declarations on '>' Align with HTML5 spec. This allows to remove the old quote handling in htmlLookupSequence.

86d6b9b0

2024-09-07T04:18:06

html: Deduplicate some code

72e29f9a

2023-05-04T17:03:22

html: Fix quadratic behavior in push parser Fix quadratic behavior related to unquoted attribute values. We really have to replicate parts of the HTML5 state machine to find the end of tags relibably. Fixes #533.

a80f8b64

2023-05-04T15:59:31

html: Allow attributes in end tags Attribute are syntactically allowed in HTML5 end tags but otherwise ignored.

f9ed30e9

2024-09-06T17:49:04

html: HTML5 character data states

f2272c23

2023-05-04T15:33:27

html: Handle unexpected-solidus-in-tag according to HTML5

939b53ee

2023-05-04T15:25:24

html: Stop skipping tag content Tag and attributes names should always be parsed succesfully now.

5d36664f

2024-07-16T00:35:53

memory: Deprecate xmlGcMemSetup

8af55c8d

2024-07-06T22:14:21

parser: Rename new input API functions These weren't made public yet.

d74ca594

2024-07-06T22:04:06

parser: Rename internal xmlNewInput functions

4f329dc5

2024-07-10T03:27:47

parser: Implement xmlCtxtParseContent This implements xmlCtxtParseContent, a better alternative to xmlParseInNodeContext or xmlParseBalancedChunkMemory. It accepts a parser context and a parser input, making it a lot more versatile. xmlParseInNodeContext is now implemented in terms of xmlCtxtParseContent. This makes sure that xmlParseInNodeContext never modifies the target document, improving thread safety. xmlParseInNodeContext is also more lenient now with regard to undeclared entities. Fixes #727.

2e63656e

2024-07-07T19:21:46

parser: Check return value of inputPush inputPush typically doesn't fail because we pre-allocate the input table. The return value should be checked nevertheless.

fdfeecfe

2024-07-02T21:54:26

parser: Reenable ctxt->directory Unused internally, but used in downstream code. Should fix #753.

30ef7755

2024-07-02T04:02:16

parser: Don't use deprecated xmlCopyChar

dd8e3785

2024-06-28T21:15:27

HTML: Rework UTF8ToHtml Optimize code. Check for XML_ENC_ERR_SPACE. Use error macros.

f505dcae

2024-06-26T14:11:34

tree: Remove underscores from xmlRegisterCallbacks

1112699c

2024-06-17T02:42:18

legacy: Remove most legacy functions from public headers Also remove warning messages.

039ce1e8

2024-06-14T16:41:43

parser: Pass global object to sax->setDocumentLocator Revert part of commit c011e760. Fixes #732.

89fcae4d

2024-06-11T16:19:58

parser: Don't report malloc failures when creating context We don't want messages to stderr before an error handler could be set on a parser context.

e75e878e

2024-05-20T13:58:22

doc: Update and fix documentation

a4c2b723

2024-05-05T17:26:31

io: Don't set close callback in xmlParserInputBufferCreateFd

05654cfe

2024-04-28T17:54:20

html: Deprecate htmlHandleOmittedElem

aa04838e

2024-03-26T14:10:58

html: Use binary search in htmlEntityValueLookup

3efbe916

2024-01-05T00:11:29

parser: Mark 'token' member as unused in xmlParserCtxt

b82fd81d

2024-01-04T23:25:06

parser: Rework xmlCtxtParseDocument Make xmlCtxtParseDocument take a parser input which can be popped after parsing.

7e0bbbc1

2023-12-27T18:33:30

parser: New input API Provide a new set of functions to create xmlParserInputs. These can be used for the document entity or from external entity loaders. - Don't require xmlParserInputBuffer. - All functions take a base URI. - All functions take an encoding as string. - xmlNewInputURL also takes a public ID. - xmlNewInputMemory takes a size_t. - Optimization hints for memory buffers. Improve documentation. Only call xmlInitParser before allocating a new parser context. Call xmlCtxtUseOptions as early as possible.

6a9a88a1

2023-12-26T03:13:05

parser: Move progressive flag into input struct

d944a415

2023-12-26T02:10:35

parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.

477a7ed8

2023-12-28T19:06:32

html: Abort earlier on fatal errors

c1bddd4c

2023-12-23T01:09:17

parser: Mark 'length' member of xmlParserInput as unused

955c177f

2023-12-23T00:58:36

parser: Stop using 'directory' struct member This was only used as a pointless fallback for URI resolution.

