kmx git

Commit	Date	Message
4dd6d7a5	2017-11-09T17:28:00	Fix list callback signatures Make sure that all parameters and return values of list callback functions exactly match the callback function type. This is required to pass clang's Control Flow Integrity checks and to allow compilation to asm.js with Emscripten. Also change the `user` parameter type from `const void ` to `void `.
e03f0a19	2017-11-09T16:42:47	Fix hash callback signatures Make sure that all parameters and return values of hash callback functions exactly match the callback function type. This is required to pass clang's Control Flow Integrity checks and to allow compilation to asm.js with Emscripten. Fixes bug 784861.
71462a60	2017-11-09T13:42:33	Introduce xmlPosixStrdup and update xmlMemStrdup Introduce xmlPosixStrdup, an internal strdup implementation matching the POSIX strdup type signature, and update xmlMemStrdup to use it. Thanks to Vlad Tsyrklevich for the initial patch.
28f52fe8	2017-08-10T15:08:48	Refactor name and type signature for xmlNop Update xmlNop's name to xmlInputReadCallbackNop and its type signature to match xmlInputReadCallback. Fixes bug 786134.
72182550	2017-11-04T15:38:58	Add test for ICU flush and pivot buffer
0b19f236	2017-10-25T18:11:12	Fixed ICU to set flush correctly and provide pivot buffer. By always setting flush=TRUE when doing multiple reads, ICU will not correctly handle truncated utf8 chars across read boundaries. The fix is to set flush=TRUE only on final read, and to provide a pivot buffer which is maintained by libxml between calls to ucnv_convertEx.
4b413597	2017-10-31T17:17:16	Skip EBCDIC tests if EBCDIC isn't supported Fixes bug 603432.
f404c4f5	2017-10-31T17:14:43	Compile testapi with -Wno-unused-function
bc5a5d65	2017-11-02T21:26:55	Release of libxnl2-2.9.7 * configure.ac doc/news.html : update for release * doc/news.html doc/xmlcatalog.1 doc/xmlcatalog_man.html: regenerated
09f51ecb	2017-10-24T14:29:26	Add Makefile rules to rebuild HTML man pages This should make sure that the online version of the man pages for xmllint and xmlcatalog stay up to date. Also rebuild both HTML documents.
ca01f813	2017-10-24T13:51:34	xmlcatalog: refresh man page wrt. quering system catalog easily Also normalize "lookup" spelling.
6b780f65	2017-10-19T13:27:29	xmlcatalog: restore ability to query system catalog easily I've noticed that easy way of locating a DocBook XSLT in a configure script of another project doesn't work anymore. It is using something like: xmlcatalog "" ${DOCBOOK_XSL_URI}/${DOCBOOK_XSL_PATH}. The script is then forced to a plain, suboptimal search using find utility. Indeed, I retrospectively realize that the check was working just by mere accident given that the window this presumably side-effect was applicable had not lasted long, some 8 months between 054c716ea1bf001544127a4ab4f4346d1b9947e7 introducing xmlInitializeCatalog in the LIBXML_TEST_VERSION-rooted call chain, and f65128f38289d77ff322d63aef2858cc0a819c34 reverting that again. So while one can state /etc/xml/catalog constant explicitly, in some use cases (such as the mentioned one -- that's why I wanted to omit stating the full path in the first place), this is rather an implementation detail, perhaps subject to change from that POV. Therefore I propose to restore that behaviour in the targeted manner without global disruptions this time around. As a side-effect, this fixes indenting of the affected part.
5e986e3b	2017-10-21T15:09:33	Fix mixed decls and code in timsort.h
cfa912dd	2017-10-21T15:00:47	Fix deprecated Travis compiler flag
cf820462	2017-10-21T14:43:00	Rework handling of return values in thread tests Pass a struct to each thread that contains the filename and the return value. This avoids casting a DWORD to a pointer on Windows.
f05af837	2017-10-21T14:09:16	Add declaration for DllMain Fixes a compiler warning.
882a165a	2017-10-21T14:04:20	Fix preprocessor conditional in threads.h Make sure that the preprocessor conditions and types for xmlDllMain match exactly in threads.h and threads.c.
154824ee	2017-10-21T14:07:38	Fix unused variable warnings in testrecurse
a4864c2f	2017-10-21T14:01:10	Fix pointer comparison warnings on 64-bit Windows
8bc6c878	2017-10-21T13:57:44	Fix macro redefinition warning
d2c329a9	2017-10-21T13:49:31	Fix -Wimplicit-fallthrough warnings Add "falls through" comments to quench implicit-fallthrough warnings which are enabled by -Wextra under GCC 7.
bec3c17f	2017-10-12T15:15:58	Upgrade timsort.h to latest revision Upgrade timsort.h to revision 05fd77bfec049ce8b7c408c4d3dd2d51ee061a15 from https://github.com/swenson/sort Removed all code unrelated to Timsort and made minor adjustments for cross-platform compatibility.
25499fc2	2017-10-09T02:39:16	Increase warning level to /W3 under MSVC With the exception of timsort.h and warnings 4244 and 4267, the MSVC build is now warnings-free with /W3.
6472dfe3	2017-10-09T16:50:57	Fix a couple of warnings in dict.c and threads.c Only visible on Windows.
8575c117	2017-10-09T16:41:58	Default to native threads on MinGW-w64
56723974	2017-10-09T15:35:32	Simplify Windows IO functions Remove "native" non-Unicode functions which were only needed for pre-NT systems like Windows 95/98. Don't redefine `stat` but use `struct _stat` and `_stat()` instead.
d1505ef5	2017-10-09T02:10:11	Update .gitignore for Windows
82e0394d	2017-10-09T02:05:41	Fix runtest on Windows Unbuffer the output and fix some compiler warnings.
ecbdfa9e	2017-10-09T02:01:00	Fix unused variable warnings in nanohttp.c Some variables are only used if certain macros are set. Move the declarations around.
e3890546	2017-10-09T00:20:01	Fix the Windows header mess Don't include windows.h and wsockcompat.h from config.h but only when needed. Don't define _WINSOCKAPI_ manually. This was apparently done to stop windows.h from including winsock.h which is a problem if winsock2.h wasn't included first. But on MinGW, this causes compiler warnings. Define WIN32_LEAN_AND_MEAN instead which has the same effect. Always use the compiler-defined _WIN32 macro instead of WIN32.
