kmx git

Commit	Date	Message
4bd66d45	2025-01-29T13:11:38	Mention contributors in Copyright To clarify that libxml2 is the work of many people, add the following copyright notice to Copyright: Copyright (C) The Libxml2 Contributors.
fdc73dd0	2025-01-29T12:58:31	README: Fix CMake example options zlib is disabled by default now.
64bfe1f7	2025-01-29T12:48:50	README: Add note about security issues
93506d41	2025-01-29T00:17:01	parser: Make catalog PIs opt-in This is an obscure feature that shouldn't be enabled by default.
1082d813	2025-01-28T23:21:34	parser: Prepare to make decompression opt-in Add a new parser option XML_PARSE_UNZIP that enables decompression. xmlReadFile, xmlCtxtReadFile and xmlCreateURLParserCtxt always set this option currently, but downstream users should start to set the option if they really need it.
a78843be	2025-01-28T20:13:58	xmllint: Support compressed input from stdin Another regression related to reading from stdin. Making a "-" filename read from stdin was deeply baked into the core IO code but is inherently insecure. I really want to reenable this dangerous feature as sparingly as possible. This now enables compressed input when using the "Fd" API functions which wan't supported before. But XML_PARSE_NO_UNZIP will be inverted later. Allow compressed stdin in xmlReadFile to support xmlstarlet and older versions of xsltproc. So far, these are the only known command-line tools that rely on "-" meaning stdin.
a8d8a70c	2025-01-27T13:31:08	uri: Fix handling of Windows drive letters Allow drive letters in URI paths. Technically, these should be treated as URI schemes, but this is not what users expect. This also makes sure that paths with drive letters are resolved as filesystem paths and unescaped, for example when used in libxslt's document() function. Should fix #832.
6904d4c2	2025-01-25T13:54:15	fuzz: Fix OSS-Fuzz build of lint fuzzer
cd7299a8	2025-01-24T18:59:12	meson: Fix setup with ICU as sibling subproject Meson wrapdb provides a wrap for ICU, so libxml2 and ICU could both be built as subprojects of the same Meson parent project. In this case, with the icu option enabled, setup was failing with: subprojects/libxml2-2.13.5/meson.build:603:22: ERROR: Could not get an internal variable and no default provided for <InternalDependency dep228908115162702543524838879388991448872: True> This is because we can't get a dependency variable from a subproject that hasn't been built yet. Fall back to assuming DEFS is empty, as it is on my system.
6ec616ba	2025-01-24T18:26:55	encoding: Don't allow POSIX indicator suffixes in encoding names Suffixes like "//IGNORE" change the behavior of iconv. Also add comment on how we currently rely on GNU libiconv behavior which technically violates the POSIX spec.
9b1028c9	2025-01-23T20:37:37	fuzz: Fix comments
e95c4b07	2025-01-22T10:06:39	fuzz: Also test xmllint --repeat option
dc6270d1	2025-01-22T09:38:43	xmllint: Fix UAF with --push --repeat Short-lived regression. Fixes #841.
9d7bbf19	2025-01-23T14:36:33	tree: Fix variable name in xmlAddChild documentation
f043bf25	2025-01-22T19:25:59	meson: Fix build with MSVC Check compiler options with cc.get_supported_arguments(). Fixes #842
b524cd7a	2025-01-21T17:35:04	meson: Fix build as subproject Use add_project_arguments instead of add_global_arguments. Should fix #840.
1c82bca6	2025-01-17T22:54:51	xmllint: Improve error reports from reader
16286dea	2025-01-17T23:03:20	xmllint: Fix memory leak in parseAndPrintFile
