kmx git

Commit	Date	Message
1112699c	2024-06-17T02:42:18	legacy: Remove most legacy functions from public headers Also remove warning messages.
039ce1e8	2024-06-14T16:41:43	parser: Pass global object to sax->setDocumentLocator Revert part of commit c011e760. Fixes #732.
89fcae4d	2024-06-11T16:19:58	parser: Don't report malloc failures when creating context We don't want messages to stderr before an error handler could be set on a parser context.
e75e878e	2024-05-20T13:58:22	doc: Update and fix documentation
a4c2b723	2024-05-05T17:26:31	io: Don't set close callback in xmlParserInputBufferCreateFd
05654cfe	2024-04-28T17:54:20	html: Deprecate htmlHandleOmittedElem
aa04838e	2024-03-26T14:10:58	html: Use binary search in htmlEntityValueLookup
3efbe916	2024-01-05T00:11:29	parser: Mark 'token' member as unused in xmlParserCtxt
b82fd81d	2024-01-04T23:25:06	parser: Rework xmlCtxtParseDocument Make xmlCtxtParseDocument take a parser input which can be popped after parsing.
7e0bbbc1	2023-12-27T18:33:30	parser: New input API Provide a new set of functions to create xmlParserInputs. These can be used for the document entity or from external entity loaders. - Don't require xmlParserInputBuffer. - All functions take a base URI. - All functions take an encoding as string. - xmlNewInputURL also takes a public ID. - xmlNewInputMemory takes a size_t. - Optimization hints for memory buffers. Improve documentation. Only call xmlInitParser before allocating a new parser context. Call xmlCtxtUseOptions as early as possible.
6a9a88a1	2023-12-26T03:13:05	parser: Move progressive flag into input struct
d944a415	2023-12-26T02:10:35	parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.
477a7ed8	2023-12-28T19:06:32	html: Abort earlier on fatal errors
c1bddd4c	2023-12-23T01:09:17	parser: Mark 'length' member of xmlParserInput as unused
955c177f	2023-12-23T00:58:36	parser: Stop using 'directory' struct member This was only used as a pointless fallback for URI resolution.
8cd56317	2023-12-21T02:32:01	html: Don't close fd in htmlCtxtReadFd Long-standing bug. The XML fix from 2003 was never ported to the HTML parser. htmlReadFd was fixed with fe6890e2.
13043691	2023-12-20T00:33:34	parser: Rename xmlErrParser to xmlCtxtErr
8d0aaf4b	2023-12-19T20:47:36	parser: Remove xmlErrEncoding Use xmlFatalErr or xmlCtxtErrIO.
54c70ed5	2023-12-18T19:31:29	parser: Improve error handling Introduce xmlCtxtSetErrorHandler allowing to set a structured error for a parser context. There already was the "serror" SAX handler but this always receives the parser context as argument. Start to use xmlRaiseMemoryError. Remove useless arguments from memory error functions. Rename xmlErrMemory to xmlCtxtErrMemory. Remove a few calls to xmlGenericError. Remove support for runtime entity debugging.
c2bbeed1	2023-12-12T23:51:32	io: Fix memory lifetime issue with input buffers xmlParserInputBufferCreateMem must make a copy of the buffer. This fixes a regression from 2.11 which could cause reads from freed memory depending on the use case. Undeprecate xmlParserInputBufferCreateStatic which can avoid copying the whole buffer.
abd74186	2023-12-10T19:07:32	html: Report malloc failures Fix many places where malloc failures aren't reported. Stop checking for ctxt->instate.
c011e760	2023-12-06T01:09:31	globals: Remove unused globals from thread storage Setting these deprecated globals hasn't had an effect for a long time. Make them constants. This reduces the size of per-thread storage from ~700 to ~250 bytes.
c7629c9e	2023-11-30T16:52:34	parser: Clarify documentation regarding xmlReadMemory buffer size Fixes #638.
e3959461	2023-11-30T16:15:46	html: Reenable buggy detection of XML declarations Switch to UTF-8 if a document starts with '<?xm' to match old behavior. Also enable this check in the push parser. Fixes #637.
ff6c3188	2023-11-23T15:22:59	include: Remove useless 'const' from function arguments