8cd56317

2023-12-21T02:32:01

html: Don't close fd in htmlCtxtReadFd Long-standing bug. The XML fix from 2003 was never ported to the HTML parser. htmlReadFd was fixed with fe6890e2.

13043691

2023-12-20T00:33:34

parser: Rename xmlErrParser to xmlCtxtErr

8d0aaf4b

2023-12-19T20:47:36

parser: Remove xmlErrEncoding Use xmlFatalErr or xmlCtxtErrIO.

54c70ed5

2023-12-18T19:31:29

parser: Improve error handling Introduce xmlCtxtSetErrorHandler allowing to set a structured error for a parser context. There already was the "serror" SAX handler but this always receives the parser context as argument. Start to use xmlRaiseMemoryError. Remove useless arguments from memory error functions. Rename xmlErrMemory to xmlCtxtErrMemory. Remove a few calls to xmlGenericError. Remove support for runtime entity debugging.

c2bbeed1

2023-12-12T23:51:32

io: Fix memory lifetime issue with input buffers xmlParserInputBufferCreateMem must make a copy of the buffer. This fixes a regression from 2.11 which could cause reads from freed memory depending on the use case. Undeprecate xmlParserInputBufferCreateStatic which can avoid copying the whole buffer.

abd74186

2023-12-10T19:07:32

html: Report malloc failures Fix many places where malloc failures aren't reported. Stop checking for ctxt->instate.

c011e760

2023-12-06T01:09:31

globals: Remove unused globals from thread storage Setting these deprecated globals hasn't had an effect for a long time. Make them constants. This reduces the size of per-thread storage from ~700 to ~250 bytes.

c7629c9e

2023-11-30T16:52:34

parser: Clarify documentation regarding xmlReadMemory buffer size Fixes #638.

e3959461

2023-11-30T16:15:46

html: Reenable buggy detection of XML declarations Switch to UTF-8 if a document starts with '<?xm' to match old behavior. Also enable this check in the push parser. Fixes #637.

ff6c3188

2023-11-23T15:22:59

include: Remove useless 'const' from function arguments

b9db3d7d

2023-09-22T15:45:20

parser: Simplify xmlStringCurrentChar Start to move away from using this function.

8c084ebd

2023-09-21T22:57:33

doc: Make apibuild.py happy

c5890716

2023-09-21T17:01:35

html: Fix logic in htmlAutoClose Note that the function is never called with a NULL newtag. Fixes #591.

9b5cce7a

2023-09-21T00:44:50

include: Remove more unnecessary includes

11a1839d

2023-09-20T17:54:48

globals: Move remaining globals back to correct header files This undoes a lot of damage.

4e1c13eb

2023-09-18T14:45:10

debug: Remove debugging code This is barely useful these days and only clutters the code base.

e48f2695

2023-08-29T17:41:18

parser: Remove push parser debugging code

0d24fc0a

2023-08-14T12:53:49

html: Remove encoding hack in htmlCreateFileParserCtxt Switch encoding directly instead of calling htmlCheckEncoding with faked content.

5db5a704

2023-08-09T18:39:14

html: Fix UAF in htmlCurrentChar Short-lived regression found by OSS-Fuzz.

95e81a36

2023-08-08T15:21:31

parser: Decode all data in xmlCharEncInput Even with flush set to true, xmlCharEncInput didn't guarantee to decode all data. This complicated the push parser. Remove the flush flag and always decode all available data. Also fix ICU code where the flush flag has a different meaning. Always set flush to false and retry even with empty input buffers.

834b8123

2023-08-08T15:21:28

parser: Stream data when reading from memory Don't create a copy of the whole input buffer. Read the data chunk by chunk to save memory. Historically, it was probably envisioned to read data from memory without additional copying. This doesn't work reliably with the current design of the XML parser which requires a terminating null byte at the end of input buffers. This lead to xmlReadMemory interfaces, which expect pointer and size arguments, being changed to make a zero-terminated copy of the input buffer. Interfaces based on xmlReadDoc, which actually expect a zero-terminated string and would make zero-copy operation work, were then simplified to rely on xmlReadMemoryi, resulting in an unnecessary copy. To avoid copying (possibly gigabytes) of memory temporarily, we now stream in-memory input just like content read from files in a chunk-by-chunk fashion (using a somewhat outdated INPUT_CHUNK size of 250 bytes). As a side effect, we also avoid another copy of the whole input when handling non-UTF-8 data which was made possible by some earlier commits. Interfaces expecting zero-terminated strings now make use of strnlen which unfortunately isn't part of the standard C library and only mandated since POSIX 2008.