9cfc723c	2025-01-17T21:42:35	xmllint: Always reuse parser context Also move push parsing into parseXml which makes "--sax --push" work.
5f1131dd	2025-01-17T19:54:04	xpath: Don't descend into OP_VALUE in debug dump For some reason, its "ch1" value is invalid.
00167cae	2025-01-17T18:50:55	xmllint: Report OOM errors to stderr For the validators, some work still has to be done, but for core features, xmllint should now report OOM errors reliably.
67b738d9	2025-01-17T17:59:21	fuzz: Check whether xmllint reports malloc failures correctly This relies on xmllint's "maxmem" option.
bfe6af2e	2025-01-17T17:09:04	fuzz: Remove hacks to build lint fuzzer Don't include source file directly.
bf1d8b9c	2025-01-17T18:13:35	xmllint: Report malloc failures from parsing patterns
255fd5f3	2025-01-17T16:52:06	xmllint: Store error stream in global state
e42ded42	2025-01-17T16:00:35	xmllint: Stop using global variables The only exception is "maxmem". The custom malloc functions don't support an extra context.
e4194110	2025-01-17T16:00:05	schemas: Make ValidateStream take a const SAXHandler
d39e5714	2025-01-17T13:12:36	xmllint: Fix memory leak in parseFile Short-lived regression.
0f4d36e0	2025-01-17T13:04:35	xmllint: Fix memory leak in error case
fbaacfe2	2025-01-16T15:57:35	encoding: Clean up UCS-4 encodings Use "UCS-" instead of "ISO-10646-UCS-". While the XML spec recommends "ISO-10646-UCS-2" and "ISO-10646-UCS-4", GNU iconv doesn't understand these names. Ignore UCS4_2143 and UCS4_3412 which were never supported.
be579a26	2025-01-15T12:52:53	reader: Fix return value of xmlTextReaderReadString again Make sure to return NULL for node types except elements or text to match the old behavior. Note that CDATA sections are still treated like text nodes and will have their content returned. Fixes #838.
86401cc3	2025-01-07T19:01:57	xmllint: Make --shell ignore some other options When the shell should be launched with the --shell option, don't post-validate, stream or dump the document. Ignore the --repeat option.
c0c69cb8	2025-01-07T18:55:35	xmllint: Always reuse parser context Simplifies "repeat" logic.
a5be2cc3	2025-01-04T22:52:19	xmllint: Support --xpath --debug Dump compiled expression if --debug was supplied.
f22707f4	2024-12-30T23:21:56	xmllint: Use xmlXPathOrderDocElems for XPath queries
ca819160	2025-01-03T20:50:08	include: Use intptr_t to cast between pointers and ints
41c10c0c	2025-01-03T19:49:37	io: Don't cast file descriptors to pointers This doesn't work if open() returns 0 which is rare but can happen. Wrap the fd in a context struct. Fixes #835.
71c37a56	2024-12-30T11:41:44	malloc-fail: Fix memory leak in xmlValidateElementContent
ab62fc27	2024-12-27T14:58:30	gitlab-ci: Add --with-valid to medium config Building --with-valid --without-regexps enables some rarely tested code. There's an additional test failure in runxmlconf without regexps.
cd220b93	2024-12-27T14:55:43	valid: Remove duplicate error messages when streaming
bd2a1648	2024-12-27T13:44:10	valid: Fix build --without-regexps
41aed089	2024-12-24T23:50:39	automake: Only build testdso when testing
0cf25b3d	2024-12-26T20:32:35	Regenerate docs and testapi.c
2e3a91a7	2024-12-26T21:05:18	doc: Fix documentation
53c131f6	2024-12-26T20:29:58	doc: Make apibuild.py work again
260954c5	2024-12-26T18:17:45	autotools: Set AC_CONFIG_AUX_DIR This should make sure that autoreconf doesn't mess with parent directories. Should fix #833.