bee8f1e4	2017-10-09T00:19:06	Don't include winsock2.h in xmllint.c I'm not sure why xmllint.c did include winsock2.h at all. Stop including the header as both MinGW and MSVC builds don't seem to require it.
45b0ebdc	2017-10-09T00:08:10	socklen_t is always int on Windows Define XML_SOCKLEN_T as `int` unconditionally in wsockcompat.h. Fixes compiler warnings and removes some duplicated code.
5b2324b6	2017-10-09T00:05:04	Don't redefine socket error codes on Windows Translate WSA error codes instead of blindly redefining POSIX error codes on Windows. The redefinitions caused warnings in modern Windows environments, but simply ifdef'ing out the redefinitions seems like the wrong approach.
d422b954	2017-10-09T13:37:42	Fix pointer/int cast warnings on 64-bit Windows On 64-bit Windows, `long` is 32 bits wide and can't hold a pointer. Switch to ptrdiff_t instead which should be the same size as a pointer on every somewhat sane platform without requiring C99 types like intptr_t. Fixes bug 788312. Thanks to J. Peter Mugaas for the report and initial patch.
41c0a13f	2017-10-09T13:32:20	Fix Windows compiler warnings in xmlCanonicPath The code handling Windows paths assigned some char/xmlChar pointers without explicit casts. Also remove an unused variable.
5af594d8	2017-10-07T14:54:45	Fix comparison of nodesets to strings Fix two bugs in xmlXPathNodeValHash which could lead to errors when comparing nodesets to strings: - Only use contents of text nodes to compute the hash for element nodes. Comments, PIs, and other node types don't affect the string-value and must be ignored. - Reset `string` to NULL for node types other than text. Reported by Aleksei on the mailing list: https://mail.gnome.org/archives/xml/2017-September/msg00016.html
0c913916	2017-10-07T14:40:34	Remove generated file python/setup.py from version control
03a238f9	2017-09-29T13:00:50	Use __linux__ macro in generated code
4b4d3d85	2017-10-06T09:00:53	Release of libxml2-2.9.6 * configure.ac doc/xml.html doc/news.html: updated for release
0f3b843b	2017-06-01T23:12:19	Fix XPath stack frame logic Move the calls to xmlXPathSetFrame and xmlXPathPopFrame around in xmlXPathCompOpEvalPositionalPredicate to make sure that the context object on the stack is actually protected. Otherwise, memory corruption can occur when calling sloppily coded XPath extension functions. Fixes bug 783160.
3157cf4e	2017-09-20T16:13:29	Report undefined XPath variable error message Commit c851970 removed a redundant error message if XPath evaluation failed. This uncovered a case where an undefined XPath variable error wasn't reported correctly. Thanks to Petr Pisar for the report. Fixes bug 787941.
b90d8989	2017-09-19T15:45:35	Fix regression with librsvg Instead of using xmlCreateIOParserCtxt, librsvg pushes its own xmlParserInput on top of a memory push parser. This incorrect use of the API confuses several parser checks and, since 2.9.5, completely breaks documents with internal subsets. Work around the problem with internal subsets. Thanks to Petr Sumbera for the report: https://mail.gnome.org/archives/xml/2017-September/msg00011.html Also see https://bugzilla.gnome.org/show_bug.cgi?id=787895
2cdaaab1	2017-09-14T21:30:51	Change preprocessor OS tests to __linux__ "linux" without leading underscores is deprecated and less reliable.
abbda93c	2017-09-11T01:14:16	Handle more invalid entity values in recovery mode In attribute content, don't emit entity references if there are problems with the entity value. Otherwise some illegal entity values like <!ENTITY a '&#x123456789;'> would later cause problems like integer overflow. Make xmlStringLenDecodeEntities return NULL on more error conditions including invalid char refs and errors from recursive calls. Remove some fragile error checks based on lastError that shouldn't be needed now. Clear the entity content in xmlParseAttValueComplex if an error was found. Found by OSS-Fuzz. Should fix bug 783052. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3343
c709f3f2	2017-09-07T19:52:39	Fix structured validation errors Also pass 'str2'. Fixes bug 777473.
07e227ed	2017-09-07T18:55:46	Fix memory leak in LZMA decompressor
e2a9122b	2017-09-07T18:36:01	Set memory limit for LZMA decompression Otherwise malicious LZMA compressed files could consume large amounts of memory when decompressed. According to the xz man page, files compressed with `xz -9` currently require 65 MB to decompress, so set the limit to 100 MB. Should fix bug 786696.
0fcab658	2017-09-07T18:25:11	Handle illegal entity values in recovery mode Make xmlParseEntityValue always return NULL on error. Otherwise some illegal entity values like <!ENTITY e '&%#4294967298;'> would later cause problems like integer overflow. Found by OSS-Fuzz. Should fix bug 783052. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=592 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2732
ca8635bf	2017-09-07T15:46:12	Fix debug dump of streaming XPath expressions The debug function xmlXPathDebugDumpCompExpr would crash when called with a "streaming" expression. Fixes bug 787368.
3b3d7502	2017-09-06T01:31:31	Fix memory leak in nanoftp Found by OSS-Fuzz (testcase 5487741645094912). Free the user and password strings in xmlNanoFTPFreeCtxt. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2727
83fb4119	2017-09-05T23:45:04	Fix memory leaks in SAX1 parser Found by OSS-Fuzz. I could only reproduce this with the (obsolete) SAX1 parser. One leak is caused by duplicate namespaced attribute names and can be reproduced in memory mode (testcase 4556417027538944): $ cat file <d xmlns:a="ns" a:x="v" xmlns:b="ns" b:x="v"/> $ xmllint --sax1 --memory file The other is caused by ATTLISTs with a normalized default for "xmlns" if they're processed after the entity recursion limit was hit (testcase 5580750034305024). $ cat file <!DOCTYPE d [ <!ENTITY a '<d>&a;'> <!ATTLIST d xmlns NMTOKEN 't'> ]> <d>&a; $ xmllint --sax1 --valid file Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2461