facc2a06

2023-08-08T15:21:21

parser: Don't overwrite EOF parser state

59fa0bb3

2023-08-08T15:21:14

parser: Simplify input pointer updates The base member always points to the beginning of the buffer.

ec7be506

2023-08-08T15:19:46

parser: Rework encoding detection Introduce XML_INPUT_HAS_ENCODING flag for xmlParserInput which is set when xmlSwitchEncoding is called. The parser can use the flag to reliably detect whether an encoding was already set via user override, BOM or other auto-detection. In this case, the encoding declaration won't be used to switch the encoding. Before, an inscrutable mix of ctxt->charset, ctxt->input->encoding and ctxt->input->buf->encoder was used. Introduce private helper functions to switch encodings used by both the XML and HTML parser: - xmlDetectEncoding which skips over the BOM, allowing to remove the BOM checks from other encoding functions. - xmlSetDeclaredEncoding, replacing htmlCheckEncodingDirect, which warns about encoding mismatches. If users override the encoding, store the declared instead of the actual encoding in xmlDoc. In this case, the actual encoding is known and the raw value from the doc is more useful. Also use the input flags to store the ISO-8859-1 fallback state. Restrict the fallback to cases where no encoding was specified. (The fallback is only useful in recovery mode and these days broken UTF-8 is probably more likely than ISO-8859-1, so it might eventually be removed completely.) The 'charset' member of xmlParserCtxt is now unused. The 'encoding' member of xmlParserInput is now unused. The 'standalone' member of xmlParserInput is renamed to 'flags'. A new parser state XML_PARSER_XML_DECL is added for the push parser.

3a64f394

2023-08-08T15:19:25

html: Remove some debugging code in htmlParseTryOrFinish

20f5c734

2023-06-07T14:05:34

parser: Recover more input from encoding errors Don't halt the parser in xmlParserGrow to allow more input to be recovered in case of encoding errors. Fixes #543.

320f5084

2023-04-30T18:25:09

parser: Improve handling of encoding and IO errors Make sure that xmlCharEncInput, xmlParserInputBufferPush and xmlParserInputBufferGrow set the correct error code in the xmlParserInputBuffer. Handle errors when calling these functions.

1061537e

2023-03-26T22:40:54

malloc-fail: Fix buffer overread with HTML doctype declarations Found by OSS-Fuzz, see #344.

7fbd454d

2023-03-21T13:26:36

parser: Grow input buffer earlier when reading characters Make more bytes available after invoking CUR_CHAR or NEXT.

04d1bedd

2023-03-21T13:08:44

parser: Rework shrinking of input buffers Don't try to grow the input buffer in xmlParserShrink. This makes sure that no memory allocations are made and the function always succeeds. Remove unnecessary invocations of SHRINK. Invoke SHRINK at the end of DTD parsing loops. Shrink before growing.

44ecefc8

2023-03-20T15:52:38

malloc-fail: Fix buffer overread after htmlParseScript Found by OSS-Fuzz, see #344.

067986fa

2023-03-18T14:44:28

parser: Fix regressions from previous commits - Fix memory leak in xmlParseNmtoken. - Fix buffer overread after htmlParseCharDataInternal.

9ef2a9ab

2023-03-17T14:06:28

html: Rely on CUR_CHAR to grow the input buffer - Remove useless invocations of GROW. - Add some error checks. - Fix invocations of SHRINK.

62f199ed

2023-03-17T12:40:46

malloc-fail: Add error check in htmlParseHTMLAttribute This function must return NULL is an error occurs. Found by OSS-Fuzz, see #344.

8090e585

2023-03-17T12:27:07

malloc-fail: Fix buffer overread in htmlParseScript Found by OSS-Fuzz, see #344.

ca2bfece

2023-03-15T16:18:11

malloc-fail: Fix buffer overread when reading from input Found by OSS-Fuzz, see #344.

4b3452d1

2023-03-15T16:56:36

html: Fix quadratic behavior in htmlParseTryOrFinish Fix check for end of script content. Found by OSS-Fuzz.

14c62e0d

2023-03-15T16:22:13

html: Use NEXTL in htmlParseHTMLAttribute This is more efficient than NEXT.