b3871dd1	2024-12-21T21:50:13	io: Fix memory leaks of encoding handler in error cases xmlOutputBufferCreate* must always free the encoding handler.
afeff9c5	2024-12-21T20:47:40	xinclude: Allow build without XPath This disables XPath queries and makes the tests fail, but might be useful.
c134e8b4	2024-12-19T21:05:49	include: Make INPUT_CHUNK macro private
84a6c82f	2024-12-19T20:59:10	include: Make most IS_* macros private Macros like IS_DIGIT or IS_LETTER severely pollute the C namespace.
0d4a17af	2024-12-18T12:02:36	valid: Fix and check return value of nodeVPush
3f0bac48	2024-12-11T16:23:30	malloc-fail: Handle more malloc failures in schema code These issues can only arise after a memory allocation failed. - WXS_ADD_: Add NULL check and raise error - XML_SCHEMA_: Make macros safe - xmlSchemaParseUnion: Fix leak, raise error, commit after success to avoid memory corruption - xmlSchemaVAddNodeQName: Restore nbItems after partial success, raise error - xmlSchemaIDCAcquireTargetList: Raise error - xmlSchemaXPathProcessHistory: Handle errors - xmlSchemaIDCFillNodeTables: Fix leak - xmlSchemaCheckCVCIDCKeyRef: Handle errors - xmlSchemaVPushText: Reset flag to avoid memory corruption - xmlSchemaNewValidCtxt: Handle errors - xmlSchemaVDocWalk: Fix leak - xmlSchemaInitBasicType: Handle error - xmlSchemaCleanupTypesInternal: Fix null deref - xmlSchemaWhiteSpaceReplace: Handle error - xmlSchemaParseUInt: Handle error - xmlSchemaValAtomicType: Fix leak, handle error - xmlSchemaDateNormalize: Fix leak
307bc230	2024-12-16T01:28:06	pattern: Allocate arrays lazily
7b3d1134	2024-12-15T22:06:11	pattern: Check reallocations for overflow
df7cb96c	2024-12-21T18:55:51	build: Set C standard with CMake and meson This should add `/std:c11` to MSVC builds which makes sure that the __STDC_VERSION__ macro is set.
3d4f7f47	2024-12-21T18:51:44	meson: Set WITH_HTTP for config.cmake
a11c28a6	2024-12-21T18:50:47	meson: Add warning options
2e18e5dc	2024-12-16T18:54:36	memory: Grow dynamic arrays by 50% Growing by a factor lower than the golden ratio increases the chances of reusing memory freed from earlier allocations. Set growth rate to 1.5 which also reduces internal fragmentation.
b9feb816	2024-12-15T17:56:37	xpath: Check reallocations for overflow Factor out node set reallocation.
db8cce3d	2024-12-11T14:16:59	schemas: Check reallocations for overflow
0d6136da	2024-12-15T23:23:10	regexp: Check reallocations for overflow
ae41cf9a	2024-12-15T23:05:06	xinclude: Check reallocations for overflow
178b1121	2024-12-15T22:44:39	valid: Check reallocations for overflow
8b2d9ac4	2024-12-15T22:37:22	uri: Check reallocations for overflow
2042090b	2024-12-15T22:32:12	tree: Check reallocations for overflow
3f72a579	2024-12-15T21:53:54	entities: Check reallocations for overflow
df0f16fa	2024-12-15T21:34:59	encoding: Check reallocations for overflow
1c51f3d3	2024-12-15T21:32:36	catalog: Check reallocations for overflow
509d4981	2024-12-15T21:30:04	c14n: Check reallocations for overflow
58e2e724	2024-12-15T21:23:34	reader: Check reallocations for overflow
0447275e	2024-12-15T21:17:07	html: Check reallocations for overflow
8231c036	2024-12-15T23:36:04	parser: Check reallocations for overflow
5320a4aa	2024-12-15T23:35:28	memory: Implement xmlGrowCapacity to safely grow arrays xmlGrowCapacity makes sure that dynamic arrays don't grow beyond an explicit maximum size. size_t considerations are also taken into account. A macro XML_MAX_ITEMS is provided as default maximum with value 1 billion. When fuzzing, the initial size is set to 1 to cause more reallocations. This can require adjustments if callers really need larger arrays.