2960178f	2017-09-04T15:38:47	Release of libxml2-2.9.5 * configure.ac, doc/xslt.html: updated for the release * doc/*, python/setup.py, testapi.c: regenerated
69936b12	2017-08-30T14:16:01	Revert "Print error messages for truncated UTF-8 sequences" This reverts commit 79c8a6b which caused a serious regression in streaming mode. Also reverts part of commit 52ceced "Fix infinite loops with push parser in recovery mode". Fixes bug 786554.
e29e50e5	2017-08-29T12:40:54	Updating the spec file to reflect Fedora 24 new python subpackages namings
8f571037	2017-08-28T21:27:03	Add const in five places to move 1 KiB to .rdata xmlUnicodeBlocks is logically const but was not marked as such. This fixes that, thus moving it to the read-only data segment.
3daee3f1	2017-08-28T21:12:14	Problem resolving relative URIs Raised by Matthias Pigulla <mp@webfactory.de> In a nutshell we had that bug on URI composition after some fixes in the area of localhost empty shortcuts : ./testURI --base file:///some/where file Without patch: file:/some/file With patch: file:///some/file
f19385a5	2017-08-28T20:40:19	Fix a couple of misleading indentation errors Raised by gcc as potential error, no semantic change needed but fixed the indentation
dbb828fe	2017-08-28T20:38:53	Fix missing part of comment for function xmlXPathEvalExpression()
56ec9cef	2017-08-28T20:15:38	Adding README.zOS to list of extra files for the release
afb0f93c	2017-08-28T17:45:47	Revert "Allow build on Visual Studio 2017 community edition for WIN32 on a 64 bit machine." This reverts commit 605899cf22d185f537eb5efb97a55be30467eb17.
605899cf	2017-08-16T12:22:44	Allow build on Visual Studio 2017 community edition for WIN32 on a 64 bit machine. This patch hold the necessary changes to build libxml2 with Visual Studio 2017 for WIN32 on a 64 bit machine. Today 64 bit windows installation are very common, and Visual Studio 2017 community is the most recent version i have access to. I have chosen 32 bit and SDK 8.1 to be as close as possible to Igor Zlatkovic work.
1056e82e	2017-08-28T14:45:19	Description of work needed to compile on zOS building on zOS requires Makefile surgery that we cannot carrry in the common branch, this documents the changes needed to compile on that platform
454e397e	2017-08-28T14:30:43	Porting libxml2 on zOS encoding of code First set of patches for zOS - entities.c parser.c tree.c xmlschemas.c xmlschemastypes.c xpath.c xpointer.c: ask conversion of code to ISO Latin 1 to avoid having the compiler assume EBCDIC codepoint for characters. - xmlmodule.c: make sure we have support for modules - xmlIO.c: zOS path names are special avoid dsome of the expectstions from Unix/Windows
3aca7f31	2017-08-21T13:06:29	Fix unwanted warnings when switching encodings Revert part of commit 46dc989 "Don't switch encoding for internal parameter entities" that caused spurious warnings. Fixes bug 786267.
27f310d4	2017-07-27T14:06:44	Fix signature of xmlSchemaAugmentImportedIDC this is used in a callback which will pass a name, the name is ignored but it's best to have the signature of the function match, pointed out by Claude Petit * xmlschemas.c: fix xmlSchemaAugmentImportedIDC() signature no functional change
d1f90624	2017-07-27T11:20:02	small changes for OS/400 OS/400 version V5R3 is not supported by IBM anymore. In addition, the iSeries system I have here for development has been changed and the new system is not able to compile for an OS version lower than V6R1. Thus I made some updates to the libxml2 os400 scripts accordingly: - Oldest supported OS version is now V6R1. - Adjust ILE/RPG wrappers comments. - Update copyright year range. - Do not log compiler informational messages.
899a5d9f	2017-07-25T14:59:49	Detect infinite recursion in parameter entities When expanding a parameter entity in a DTD, infinite recursion could lead to an infinite loop or memory exhaustion. Thanks to Wei Lei for the first of many reports. Fixes bug 759579.
fb56f80e	2017-07-04T18:38:03	Heap-buffer-overflow read of size 1 in xmlFAParsePosCharGroup Credit to OSS-Fuzz. Add a check to xmlFAParseCharRange() for the end of the buffer to prevent reading past the end of it. This fixes Bug 784017.
8a0c6698	2017-07-04T17:13:06	Fix NULL pointer deref in xmlFAParseCharClassEsc Found with libFuzzer.
52ceced6	2017-07-01T17:49:30	Fix infinite loops with push parser in recovery mode Make sure that the input pointer advances in case of errors. Otherwise, the push parser can loop infinitely. Found with libFuzzer.
f435365b	2017-06-20T16:19:33	Send xmllint usage error to stderr Fixes bug 781459.
3eef3f39	2017-06-20T16:13:57	Fix NULL deref in xmlParseExternalEntityPrivate If called from xmlParseExternalEntity, oldctxt is NULL which leads to a NULL deref if an error occurs. This only affects external code that calls xmlParseExternalEntity. Patch from David Kilzer with minor changes. Fixes bug 780159.
872fea94	2017-06-19T00:24:12	Get rid of "blanks wrapper" for parameter entities Now that replacement of parameter entities goes exclusively through xmlSkipBlankChars, we can account for the surrounding space characters there and remove the "blanks wrapper" hack.
d9e43c7d	2017-06-19T18:01:23	Make sure not to call IS_BLANK_CH when parsing the DTD This is required to get rid of the "blanks wrapper" hack. Checking the return value of xmlSkipBlankChars is more efficient, too.
453dff1e	2017-06-19T17:55:20	Remove unnecessary calls to xmlPopInput It's enough if xmlPopInput is called from xmlSkipBlankChars. Since the replacement text of a parameter entity is surrounded with space characters, that's the only place where the replacement can end in a well-formed document. This is also required to get rid of the "blanks wrapper" hack.