b9db3d7d	2023-09-22T15:45:20	parser: Simplify xmlStringCurrentChar Start to move away from using this function.
8c084ebd	2023-09-21T22:57:33	doc: Make apibuild.py happy
c5890716	2023-09-21T17:01:35	html: Fix logic in htmlAutoClose Note that the function is never called with a NULL newtag. Fixes #591.
9b5cce7a	2023-09-21T00:44:50	include: Remove more unnecessary includes
11a1839d	2023-09-20T17:54:48	globals: Move remaining globals back to correct header files This undoes a lot of damage.
4e1c13eb	2023-09-18T14:45:10	debug: Remove debugging code This is barely useful these days and only clutters the code base.
e48f2695	2023-08-29T17:41:18	parser: Remove push parser debugging code
0d24fc0a	2023-08-14T12:53:49	html: Remove encoding hack in htmlCreateFileParserCtxt Switch encoding directly instead of calling htmlCheckEncoding with faked content.
5db5a704	2023-08-09T18:39:14	html: Fix UAF in htmlCurrentChar Short-lived regression found by OSS-Fuzz.
95e81a36	2023-08-08T15:21:31	parser: Decode all data in xmlCharEncInput Even with flush set to true, xmlCharEncInput didn't guarantee to decode all data. This complicated the push parser. Remove the flush flag and always decode all available data. Also fix ICU code where the flush flag has a different meaning. Always set flush to false and retry even with empty input buffers.
834b8123	2023-08-08T15:21:28	parser: Stream data when reading from memory Don't create a copy of the whole input buffer. Read the data chunk by chunk to save memory. Historically, it was probably envisioned to read data from memory without additional copying. This doesn't work reliably with the current design of the XML parser which requires a terminating null byte at the end of input buffers. This lead to xmlReadMemory interfaces, which expect pointer and size arguments, being changed to make a zero-terminated copy of the input buffer. Interfaces based on xmlReadDoc, which actually expect a zero-terminated string and would make zero-copy operation work, were then simplified to rely on xmlReadMemoryi, resulting in an unnecessary copy. To avoid copying (possibly gigabytes) of memory temporarily, we now stream in-memory input just like content read from files in a chunk-by-chunk fashion (using a somewhat outdated INPUT_CHUNK size of 250 bytes). As a side effect, we also avoid another copy of the whole input when handling non-UTF-8 data which was made possible by some earlier commits. Interfaces expecting zero-terminated strings now make use of strnlen which unfortunately isn't part of the standard C library and only mandated since POSIX 2008.
facc2a06	2023-08-08T15:21:21	parser: Don't overwrite EOF parser state
59fa0bb3	2023-08-08T15:21:14	parser: Simplify input pointer updates The base member always points to the beginning of the buffer.
ec7be506	2023-08-08T15:19:46	parser: Rework encoding detection Introduce XML_INPUT_HAS_ENCODING flag for xmlParserInput which is set when xmlSwitchEncoding is called. The parser can use the flag to reliably detect whether an encoding was already set via user override, BOM or other auto-detection. In this case, the encoding declaration won't be used to switch the encoding. Before, an inscrutable mix of ctxt->charset, ctxt->input->encoding and ctxt->input->buf->encoder was used. Introduce private helper functions to switch encodings used by both the XML and HTML parser: - xmlDetectEncoding which skips over the BOM, allowing to remove the BOM checks from other encoding functions. - xmlSetDeclaredEncoding, replacing htmlCheckEncodingDirect, which warns about encoding mismatches. If users override the encoding, store the declared instead of the actual encoding in xmlDoc. In this case, the actual encoding is known and the raw value from the doc is more useful. Also use the input flags to store the ISO-8859-1 fallback state. Restrict the fallback to cases where no encoding was specified. (The fallback is only useful in recovery mode and these days broken UTF-8 is probably more likely than ISO-8859-1, so it might eventually be removed completely.) The 'charset' member of xmlParserCtxt is now unused. The 'encoding' member of xmlParserInput is now unused. The 'standalone' member of xmlParserInput is renamed to 'flags'. A new parser state XML_PARSER_XML_DECL is added for the push parser.