afbc0a04	2024-12-21T16:25:14	xpath: Make contextSize and proximityPosition default to 1 In the general case of processing a single node, these values should be set to 1.
e014cc57	2024-12-21T16:23:32	xpath: Remove non-standard xf:escape-uri function This undocumented function used an outdated namespace URI and is unlikely to be used these days.
bf5fcf6e	2024-12-21T16:03:46	xpath: Use separate static hash table for standard functions This avoids registering standard functions when creating an XPath context. Lookup of extension functions is a bit slower now, but ultimately, all function lookups should be moved to the compilation phase.
0dd910e8	2024-12-18T23:37:35	save: Fix handling of catastrophic errors Don't overwrite catastrophic errors xmlSaveErr. Overwrite non-catastrophic errors in xmlOutputBufferClose.
72f84dd7	2024-12-17T18:26:24	fuzz: Inject IO failures into serialization code
0160076f	2024-12-17T17:54:20	save: Forward error from closing IO in xmlSaveFinish
169857ad	2024-12-13T15:12:18	xmllint: Check return value of htmlNewParserCtxt
1e1b4891	2024-12-13T16:45:38	parser: Also raise error if ctxt is NULL Update global error variable even if context is missing because of an invalid (NULL) argument.
6548ba11	2024-12-13T16:37:40	parser: Fix argument checks in xmlCtxtParse* - Raise invalid argument error. - Free input stream if ctxt is NULL.
9c980d00	2024-12-13T12:41:46	gitlab-ci: Stop including gnome-release-service-ci-templates This raises a "not found or access denied" error now.
0c772751	2024-12-13T02:01:49	cmake: Completely remove deprecated options - LIBXML2_WITH_AUTOMATA - LIBXML2_WITH_EXPR - LIBXML2_WITH_UNICODE
e6045ed7	2024-12-12T22:09:25	reader: Add argument checks
49164610	2024-12-12T22:08:50	reader: Forward catastrophic errors from XInclude
8139ad2f	2024-12-12T19:19:47	fuzz: Fix IO error check in reader fuzzer
7a9728c1	2024-12-10T21:37:58	gitlab-ci: Re-add llvm This reverts commit d09b07d1b9574c96e047aa19f925b2ee695e436f. Document why some packages are needed.
d09b07d1	2024-12-10T18:44:26	gitlab-ci: Remove llvm from CI container Untested, but shouldn't be required anymore.
5505d235	2024-12-10T00:40:36	Fix typo
5ca4ce6f	2024-12-09T23:28:38	gitlab-ci: Add "dist" job to build distribution tarball Prepare for GNOME Release Service.
225e0229	2024-12-09T23:28:02	autotools: Add html5ent.inc to EXTRA_DIST
8d9c359a	2024-12-09T23:17:55	gitlab-ci: Add xz-utils for distribution tarballs
5c9abbf8	2024-12-09T17:17:32	SAX2: Fix xmlSAX2ResolveEntity if systemId is NULL Passing a NULL systemId results in snprintf("%s", NULL) which crashes on some platforms. Regressed with commit 4ff2dccf. Note that systemId should never be NULL during normal parsing. It can only be NULL if API functions are called with a NULL systemId. Should fix #825.
92204112	2024-12-07T15:09:46	cmake: Always build Python module as shared library
7ca75b32	2024-12-07T15:07:46	python: Declare init func with PyMODINIT_FUNC
3b38f19b	2024-11-25T22:37:51	fuzz: Silence more OOM errors
9f652e57	2024-11-25T19:41:33	fuzz: Inject IO failures We use the same counter for injecting malloc and IO failures. This mostly renames several functions and variables.
754843ab	2024-11-26T02:22:35	fuzz: Remove xmlFuzzEntityLoader Unused after commit de0c7791.
eae9a1bd	2024-11-26T14:18:22	parser: Pop input stream in xmlCtxtValidateDtd