aa267cd1	2017-06-18T23:29:51	Simplify handling of parameter entity references There are only two places where parameter entity references must be handled. For the internal subset in xmlParseInternalSubset. For the external subset or content from other external PEs in xmlSkipBlankChars. Make sure that xmlSkipBlankChars skips over sequences of PEs and whitespace. Rely on xmlSkipBlankChars instead of calling xmlParsePEReference directly when in the external subset or a conditional section. xmlParserHandlePEReference is unused now.
24246c76	2017-06-20T12:56:36	Fix xmlHaltParser Pop all extra input streams before resetting the input. Otherwise, a call to xmlPopInput could make input available again. Also set input->end to input->cur. Changes the test output for some error tests. Unfortunately, some fuzzed test cases were added to the test suite without manual cleanup. This makes it almost impossible to review the impact of later changes on the test output.
e5107772	2017-06-19T15:32:56	Fix pathological performance when outputting charrefs If a character can't be represented in the output encoding, it is converted to a character reference. This used to to replace the character in the input stream by calling xmlBufAddHead or xmlBufferAddHead. These functions shifted the entire input array around, leading to quadratic performance when converting a run of non-representable characters. This is most pronounced when dumping to memory. Output the charref directly instead. Found with libFuzzer.
c9ccbd6a	2017-06-19T14:57:43	Deduplicate code in encoding.c Introduce static functions xmlEncInputChunk and xmlEncOutputChunk that handle the internal/iconv/ICU branching.
5a0ae66d	2017-06-17T23:20:38	Documentation fixes Fixes bug 347465, bug 599433, bug 624550, bug 698253.
8bbe4508	2017-06-17T16:15:09	Spelling and grammar fixes Fixes bug 743172, bug 743489, bug 769632, bug 782400 and a few other misspellings.
576912fa	2017-06-17T15:59:13	Make HTML parser functions take const pointers The 'cur' parameter of htmlParseDoc and htmlSAXParseDoc should be 'const xmlChar *'. Fixes bug 770650.
988a5a3b	2017-06-17T15:44:50	Build test programs only when needed Add test programs to 'check_PROGRAMS' instead of 'noinst_PROGRAMS'. Fixes bug 760457.
b9b4b6b5	2017-06-17T15:40:45	Fix doc/examples/index.py In my previous commit that silenced some test output I didn't realize that doc/examples/Makefile.am was autogenerated. Also make index.py output deterministic by sorting the glob results.
1f09aea2	2017-06-17T15:05:34	Fix compiler warnings in threads.c Use '#pragma weak' to declare weak functions.
629e47e7	2017-06-17T14:51:10	Fix empty-body warning in nanohttp.c
1a595cd1	2017-06-17T14:13:51	Fix cast-align warnings - Suppress warnings in xmlmemory.c by casting to 'void *'. - Remove unneeded cast in xmlschemas.c that caused a macro precedence error. - Add dummy fields to short structs in xmlschemas.c. This increases the size of the structs, but I can't see a better solution without using C11's _Alignof operator. There are still a couple of cast-align warnings in encoding.c. These are legitimate portability issues that can't be fixed without reworking the conversion functions.
81c01ee9	2017-06-17T14:12:53	Fix unused-parameter warnings
1ce1f785	2017-06-17T14:11:03	Fix invalid-source-encoding warnings in testWriter.c Use hex escapes instead of binary data in source file.
5f440d8c	2017-06-12T14:32:34	Rework entity boundary checks Make sure to finish all entities in the internal subset. Nevertheless, readd a sanity check in xmlParseStartTag2 that was lost in my previous commit. Also add a sanity check in xmlPopInput. Popping an input unexpectedly was the source of many recent memory bugs. The check doesn't mitigate such issues but helps with diagnosis. Always base entity boundary checks on the input ID, not the input pointer. The pointer could have been reallocated to the old address. Always throw a well-formedness error if a boundary check fails. In a few places, a validity error was thrown. Fix a few error codes and improve indentation.
46dc9890	2017-06-08T02:24:56	Don't switch encoding for internal parameter entities This is only needed for external entities. Trying to switch the encoding for internal entities could also cause a memory leak in recovery mode.
03904159	2017-06-05T21:16:00	Merge duplicate code paths handling PE references xmlParsePEReference is essentially a subset of xmlParserHandlePEReference, so make xmlParserHandlePEReference call xmlParsePEReference. The code paths in these functions differed slighty, but the code from xmlParserHandlePEReference seems more solid and tested.
dbaab1f3	2017-06-16T21:38:57	Test SAX2 callbacks with entity substitution This detects regressions like bug 760367.
3f0627a1	2017-06-16T21:30:42	Fix duplicate SAX callbacks for entity content Reset 'was_checked' to prevent entity from being parsed twice and SAX callbacks being invoked twice if XML_PARSE_NOENT was set. This regressed in version 2.9.3 and caused problems with WebKit. Fixes bug 760367.
01a4b81a	2017-06-16T21:27:47	Support catalog and threads tests under --without-sax1
3939178e	2017-06-12T20:06:37	Treat URIs with scheme as absolute in C14N Fixes bug 783656.
67f9f9d6	2017-06-12T19:25:01	Misc fixes for 'make tests' - Silence test output. - Clean up after doc/examples tests. - Adjust expected output for script tests. - Add missing results for relaxng/pattern3 There are still two test failures I can't comment on: - regexp/bug316338 - schemas/any4_0
0b2d5c48	2017-06-12T19:10:04	Initialize keepBlanks in HTML parser This caused failures in the HTML push tests but the fix required to change the expected output of the HTML SAX tests.
85c112a0	2017-06-12T18:26:11	Add test cases for bug 758518 test/HTML/758518-entity.html exposed a bug in pushParseTest() in runtest.c which assumed that an input file was at least 4 bytes long. That test case is only 3 bytes, so we now take the minimum of 4 bytes or the length of the test input. We also now use 'chunkSize' in place of the hard-coded value '1024' later in the function.
ed48d65b	2017-06-11T17:12:21	Fix copy-paste errors in error messages Thanks to David Kilzer for the review.