3a64f394	2023-08-08T15:19:25	html: Remove some debugging code in htmlParseTryOrFinish
20f5c734	2023-06-07T14:05:34	parser: Recover more input from encoding errors Don't halt the parser in xmlParserGrow to allow more input to be recovered in case of encoding errors. Fixes #543.
320f5084	2023-04-30T18:25:09	parser: Improve handling of encoding and IO errors Make sure that xmlCharEncInput, xmlParserInputBufferPush and xmlParserInputBufferGrow set the correct error code in the xmlParserInputBuffer. Handle errors when calling these functions.
1061537e	2023-03-26T22:40:54	malloc-fail: Fix buffer overread with HTML doctype declarations Found by OSS-Fuzz, see #344.
7fbd454d	2023-03-21T13:26:36	parser: Grow input buffer earlier when reading characters Make more bytes available after invoking CUR_CHAR or NEXT.
04d1bedd	2023-03-21T13:08:44	parser: Rework shrinking of input buffers Don't try to grow the input buffer in xmlParserShrink. This makes sure that no memory allocations are made and the function always succeeds. Remove unnecessary invocations of SHRINK. Invoke SHRINK at the end of DTD parsing loops. Shrink before growing.
44ecefc8	2023-03-20T15:52:38	malloc-fail: Fix buffer overread after htmlParseScript Found by OSS-Fuzz, see #344.
067986fa	2023-03-18T14:44:28	parser: Fix regressions from previous commits - Fix memory leak in xmlParseNmtoken. - Fix buffer overread after htmlParseCharDataInternal.
9ef2a9ab	2023-03-17T14:06:28	html: Rely on CUR_CHAR to grow the input buffer - Remove useless invocations of GROW. - Add some error checks. - Fix invocations of SHRINK.
62f199ed	2023-03-17T12:40:46	malloc-fail: Add error check in htmlParseHTMLAttribute This function must return NULL is an error occurs. Found by OSS-Fuzz, see #344.
8090e585	2023-03-17T12:27:07	malloc-fail: Fix buffer overread in htmlParseScript Found by OSS-Fuzz, see #344.
ca2bfece	2023-03-15T16:18:11	malloc-fail: Fix buffer overread when reading from input Found by OSS-Fuzz, see #344.
4b3452d1	2023-03-15T16:56:36	html: Fix quadratic behavior in htmlParseTryOrFinish Fix check for end of script content. Found by OSS-Fuzz.
14c62e0d	2023-03-15T16:22:13	html: Use NEXTL in htmlParseHTMLAttribute This is more efficient than NEXT.
2099441f	2023-03-13T17:51:13	parser: Stop calling xmlParserInputShrink Introduce xmlParserShrink which takes a parser context to simplify error handling.
cabde70f	2023-03-12T19:07:23	parser: Simplify calculation of available buffer space
b75976e0	2023-03-12T19:06:19	parser: Use size_t when subtracting input buffer pointers Avoid integer overflows.
9a6ca816	2023-03-12T19:03:11	parser: Check for integer overflow when updating checkIndex Unfortunately, checkIndex is a long, not a size_t. Check for integer overflow before updating the value.
bd63d730	2023-03-12T17:40:55	html: Impose some length limits Impose length limits on names, attribute values, PIs and comments, similar to the XML parser.
3eb6bf03	2023-03-12T16:47:15	parser: Stop calling xmlParserInputGrow Introduce xmlParserGrow which takes a parser context to simplify error handling.
53d1cc98	2023-02-16T15:09:32	malloc-fail: Fix error code in htmlParseChunk Found with libFuzzer, see #344.
15b0ed08	2023-02-16T15:09:02	malloc-fail: Fix infinite loop in htmlParseDocTypeDecl Found with libFuzzer, see #344.
041789d9	2023-02-16T15:02:08	malloc-fail: Fix null deref in htmlnamePush Found with libFuzzer, see #344.
0ec9c910	2023-02-16T14:57:24	malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.
04c29551	2023-02-16T14:53:29	malloc-fail: Fix infinite loop in htmlParseContentInternal Found with libFuzzer, see #344.