4bd66d45

2025-01-29T13:11:38

Mention contributors in Copyright To clarify that libxml2 is the work of many people, add the following copyright notice to Copyright: Copyright (C) The Libxml2 Contributors.

fdc73dd0

2025-01-29T12:58:31

README: Fix CMake example options zlib is disabled by default now.

64bfe1f7

2025-01-29T12:48:50

README: Add note about security issues

93506d41

2025-01-29T00:17:01

parser: Make catalog PIs opt-in This is an obscure feature that shouldn't be enabled by default.

1082d813

2025-01-28T23:21:34

parser: Prepare to make decompression opt-in Add a new parser option XML_PARSE_UNZIP that enables decompression. xmlReadFile, xmlCtxtReadFile and xmlCreateURLParserCtxt always set this option currently, but downstream users should start to set the option if they really need it.

a78843be

2025-01-28T20:13:58

xmllint: Support compressed input from stdin Another regression related to reading from stdin. Making a "-" filename read from stdin was deeply baked into the core IO code but is inherently insecure. I really want to reenable this dangerous feature as sparingly as possible. This now enables compressed input when using the "Fd" API functions which wan't supported before. But XML_PARSE_NO_UNZIP will be inverted later. Allow compressed stdin in xmlReadFile to support xmlstarlet and older versions of xsltproc. So far, these are the only known command-line tools that rely on "-" meaning stdin.

a8d8a70c

2025-01-27T13:31:08

uri: Fix handling of Windows drive letters Allow drive letters in URI paths. Technically, these should be treated as URI schemes, but this is not what users expect. This also makes sure that paths with drive letters are resolved as filesystem paths and unescaped, for example when used in libxslt's document() function. Should fix #832.

6904d4c2

2025-01-25T13:54:15

fuzz: Fix OSS-Fuzz build of lint fuzzer

cd7299a8

2025-01-24T18:59:12

meson: Fix setup with ICU as sibling subproject Meson wrapdb provides a wrap for ICU, so libxml2 and ICU could both be built as subprojects of the same Meson parent project. In this case, with the icu option enabled, setup was failing with: subprojects/libxml2-2.13.5/meson.build:603:22: ERROR: Could not get an internal variable and no default provided for <InternalDependency dep228908115162702543524838879388991448872: True> This is because we can't get a dependency variable from a subproject that hasn't been built yet. Fall back to assuming DEFS is empty, as it is on my system.

6ec616ba

2025-01-24T18:26:55

encoding: Don't allow POSIX indicator suffixes in encoding names Suffixes like "//IGNORE" change the behavior of iconv. Also add comment on how we currently rely on GNU libiconv behavior which technically violates the POSIX spec.

9b1028c9

2025-01-23T20:37:37

fuzz: Fix comments

e95c4b07

2025-01-22T10:06:39

fuzz: Also test xmllint --repeat option

dc6270d1

2025-01-22T09:38:43

xmllint: Fix UAF with --push --repeat Short-lived regression. Fixes #841.

9d7bbf19

2025-01-23T14:36:33

tree: Fix variable name in xmlAddChild documentation

f043bf25

2025-01-22T19:25:59

meson: Fix build with MSVC Check compiler options with cc.get_supported_arguments(). Fixes #842

b524cd7a

2025-01-21T17:35:04

meson: Fix build as subproject Use add_project_arguments instead of add_global_arguments. Should fix #840.

1c82bca6

2025-01-17T22:54:51

xmllint: Improve error reports from reader

16286dea

2025-01-17T23:03:20

xmllint: Fix memory leak in parseAndPrintFile

9cfc723c

2025-01-17T21:42:35

xmllint: Always reuse parser context Also move push parsing into parseXml which makes "--sax --push" work.

5f1131dd

2025-01-17T19:54:04

xpath: Don't descend into OP_VALUE in debug dump For some reason, its "ch1" value is invalid.