4dd6d7a5

2017-11-09T17:28:00

Fix list callback signatures Make sure that all parameters and return values of list callback functions exactly match the callback function type. This is required to pass clang's Control Flow Integrity checks and to allow compilation to asm.js with Emscripten. Also change the `user` parameter type from `const void *` to `void *`.

e03f0a19

2017-11-09T16:42:47

Fix hash callback signatures Make sure that all parameters and return values of hash callback functions exactly match the callback function type. This is required to pass clang's Control Flow Integrity checks and to allow compilation to asm.js with Emscripten. Fixes bug 784861.

71462a60

2017-11-09T13:42:33

Introduce xmlPosixStrdup and update xmlMemStrdup Introduce xmlPosixStrdup, an internal strdup implementation matching the POSIX strdup type signature, and update xmlMemStrdup to use it. Thanks to Vlad Tsyrklevich for the initial patch.

28f52fe8

2017-08-10T15:08:48

Refactor name and type signature for xmlNop Update xmlNop's name to xmlInputReadCallbackNop and its type signature to match xmlInputReadCallback. Fixes bug 786134.

72182550

2017-11-04T15:38:58

Add test for ICU flush and pivot buffer

0b19f236

2017-10-25T18:11:12

Fixed ICU to set flush correctly and provide pivot buffer. By always setting flush=TRUE when doing multiple reads, ICU will not correctly handle truncated utf8 chars across read boundaries. The fix is to set flush=TRUE only on final read, and to provide a pivot buffer which is maintained by libxml between calls to ucnv_convertEx.

4b413597

2017-10-31T17:17:16

Skip EBCDIC tests if EBCDIC isn't supported Fixes bug 603432.

f404c4f5

2017-10-31T17:14:43

Compile testapi with -Wno-unused-function

bc5a5d65

2017-11-02T21:26:55

Release of libxnl2-2.9.7 * configure.ac doc/news.html : update for release * doc/news.html doc/xmlcatalog.1 doc/xmlcatalog_man.html: regenerated

09f51ecb

2017-10-24T14:29:26

Add Makefile rules to rebuild HTML man pages This should make sure that the online version of the man pages for xmllint and xmlcatalog stay up to date. Also rebuild both HTML documents.

ca01f813

2017-10-24T13:51:34

xmlcatalog: refresh man page wrt. quering system catalog easily Also normalize "lookup" spelling.

6b780f65

2017-10-19T13:27:29

xmlcatalog: restore ability to query system catalog easily I've noticed that easy way of locating a DocBook XSLT in a configure script of another project doesn't work anymore. It is using something like: xmlcatalog "" ${DOCBOOK_XSL_URI}/${DOCBOOK_XSL_PATH}. The script is then forced to a plain, suboptimal search using find utility. Indeed, I retrospectively realize that the check was working just by mere accident given that the window this presumably side-effect was applicable had not lasted long, some 8 months between 054c716ea1bf001544127a4ab4f4346d1b9947e7 introducing xmlInitializeCatalog in the LIBXML_TEST_VERSION-rooted call chain, and f65128f38289d77ff322d63aef2858cc0a819c34 reverting that again. So while one can state /etc/xml/catalog constant explicitly, in some use cases (such as the mentioned one -- that's why I wanted to omit stating the full path in the first place), this is rather an implementation detail, perhaps subject to change from that POV. Therefore I propose to restore that behaviour in the targeted manner without global disruptions this time around. As a side-effect, this fixes indenting of the affected part.

5e986e3b

2017-10-21T15:09:33

Fix mixed decls and code in timsort.h

cfa912dd

2017-10-21T15:00:47

Fix deprecated Travis compiler flag

cf820462

2017-10-21T14:43:00

Rework handling of return values in thread tests Pass a struct to each thread that contains the filename and the return value. This avoids casting a DWORD to a pointer on Windows.

f05af837

2017-10-21T14:09:16

Add declaration for DllMain Fixes a compiler warning.

882a165a

2017-10-21T14:04:20

Fix preprocessor conditional in threads.h Make sure that the preprocessor conditions and types for xmlDllMain match exactly in threads.h and threads.c.

154824ee

2017-10-21T14:07:38

Fix unused variable warnings in testrecurse

a4864c2f

2017-10-21T14:01:10

Fix pointer comparison warnings on 64-bit Windows

8bc6c878

2017-10-21T13:57:44

Fix macro redefinition warning

d2c329a9

2017-10-21T13:49:31

Fix -Wimplicit-fallthrough warnings Add "falls through" comments to quench implicit-fallthrough warnings which are enabled by -Wextra under GCC 7.

bec3c17f

2017-10-12T15:15:58

Upgrade timsort.h to latest revision Upgrade timsort.h to revision 05fd77bfec049ce8b7c408c4d3dd2d51ee061a15 from https://github.com/swenson/sort Removed all code unrelated to Timsort and made minor adjustments for cross-platform compatibility.

25499fc2

2017-10-09T02:39:16

Increase warning level to /W3 under MSVC With the exception of timsort.h and warnings 4244 and 4267, the MSVC build is now warnings-free with /W3.

6472dfe3

2017-10-09T16:50:57

Fix a couple of warnings in dict.c and threads.c Only visible on Windows.

8575c117

2017-10-09T16:41:58

Default to native threads on MinGW-w64

56723974

2017-10-09T15:35:32

Simplify Windows IO functions Remove "native" non-Unicode functions which were only needed for pre-NT systems like Windows 95/98. Don't redefine `stat` but use `struct _stat` and `_stat()` instead.

d1505ef5

2017-10-09T02:10:11

Update .gitignore for Windows

82e0394d

2017-10-09T02:05:41

Fix runtest on Windows Unbuffer the output and fix some compiler warnings.

ecbdfa9e

2017-10-09T02:01:00

Fix unused variable warnings in nanohttp.c Some variables are only used if certain macros are set. Move the declarations around.

e3890546

2017-10-09T00:20:01

Fix the Windows header mess Don't include windows.h and wsockcompat.h from config.h but only when needed. Don't define _WINSOCKAPI_ manually. This was apparently done to stop windows.h from including winsock.h which is a problem if winsock2.h wasn't included first. But on MinGW, this causes compiler warnings. Define WIN32_LEAN_AND_MEAN instead which has the same effect. Always use the compiler-defined _WIN32 macro instead of WIN32.

bee8f1e4

2017-10-09T00:19:06

Don't include winsock2.h in xmllint.c I'm not sure why xmllint.c did include winsock2.h at all. Stop including the header as both MinGW and MSVC builds don't seem to require it.