f3e62035	2023-02-16T14:49:06	malloc-fail: Fix memory leak in htmlCreatePushParserCtxt Found with libFuzzer, see #344.
fc256953	2023-02-16T14:47:41	malloc-fail: Fix memory leak in htmlCreateMemoryParserCtxt Found with libFuzzer, see #344.
643b4e90	2023-02-16T14:45:06	malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.
59b33661	2022-12-27T14:15:51	error: Limit number of parser errors Reporting errors is expensive and some abusive test cases can generate an error for each invalid input byte. This causes the parser to spend most of the time with error handling. Limit the number of errors and warnings to 100.
4b959ee1	2022-12-01T13:23:09	Remove hacky heuristic from b2dc5675e94aa6b5557ba63f7d66b0f08dd17e4d Checking whether the context is close to the parent context by hardcoding 250 is not portable (I noticed tests were failing on Morello since the value is 288 there due to pointers being 128 bits). Instead we should ensure that the XML_VCTXT_USE_PCTXT flag is not set in cases where the user data is not actually a parser context (or ideally add a separate field but that would be an ABI break. From what I can see in the source, the XML_VCTXT_USE_PCTXT is only set if the userData field points to a valid context, and if this is not the case the flag should be cleared when changing userData rather than relying on the offset between the two. Looking at the history, I think d7cb33cf44aa688f24215c9cd398c1a26f0d25ff fixed most of the need for this workaround, but it looks like there are a few more locations that need updating; This commit changes two more places to set/clear/copy the XML_VCTXT_USE_PCTXT flag, so this heuristic should not be needed anymore. I've also drop two = NULL assignment in xmllint since this is not needed after a call to memset(). There was also an uninitialized vctxt.flags (and other fields) in `xmlShellValidate()`, which I've fixed by adding a memset() call.
c715ded0	2022-12-01T12:53:15	Avoid creating an out-of-bounds pointer by rewriting a check Creating more than one-past-the-end pointers is undefined behaviour in C and while this code is unlikely to be miscompiled, I discovered that an out-of-bounds pointer is being created using UBSan on a CHERI-enabled system.
c7a9b85c	2022-11-30T17:11:33	html: Improve parsing of nested lists Allow ul/ol as immediate children of ul/ol. This is more in line with the HTML5 spec. Fixes #447.
e414f825	2022-11-25T15:01:22	html: Fix htmlInitAutoClose documentation
c9367938	2022-11-20T19:54:34	html: Fix check for end of comment in push parser Make sure to reset checkIndex. Handle case where "--" or "--!" is at the end of the buffer. Fix "avail" check in htmlParseOrTryFinish.
68a6518c	2022-11-15T18:23:33	parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.
6843fc72	2022-09-01T02:58:00	Remove or annotate char casts
2cac6269	2022-09-01T03:14:13	Don't use sizeof(xmlChar) or sizeof(char)
ad338ca7	2022-09-01T01:18:30	Remove explicit integer casts Remove explicit integer casts as final operation - in assignments - when passing arguments - when returning values Remove casts - to the same type - from certain range-bound values The main motivation is that these explicit casts don't change the result of operations and only render UBSan's implicit-conversion checks useless. Removing these casts allows UBSan to detect cases where truncation or sign-changes occur unexpectedly. Document some explicit casts as truncating and add a few missing ones.
65dc8a63	2022-09-01T00:13:19	Make xmlNewSAXParserCtx take a const sax handler Also improve documentation.
0f568c0b	2022-08-26T01:22:33	Consolidate private header files Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.
58fc89e8	2022-08-25T20:57:30	Deprecate internal parser functions
a308c0cd	2022-08-25T20:18:16	Deprecate old HTML SAX API
9a82b94a	2022-08-24T04:21:58	Introduce xmlNewSAXParserCtxt and htmlNewSAXParserCtxt Add API functions to create a parser context with a custom SAX handler without having to mess with ctxt->sax manually.