00167cae

2025-01-17T18:50:55

xmllint: Report OOM errors to stderr For the validators, some work still has to be done, but for core features, xmllint should now report OOM errors reliably.

67b738d9

2025-01-17T17:59:21

fuzz: Check whether xmllint reports malloc failures correctly This relies on xmllint's "maxmem" option.

bfe6af2e

2025-01-17T17:09:04

fuzz: Remove hacks to build lint fuzzer Don't include source file directly.

bf1d8b9c

2025-01-17T18:13:35

xmllint: Report malloc failures from parsing patterns

255fd5f3

2025-01-17T16:52:06

xmllint: Store error stream in global state

e42ded42

2025-01-17T16:00:35

xmllint: Stop using global variables The only exception is "maxmem". The custom malloc functions don't support an extra context.

e4194110

2025-01-17T16:00:05

schemas: Make ValidateStream take a const SAXHandler

d39e5714

2025-01-17T13:12:36

xmllint: Fix memory leak in parseFile Short-lived regression.

0f4d36e0

2025-01-17T13:04:35

xmllint: Fix memory leak in error case

fbaacfe2

2025-01-16T15:57:35

encoding: Clean up UCS-4 encodings Use "UCS-*" instead of "ISO-10646-UCS-*". While the XML spec recommends "ISO-10646-UCS-2" and "ISO-10646-UCS-4", GNU iconv doesn't understand these names. Ignore UCS4_2143 and UCS4_3412 which were never supported.

be579a26

2025-01-15T12:52:53

reader: Fix return value of xmlTextReaderReadString again Make sure to return NULL for node types except elements or text to match the old behavior. Note that CDATA sections are still treated like text nodes and will have their content returned. Fixes #838.

86401cc3

2025-01-07T19:01:57

xmllint: Make --shell ignore some other options When the shell should be launched with the --shell option, don't post-validate, stream or dump the document. Ignore the --repeat option.

c0c69cb8

2025-01-07T18:55:35

xmllint: Always reuse parser context Simplifies "repeat" logic.

a5be2cc3

2025-01-04T22:52:19

xmllint: Support --xpath --debug Dump compiled expression if --debug was supplied.

f22707f4

2024-12-30T23:21:56

xmllint: Use xmlXPathOrderDocElems for XPath queries

ca819160

2025-01-03T20:50:08

include: Use intptr_t to cast between pointers and ints

41c10c0c

2025-01-03T19:49:37

io: Don't cast file descriptors to pointers This doesn't work if open() returns 0 which is rare but can happen. Wrap the fd in a context struct. Fixes #835.

71c37a56

2024-12-30T11:41:44

malloc-fail: Fix memory leak in xmlValidateElementContent

ab62fc27

2024-12-27T14:58:30

gitlab-ci: Add --with-valid to medium config Building --with-valid --without-regexps enables some rarely tested code. There's an additional test failure in runxmlconf without regexps.

cd220b93

2024-12-27T14:55:43

valid: Remove duplicate error messages when streaming

bd2a1648

2024-12-27T13:44:10

valid: Fix build --without-regexps

41aed089

2024-12-24T23:50:39

automake: Only build testdso when testing

0cf25b3d

2024-12-26T20:32:35

Regenerate docs and testapi.c

2e3a91a7

2024-12-26T21:05:18

doc: Fix documentation

53c131f6

2024-12-26T20:29:58

doc: Make apibuild.py work again

260954c5

2024-12-26T18:17:45

autotools: Set AC_CONFIG_AUX_DIR This should make sure that autoreconf doesn't mess with parent directories. Should fix #833.

b3871dd1

2024-12-21T21:50:13

io: Fix memory leaks of encoding handler in error cases xmlOutputBufferCreate* must always free the encoding handler.

afeff9c5

2024-12-21T20:47:40

xinclude: Allow build without XPath This disables XPath queries and makes the tests fail, but might be useful.

c134e8b4

2024-12-19T21:05:49

include: Make INPUT_CHUNK macro private

84a6c82f

2024-12-19T20:59:10

include: Make most IS_* macros private Macros like IS_DIGIT or IS_LETTER severely pollute the C namespace.