45b0ebdc

2017-10-09T00:08:10

socklen_t is always int on Windows Define XML_SOCKLEN_T as `int` unconditionally in wsockcompat.h. Fixes compiler warnings and removes some duplicated code.

5b2324b6

2017-10-09T00:05:04

Don't redefine socket error codes on Windows Translate WSA error codes instead of blindly redefining POSIX error codes on Windows. The redefinitions caused warnings in modern Windows environments, but simply ifdef'ing out the redefinitions seems like the wrong approach.

d422b954

2017-10-09T13:37:42

Fix pointer/int cast warnings on 64-bit Windows On 64-bit Windows, `long` is 32 bits wide and can't hold a pointer. Switch to ptrdiff_t instead which should be the same size as a pointer on every somewhat sane platform without requiring C99 types like intptr_t. Fixes bug 788312. Thanks to J. Peter Mugaas for the report and initial patch.

41c0a13f

2017-10-09T13:32:20

Fix Windows compiler warnings in xmlCanonicPath The code handling Windows paths assigned some char/xmlChar pointers without explicit casts. Also remove an unused variable.

5af594d8

2017-10-07T14:54:45

Fix comparison of nodesets to strings Fix two bugs in xmlXPathNodeValHash which could lead to errors when comparing nodesets to strings: - Only use contents of text nodes to compute the hash for element nodes. Comments, PIs, and other node types don't affect the string-value and must be ignored. - Reset `string` to NULL for node types other than text. Reported by Aleksei on the mailing list: https://mail.gnome.org/archives/xml/2017-September/msg00016.html

0c913916

2017-10-07T14:40:34

Remove generated file python/setup.py from version control

03a238f9

2017-09-29T13:00:50

Use __linux__ macro in generated code

4b4d3d85

2017-10-06T09:00:53

Release of libxml2-2.9.6 * configure.ac doc/xml.html doc/news.html: updated for release

0f3b843b

2017-06-01T23:12:19

Fix XPath stack frame logic Move the calls to xmlXPathSetFrame and xmlXPathPopFrame around in xmlXPathCompOpEvalPositionalPredicate to make sure that the context object on the stack is actually protected. Otherwise, memory corruption can occur when calling sloppily coded XPath extension functions. Fixes bug 783160.

3157cf4e

2017-09-20T16:13:29

Report undefined XPath variable error message Commit c851970 removed a redundant error message if XPath evaluation failed. This uncovered a case where an undefined XPath variable error wasn't reported correctly. Thanks to Petr Pisar for the report. Fixes bug 787941.

b90d8989

2017-09-19T15:45:35

Fix regression with librsvg Instead of using xmlCreateIOParserCtxt, librsvg pushes its own xmlParserInput on top of a memory push parser. This incorrect use of the API confuses several parser checks and, since 2.9.5, completely breaks documents with internal subsets. Work around the problem with internal subsets. Thanks to Petr Sumbera for the report: https://mail.gnome.org/archives/xml/2017-September/msg00011.html Also see https://bugzilla.gnome.org/show_bug.cgi?id=787895

2cdaaab1

2017-09-14T21:30:51

Change preprocessor OS tests to __linux__ "linux" without leading underscores is deprecated and less reliable.

abbda93c

2017-09-11T01:14:16

Handle more invalid entity values in recovery mode In attribute content, don't emit entity references if there are problems with the entity value. Otherwise some illegal entity values like <!ENTITY a '&#x123456789;'> would later cause problems like integer overflow. Make xmlStringLenDecodeEntities return NULL on more error conditions including invalid char refs and errors from recursive calls. Remove some fragile error checks based on lastError that shouldn't be needed now. Clear the entity content in xmlParseAttValueComplex if an error was found. Found by OSS-Fuzz. Should fix bug 783052. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3343

c709f3f2

2017-09-07T19:52:39

Fix structured validation errors Also pass 'str2'. Fixes bug 777473.

07e227ed

2017-09-07T18:55:46

Fix memory leak in LZMA decompressor

e2a9122b

2017-09-07T18:36:01

Set memory limit for LZMA decompression Otherwise malicious LZMA compressed files could consume large amounts of memory when decompressed. According to the xz man page, files compressed with `xz -9` currently require 65 MB to decompress, so set the limit to 100 MB. Should fix bug 786696.

0fcab658

2017-09-07T18:25:11

Handle illegal entity values in recovery mode Make xmlParseEntityValue always return NULL on error. Otherwise some illegal entity values like <!ENTITY e '&%#4294967298;'> would later cause problems like integer overflow. Found by OSS-Fuzz. Should fix bug 783052. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=592 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2732

ca8635bf

2017-09-07T15:46:12

Fix debug dump of streaming XPath expressions The debug function xmlXPathDebugDumpCompExpr would crash when called with a "streaming" expression. Fixes bug 787368.