0a04db19	2022-08-24T14:06:00	Don't mess with parser options in htmlParseDocument Don't set ctxt->html. This member should already be initialized. Set ctxt->linenumbers in htmlCtxtUseOptions like the XML parser does.
d45263a2	2022-08-24T14:04:35	Remove useless call to htmlDefaultSAXHandlerInit This function is already called from xmlInitParser.
4b184240	2022-08-22T14:11:15	Remove htmlDefaultSAXHandler from non-SAX1 build This matches long-standing behavior of the XML counterpart.
80bd34c3	2022-08-22T14:06:37	Don't initialize SAX handler in htmlReadMemory The SAX handler is already initialized when creating the parser context.
37cedc0b	2022-08-22T14:04:07	Fix htmlReadMemory mixing up XML and HTML functions Also see fe6890e2.
920753c4	2022-08-22T13:46:50	Don't use default SAX handler to report unrelated errors
38f04779	2022-08-22T13:33:35	Fix HTML parser with threads and --without-legacy If the legacy functions are disabled, the default "V1" HTML SAX handler isn't initialized in threads other than the main thread. htmlInitParserCtxt would later use the empty V1 SAX handler, resulting in NULL documents. Change htmlInitParserCtxt to initialize the HTML SAX handler by calling xmlSAX2InitHtmlDefaultSAXHandler. This removes the ability to change the default handler but is more in line with the XML parser which initializes the SAX handler by calling xmlSAXVersion, ignoring the V1 default handler. Fixes #399.
5b2d07a7	2022-08-20T17:00:50	Use xmlStrlen in *CtxtReadDoc xmlStrlen handles buffers larger than INT_MAX more gracefully.
4ad71c2d	2022-08-20T16:19:34	Fix xmlCtxtReadDoc with encoding xmlCtxtReadDoc used to create an input stream involving xmlNewStringInputStream. This would create a stream without an input buffer, causing problems with encodings (see #34). After commit aab584dc3, an error was returned even with UTF-8 encodings which happened to work before. Make xmlCtxtReadDoc call xmlCtxtReadMemory which doesn't suffer from these issues. Also fix htmlCtxtReadDoc. Fixes #397.
e986d09c	2022-07-15T14:02:26	Skip incorrectly opened HTML comments Commit 4fd69f3e fixed handling of '<' characters not followed by an ASCII letter. But a '<!' sequence followed by invalid characters should be treated as bogus comment and skipped. Fixes #380.
6722d22c	2022-07-15T13:26:41	Reduce indentation in HTMLparser.c No functional change.
a82ea25f	2022-07-28T21:35:17	Also reset nsNr in htmlCtxtReset
44e9118c	2022-04-08T12:33:17	Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() * HTMLparser.c: (htmlSkipBlankChars): * parser.c: (xmlSkipBlankChars): - Cap the return value at INT_MAX. - The commit range that OSS-Fuzz listed for the fix didn't make any changes to xmlSkipBlankChars(), so it seems like this issue may still exist. Found by OSS-Fuzz Issue 44803.
40483d0c	2022-03-06T13:55:48	Deprecate module init and cleanup functions These functions shouldn't be part of the public API. Most init functions are only thread-safe when called from xmlInitParser. Global variables should only be cleaned up by calling xmlCleanupParser.
ebb17970	2022-03-04T02:31:59	Remove unneeded #includes
d7b287b9	2021-07-17T14:36:53	htmlParseComment: handle abruptly-closed comments See guidance provided on abrutply-closed comments here: https://html.spec.whatwg.org/multipage/parsing.html#parse-error-abrupt-closing-of-empty-comment
776d15d3	2022-03-02T00:29:17	Don't check for standard C89 headers Don't check for - ctype.h - errno.h - float.h - limits.h - math.h - signal.h - stdarg.h - stdlib.h - string.h - time.h Stop including non-standard headers - malloc.h - strings.h
4fd69f3e	2022-02-22T18:15:53	Fix recovery from invalid HTML start tags Only try to parse a start tag if there's a '<' followed by an ASCII letter. This is more in line with HTML5 and the old behavior in recovery mode. Emit a literal '<' if the following character is invalid. Fixes #101. Fixes #339.