0d4a17af

2024-12-18T12:02:36

valid: Fix and check return value of nodeVPush

3f0bac48

2024-12-11T16:23:30

malloc-fail: Handle more malloc failures in schema code These issues can only arise after a memory allocation failed. - WXS_ADD_*: Add NULL check and raise error - XML_SCHEMA_*: Make macros safe - xmlSchemaParseUnion: Fix leak, raise error, commit after success to avoid memory corruption - xmlSchemaVAddNodeQName: Restore nbItems after partial success, raise error - xmlSchemaIDCAcquireTargetList: Raise error - xmlSchemaXPathProcessHistory: Handle errors - xmlSchemaIDCFillNodeTables: Fix leak - xmlSchemaCheckCVCIDCKeyRef: Handle errors - xmlSchemaVPushText: Reset flag to avoid memory corruption - xmlSchemaNewValidCtxt: Handle errors - xmlSchemaVDocWalk: Fix leak - xmlSchemaInitBasicType: Handle error - xmlSchemaCleanupTypesInternal: Fix null deref - xmlSchemaWhiteSpaceReplace: Handle error - xmlSchemaParseUInt: Handle error - xmlSchemaValAtomicType: Fix leak, handle error - xmlSchemaDateNormalize: Fix leak

307bc230

2024-12-16T01:28:06

pattern: Allocate arrays lazily

7b3d1134

2024-12-15T22:06:11

pattern: Check reallocations for overflow

df7cb96c

2024-12-21T18:55:51

build: Set C standard with CMake and meson This should add `/std:c11` to MSVC builds which makes sure that the __STDC_VERSION__ macro is set.

3d4f7f47

2024-12-21T18:51:44

meson: Set WITH_HTTP for config.cmake

a11c28a6

2024-12-21T18:50:47

meson: Add warning options

2e18e5dc

2024-12-16T18:54:36

memory: Grow dynamic arrays by 50% Growing by a factor lower than the golden ratio increases the chances of reusing memory freed from earlier allocations. Set growth rate to 1.5 which also reduces internal fragmentation.

b9feb816

2024-12-15T17:56:37

xpath: Check reallocations for overflow Factor out node set reallocation.

db8cce3d

2024-12-11T14:16:59

schemas: Check reallocations for overflow

0d6136da

2024-12-15T23:23:10

regexp: Check reallocations for overflow

ae41cf9a

2024-12-15T23:05:06

xinclude: Check reallocations for overflow

178b1121

2024-12-15T22:44:39

valid: Check reallocations for overflow

8b2d9ac4

2024-12-15T22:37:22

uri: Check reallocations for overflow

2042090b

2024-12-15T22:32:12

tree: Check reallocations for overflow

3f72a579

2024-12-15T21:53:54

entities: Check reallocations for overflow

df0f16fa

2024-12-15T21:34:59

encoding: Check reallocations for overflow

1c51f3d3

2024-12-15T21:32:36

catalog: Check reallocations for overflow

509d4981

2024-12-15T21:30:04

c14n: Check reallocations for overflow

58e2e724

2024-12-15T21:23:34

reader: Check reallocations for overflow

0447275e

2024-12-15T21:17:07

html: Check reallocations for overflow

8231c036

2024-12-15T23:36:04

parser: Check reallocations for overflow

5320a4aa

2024-12-15T23:35:28

memory: Implement xmlGrowCapacity to safely grow arrays xmlGrowCapacity makes sure that dynamic arrays don't grow beyond an explicit maximum size. size_t considerations are also taken into account. A macro XML_MAX_ITEMS is provided as default maximum with value 1 billion. When fuzzing, the initial size is set to 1 to cause more reallocations. This can require adjustments if callers really need larger arrays.

afbc0a04

2024-12-21T16:25:14

xpath: Make contextSize and proximityPosition default to 1 In the general case of processing a single node, these values should be set to 1.

e014cc57

2024-12-21T16:23:32

xpath: Remove non-standard xf:escape-uri function This undocumented function used an outdated namespace URI and is unlikely to be used these days.

bf5fcf6e

2024-12-21T16:03:46

xpath: Use separate static hash table for standard functions This avoids registering standard functions when creating an XPath context. Lookup of extension functions is a bit slower now, but ultimately, all function lookups should be moved to the compilation phase.