3b3d7502

2017-09-06T01:31:31

Fix memory leak in nanoftp Found by OSS-Fuzz (testcase 5487741645094912). Free the user and password strings in xmlNanoFTPFreeCtxt. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2727

83fb4119

2017-09-05T23:45:04

Fix memory leaks in SAX1 parser Found by OSS-Fuzz. I could only reproduce this with the (obsolete) SAX1 parser. One leak is caused by duplicate namespaced attribute names and can be reproduced in memory mode (testcase 4556417027538944): $ cat file <d xmlns:a="ns" a:x="v" xmlns:b="ns" b:x="v"/> $ xmllint --sax1 --memory file The other is caused by ATTLISTs with a normalized default for "xmlns" if they're processed after the entity recursion limit was hit (testcase 5580750034305024). $ cat file <!DOCTYPE d [ <!ENTITY a '<d>&a;'> <!ATTLIST d xmlns NMTOKEN 't'> ]> <d>&a; $ xmllint --sax1 --valid file Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2461

2960178f

2017-09-04T15:38:47

Release of libxml2-2.9.5 * configure.ac, doc/xslt.html: updated for the release * doc/*, python/setup.py, testapi.c: regenerated

69936b12

2017-08-30T14:16:01

Revert "Print error messages for truncated UTF-8 sequences" This reverts commit 79c8a6b which caused a serious regression in streaming mode. Also reverts part of commit 52ceced "Fix infinite loops with push parser in recovery mode". Fixes bug 786554.

e29e50e5

2017-08-29T12:40:54

Updating the spec file to reflect Fedora 24 new python subpackages namings

8f571037

2017-08-28T21:27:03

Add const in five places to move 1 KiB to .rdata xmlUnicodeBlocks is logically const but was not marked as such. This fixes that, thus moving it to the read-only data segment.

3daee3f1

2017-08-28T21:12:14

Problem resolving relative URIs Raised by Matthias Pigulla <mp@webfactory.de> In a nutshell we had that bug on URI composition after some fixes in the area of localhost empty shortcuts : ./testURI --base file:///some/where file Without patch: file:/some/file With patch: file:///some/file

f19385a5

2017-08-28T20:40:19

Fix a couple of misleading indentation errors Raised by gcc as potential error, no semantic change needed but fixed the indentation

dbb828fe

2017-08-28T20:38:53

Fix missing part of comment for function xmlXPathEvalExpression()

56ec9cef

2017-08-28T20:15:38

Adding README.zOS to list of extra files for the release

afb0f93c

2017-08-28T17:45:47

Revert "Allow build on Visual Studio 2017 community edition for WIN32 on a 64 bit machine." This reverts commit 605899cf22d185f537eb5efb97a55be30467eb17.

605899cf

2017-08-16T12:22:44

Allow build on Visual Studio 2017 community edition for WIN32 on a 64 bit machine. This patch hold the necessary changes to build libxml2 with Visual Studio 2017 for WIN32 on a 64 bit machine. Today 64 bit windows installation are very common, and Visual Studio 2017 community is the most recent version i have access to. I have chosen 32 bit and SDK 8.1 to be as close as possible to Igor Zlatkovic work.

1056e82e

2017-08-28T14:45:19

Description of work needed to compile on zOS building on zOS requires Makefile surgery that we cannot carrry in the common branch, this documents the changes needed to compile on that platform

454e397e

2017-08-28T14:30:43

Porting libxml2 on zOS encoding of code First set of patches for zOS - entities.c parser.c tree.c xmlschemas.c xmlschemastypes.c xpath.c xpointer.c: ask conversion of code to ISO Latin 1 to avoid having the compiler assume EBCDIC codepoint for characters. - xmlmodule.c: make sure we have support for modules - xmlIO.c: zOS path names are special avoid dsome of the expectstions from Unix/Windows

3aca7f31

2017-08-21T13:06:29

Fix unwanted warnings when switching encodings Revert part of commit 46dc989 "Don't switch encoding for internal parameter entities" that caused spurious warnings. Fixes bug 786267.

27f310d4

2017-07-27T14:06:44

Fix signature of xmlSchemaAugmentImportedIDC this is used in a callback which will pass a name, the name is ignored but it's best to have the signature of the function match, pointed out by Claude Petit * xmlschemas.c: fix xmlSchemaAugmentImportedIDC() signature no functional change

d1f90624

2017-07-27T11:20:02

small changes for OS/400 OS/400 version V5R3 is not supported by IBM anymore. In addition, the iSeries system I have here for development has been changed and the new system is not able to compile for an OS version lower than V6R1. Thus I made some updates to the libxml2 os400 scripts accordingly: - Oldest supported OS version is now V6R1. - Adjust ILE/RPG wrappers comments. - Update copyright year range. - Do not log compiler informational messages.

899a5d9f

2017-07-25T14:59:49

Detect infinite recursion in parameter entities When expanding a parameter entity in a DTD, infinite recursion could lead to an infinite loop or memory exhaustion. Thanks to Wei Lei for the first of many reports. Fixes bug 759579.

fb56f80e

2017-07-04T18:38:03

Heap-buffer-overflow read of size 1 in xmlFAParsePosCharGroup Credit to OSS-Fuzz. Add a check to xmlFAParseCharRange() for the end of the buffer to prevent reading past the end of it. This fixes Bug 784017.

8a0c6698

2017-07-04T17:13:06

Fix NULL pointer deref in xmlFAParseCharClassEsc Found with libFuzzer.

52ceced6

2017-07-01T17:49:30

Fix infinite loops with push parser in recovery mode Make sure that the input pointer advances in case of errors. Otherwise, the push parser can loop infinitely. Found with libFuzzer.

f435365b

2017-06-20T16:19:33

Send xmllint usage error to stderr Fixes bug 781459.

3eef3f39

2017-06-20T16:13:57

Fix NULL deref in xmlParseExternalEntityPrivate If called from xmlParseExternalEntity, oldctxt is NULL which leads to a NULL deref if an error occurs. This only affects external code that calls xmlParseExternalEntity. Patch from David Kilzer with minor changes. Fixes bug 780159.

872fea94

2017-06-19T00:24:12

Get rid of "blanks wrapper" for parameter entities Now that replacement of parameter entities goes exclusively through xmlSkipBlankChars, we can account for the surrounding space characters there and remove the "blanks wrapper" hack.

d9e43c7d

2017-06-19T18:01:23

Make sure not to call IS_BLANK_CH when parsing the DTD This is required to get rid of the "blanks wrapper" hack. Checking the return value of xmlSkipBlankChars is more efficient, too.