2099441f

2023-03-13T17:51:13

parser: Stop calling xmlParserInputShrink Introduce xmlParserShrink which takes a parser context to simplify error handling.

cabde70f

2023-03-12T19:07:23

parser: Simplify calculation of available buffer space

b75976e0

2023-03-12T19:06:19

parser: Use size_t when subtracting input buffer pointers Avoid integer overflows.

9a6ca816

2023-03-12T19:03:11

parser: Check for integer overflow when updating checkIndex Unfortunately, checkIndex is a long, not a size_t. Check for integer overflow before updating the value.

bd63d730

2023-03-12T17:40:55

html: Impose some length limits Impose length limits on names, attribute values, PIs and comments, similar to the XML parser.

3eb6bf03

2023-03-12T16:47:15

parser: Stop calling xmlParserInputGrow Introduce xmlParserGrow which takes a parser context to simplify error handling.

53d1cc98

2023-02-16T15:09:32

malloc-fail: Fix error code in htmlParseChunk Found with libFuzzer, see #344.

15b0ed08

2023-02-16T15:09:02

malloc-fail: Fix infinite loop in htmlParseDocTypeDecl Found with libFuzzer, see #344.

041789d9

2023-02-16T15:02:08

malloc-fail: Fix null deref in htmlnamePush Found with libFuzzer, see #344.

0ec9c910

2023-02-16T14:57:24

malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.

04c29551

2023-02-16T14:53:29

malloc-fail: Fix infinite loop in htmlParseContentInternal Found with libFuzzer, see #344.

f3e62035

2023-02-16T14:49:06

malloc-fail: Fix memory leak in htmlCreatePushParserCtxt Found with libFuzzer, see #344.

fc256953

2023-02-16T14:47:41

malloc-fail: Fix memory leak in htmlCreateMemoryParserCtxt Found with libFuzzer, see #344.

643b4e90

2023-02-16T14:45:06

malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.

59b33661

2022-12-27T14:15:51

error: Limit number of parser errors Reporting errors is expensive and some abusive test cases can generate an error for each invalid input byte. This causes the parser to spend most of the time with error handling. Limit the number of errors and warnings to 100.

4b959ee1

2022-12-01T13:23:09

Remove hacky heuristic from b2dc5675e94aa6b5557ba63f7d66b0f08dd17e4d Checking whether the context is close to the parent context by hardcoding 250 is not portable (I noticed tests were failing on Morello since the value is 288 there due to pointers being 128 bits). Instead we should ensure that the XML_VCTXT_USE_PCTXT flag is not set in cases where the user data is not actually a parser context (or ideally add a separate field but that would be an ABI break. From what I can see in the source, the XML_VCTXT_USE_PCTXT is only set if the userData field points to a valid context, and if this is not the case the flag should be cleared when changing userData rather than relying on the offset between the two. Looking at the history, I think d7cb33cf44aa688f24215c9cd398c1a26f0d25ff fixed most of the need for this workaround, but it looks like there are a few more locations that need updating; This commit changes two more places to set/clear/copy the XML_VCTXT_USE_PCTXT flag, so this heuristic should not be needed anymore. I've also drop two = NULL assignment in xmllint since this is not needed after a call to memset(). There was also an uninitialized vctxt.flags (and other fields) in `xmlShellValidate()`, which I've fixed by adding a memset() call.

c715ded0

2022-12-01T12:53:15

Avoid creating an out-of-bounds pointer by rewriting a check Creating more than one-past-the-end pointers is undefined behaviour in C and while this code is unlikely to be miscompiled, I discovered that an out-of-bounds pointer is being created using UBSan on a CHERI-enabled system.

c7a9b85c

2022-11-30T17:11:33

html: Improve parsing of nested lists Allow ul/ol as immediate children of ul/ol. This is more in line with the HTML5 spec. Fixes #447.

e414f825

2022-11-25T15:01:22

html: Fix htmlInitAutoClose documentation

c9367938

2022-11-20T19:54:34

html: Fix check for end of comment in push parser Make sure to reset checkIndex. Handle case where "--" or "--!" is at the end of the buffer. Fix "avail" check in htmlParseOrTryFinish.

68a6518c

2022-11-15T18:23:33

parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.

6843fc72

2022-09-01T02:58:00

Remove or annotate char casts

2cac6269

2022-09-01T03:14:13

Don't use sizeof(xmlChar) or sizeof(char)

kc3-lang/libxml2/HTMLparser.c

HTMLparser.c

Log