0dd910e8

2024-12-18T23:37:35

save: Fix handling of catastrophic errors Don't overwrite catastrophic errors xmlSaveErr. Overwrite non-catastrophic errors in xmlOutputBufferClose.

72f84dd7

2024-12-17T18:26:24

fuzz: Inject IO failures into serialization code

0160076f

2024-12-17T17:54:20

save: Forward error from closing IO in xmlSaveFinish

169857ad

2024-12-13T15:12:18

xmllint: Check return value of htmlNewParserCtxt

1e1b4891

2024-12-13T16:45:38

parser: Also raise error if ctxt is NULL Update global error variable even if context is missing because of an invalid (NULL) argument.

6548ba11

2024-12-13T16:37:40

parser: Fix argument checks in xmlCtxtParse* - Raise invalid argument error. - Free input stream if ctxt is NULL.

9c980d00

2024-12-13T12:41:46

gitlab-ci: Stop including gnome-release-service-ci-templates This raises a "not found or access denied" error now.

0c772751

2024-12-13T02:01:49

cmake: Completely remove deprecated options - LIBXML2_WITH_AUTOMATA - LIBXML2_WITH_EXPR - LIBXML2_WITH_UNICODE

e6045ed7

2024-12-12T22:09:25

reader: Add argument checks

49164610

2024-12-12T22:08:50

reader: Forward catastrophic errors from XInclude

8139ad2f

2024-12-12T19:19:47

fuzz: Fix IO error check in reader fuzzer

7a9728c1

2024-12-10T21:37:58

gitlab-ci: Re-add llvm This reverts commit d09b07d1b9574c96e047aa19f925b2ee695e436f. Document why some packages are needed.

d09b07d1

2024-12-10T18:44:26

gitlab-ci: Remove llvm from CI container Untested, but shouldn't be required anymore.

5505d235

2024-12-10T00:40:36

Fix typo

5ca4ce6f

2024-12-09T23:28:38

gitlab-ci: Add "dist" job to build distribution tarball Prepare for GNOME Release Service.

225e0229

2024-12-09T23:28:02

autotools: Add html5ent.inc to EXTRA_DIST

8d9c359a

2024-12-09T23:17:55

gitlab-ci: Add xz-utils for distribution tarballs

5c9abbf8

2024-12-09T17:17:32

SAX2: Fix xmlSAX2ResolveEntity if systemId is NULL Passing a NULL systemId results in snprintf("%s", NULL) which crashes on some platforms. Regressed with commit 4ff2dccf. Note that systemId should never be NULL during normal parsing. It can only be NULL if API functions are called with a NULL systemId. Should fix #825.

92204112

2024-12-07T15:09:46

cmake: Always build Python module as shared library

7ca75b32

2024-12-07T15:07:46

python: Declare init func with PyMODINIT_FUNC

3b38f19b

2024-11-25T22:37:51

fuzz: Silence more OOM errors

9f652e57

2024-11-25T19:41:33

fuzz: Inject IO failures We use the same counter for injecting malloc and IO failures. This mostly renames several functions and variables.

754843ab

2024-11-26T02:22:35

fuzz: Remove xmlFuzzEntityLoader Unused after commit de0c7791.

eae9a1bd

2024-11-26T14:18:22

parser: Pop input stream in xmlCtxtValidateDtd

kc3-lang/libxml2

Log