453dff1e

2017-06-19T17:55:20

Remove unnecessary calls to xmlPopInput It's enough if xmlPopInput is called from xmlSkipBlankChars. Since the replacement text of a parameter entity is surrounded with space characters, that's the only place where the replacement can end in a well-formed document. This is also required to get rid of the "blanks wrapper" hack.

aa267cd1

2017-06-18T23:29:51

Simplify handling of parameter entity references There are only two places where parameter entity references must be handled. For the internal subset in xmlParseInternalSubset. For the external subset or content from other external PEs in xmlSkipBlankChars. Make sure that xmlSkipBlankChars skips over sequences of PEs and whitespace. Rely on xmlSkipBlankChars instead of calling xmlParsePEReference directly when in the external subset or a conditional section. xmlParserHandlePEReference is unused now.

24246c76

2017-06-20T12:56:36

Fix xmlHaltParser Pop all extra input streams before resetting the input. Otherwise, a call to xmlPopInput could make input available again. Also set input->end to input->cur. Changes the test output for some error tests. Unfortunately, some fuzzed test cases were added to the test suite without manual cleanup. This makes it almost impossible to review the impact of later changes on the test output.

e5107772

2017-06-19T15:32:56

Fix pathological performance when outputting charrefs If a character can't be represented in the output encoding, it is converted to a character reference. This used to to replace the character in the input stream by calling xmlBufAddHead or xmlBufferAddHead. These functions shifted the entire input array around, leading to quadratic performance when converting a run of non-representable characters. This is most pronounced when dumping to memory. Output the charref directly instead. Found with libFuzzer.

c9ccbd6a

2017-06-19T14:57:43

Deduplicate code in encoding.c Introduce static functions xmlEncInputChunk and xmlEncOutputChunk that handle the internal/iconv/ICU branching.

5a0ae66d

2017-06-17T23:20:38

Documentation fixes Fixes bug 347465, bug 599433, bug 624550, bug 698253.

8bbe4508

2017-06-17T16:15:09

Spelling and grammar fixes Fixes bug 743172, bug 743489, bug 769632, bug 782400 and a few other misspellings.

576912fa

2017-06-17T15:59:13

Make HTML parser functions take const pointers The 'cur' parameter of htmlParseDoc and htmlSAXParseDoc should be 'const xmlChar *'. Fixes bug 770650.

988a5a3b

2017-06-17T15:44:50

Build test programs only when needed Add test programs to 'check_PROGRAMS' instead of 'noinst_PROGRAMS'. Fixes bug 760457.

b9b4b6b5

2017-06-17T15:40:45

Fix doc/examples/index.py In my previous commit that silenced some test output I didn't realize that doc/examples/Makefile.am was autogenerated. Also make index.py output deterministic by sorting the glob results.

1f09aea2

2017-06-17T15:05:34

Fix compiler warnings in threads.c Use '#pragma weak' to declare weak functions.

629e47e7

2017-06-17T14:51:10

Fix empty-body warning in nanohttp.c

1a595cd1

2017-06-17T14:13:51

Fix cast-align warnings - Suppress warnings in xmlmemory.c by casting to 'void *'. - Remove unneeded cast in xmlschemas.c that caused a macro precedence error. - Add dummy fields to short structs in xmlschemas.c. This increases the size of the structs, but I can't see a better solution without using C11's _Alignof operator. There are still a couple of cast-align warnings in encoding.c. These are legitimate portability issues that can't be fixed without reworking the conversion functions.

81c01ee9

2017-06-17T14:12:53

Fix unused-parameter warnings

1ce1f785

2017-06-17T14:11:03

Fix invalid-source-encoding warnings in testWriter.c Use hex escapes instead of binary data in source file.

5f440d8c

2017-06-12T14:32:34

Rework entity boundary checks Make sure to finish all entities in the internal subset. Nevertheless, readd a sanity check in xmlParseStartTag2 that was lost in my previous commit. Also add a sanity check in xmlPopInput. Popping an input unexpectedly was the source of many recent memory bugs. The check doesn't mitigate such issues but helps with diagnosis. Always base entity boundary checks on the input ID, not the input pointer. The pointer could have been reallocated to the old address. Always throw a well-formedness error if a boundary check fails. In a few places, a validity error was thrown. Fix a few error codes and improve indentation.

46dc9890

2017-06-08T02:24:56

Don't switch encoding for internal parameter entities This is only needed for external entities. Trying to switch the encoding for internal entities could also cause a memory leak in recovery mode.

03904159

2017-06-05T21:16:00

Merge duplicate code paths handling PE references xmlParsePEReference is essentially a subset of xmlParserHandlePEReference, so make xmlParserHandlePEReference call xmlParsePEReference. The code paths in these functions differed slighty, but the code from xmlParserHandlePEReference seems more solid and tested.

dbaab1f3

2017-06-16T21:38:57

Test SAX2 callbacks with entity substitution This detects regressions like bug 760367.

3f0627a1

2017-06-16T21:30:42

Fix duplicate SAX callbacks for entity content Reset 'was_checked' to prevent entity from being parsed twice and SAX callbacks being invoked twice if XML_PARSE_NOENT was set. This regressed in version 2.9.3 and caused problems with WebKit. Fixes bug 760367.

01a4b81a

2017-06-16T21:27:47

Support catalog and threads tests under --without-sax1

3939178e

2017-06-12T20:06:37

Treat URIs with scheme as absolute in C14N Fixes bug 783656.

67f9f9d6

2017-06-12T19:25:01

Misc fixes for 'make tests' - Silence test output. - Clean up after doc/examples tests. - Adjust expected output for script tests. - Add missing results for relaxng/pattern3 There are still two test failures I can't comment on: - regexp/bug316338 - schemas/any4_0

0b2d5c48

2017-06-12T19:10:04

Initialize keepBlanks in HTML parser This caused failures in the HTML push tests but the fix required to change the expected output of the HTML SAX tests.

85c112a0

2017-06-12T18:26:11

Add test cases for bug 758518 test/HTML/758518-entity.html exposed a bug in pushParseTest() in runtest.c which assumed that an input file was at least 4 bytes long. That test case is only 3 bytes, so we now take the minimum of 4 bytes or the length of the test input. We also now use 'chunkSize' in place of the hard-coded value '1024' later in the function.

ed48d65b

2017-06-11T17:12:21

Fix copy-paste errors in error messages Thanks to David Kilzer for the review.

kc3-lang/libxml2

Log