1112699c

2024-06-17T02:42:18

legacy: Remove most legacy functions from public headers Also remove warning messages.

039ce1e8

2024-06-14T16:41:43

parser: Pass global object to sax->setDocumentLocator Revert part of commit c011e760. Fixes #732.

89fcae4d

2024-06-11T16:19:58

parser: Don't report malloc failures when creating context We don't want messages to stderr before an error handler could be set on a parser context.

e75e878e

2024-05-20T13:58:22

doc: Update and fix documentation

a4c2b723

2024-05-05T17:26:31

io: Don't set close callback in xmlParserInputBufferCreateFd

05654cfe

2024-04-28T17:54:20

html: Deprecate htmlHandleOmittedElem

aa04838e

2024-03-26T14:10:58

html: Use binary search in htmlEntityValueLookup

3efbe916

2024-01-05T00:11:29

parser: Mark 'token' member as unused in xmlParserCtxt

b82fd81d

2024-01-04T23:25:06

parser: Rework xmlCtxtParseDocument Make xmlCtxtParseDocument take a parser input which can be popped after parsing.

7e0bbbc1

2023-12-27T18:33:30

parser: New input API Provide a new set of functions to create xmlParserInputs. These can be used for the document entity or from external entity loaders. - Don't require xmlParserInputBuffer. - All functions take a base URI. - All functions take an encoding as string. - xmlNewInputURL also takes a public ID. - xmlNewInputMemory takes a size_t. - Optimization hints for memory buffers. Improve documentation. Only call xmlInitParser before allocating a new parser context. Call xmlCtxtUseOptions as early as possible.

6a9a88a1

2023-12-26T03:13:05

parser: Move progressive flag into input struct

d944a415

2023-12-26T02:10:35

parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.

477a7ed8

2023-12-28T19:06:32

html: Abort earlier on fatal errors

c1bddd4c

2023-12-23T01:09:17

parser: Mark 'length' member of xmlParserInput as unused

955c177f

2023-12-23T00:58:36

parser: Stop using 'directory' struct member This was only used as a pointless fallback for URI resolution.

8cd56317

2023-12-21T02:32:01

html: Don't close fd in htmlCtxtReadFd Long-standing bug. The XML fix from 2003 was never ported to the HTML parser. htmlReadFd was fixed with fe6890e2.

13043691

2023-12-20T00:33:34

parser: Rename xmlErrParser to xmlCtxtErr

8d0aaf4b

2023-12-19T20:47:36

parser: Remove xmlErrEncoding Use xmlFatalErr or xmlCtxtErrIO.

54c70ed5

2023-12-18T19:31:29

parser: Improve error handling Introduce xmlCtxtSetErrorHandler allowing to set a structured error for a parser context. There already was the "serror" SAX handler but this always receives the parser context as argument. Start to use xmlRaiseMemoryError. Remove useless arguments from memory error functions. Rename xmlErrMemory to xmlCtxtErrMemory. Remove a few calls to xmlGenericError. Remove support for runtime entity debugging.

c2bbeed1

2023-12-12T23:51:32

io: Fix memory lifetime issue with input buffers xmlParserInputBufferCreateMem must make a copy of the buffer. This fixes a regression from 2.11 which could cause reads from freed memory depending on the use case. Undeprecate xmlParserInputBufferCreateStatic which can avoid copying the whole buffer.

abd74186

2023-12-10T19:07:32

html: Report malloc failures Fix many places where malloc failures aren't reported. Stop checking for ctxt->instate.

c011e760

2023-12-06T01:09:31

globals: Remove unused globals from thread storage Setting these deprecated globals hasn't had an effect for a long time. Make them constants. This reduces the size of per-thread storage from ~700 to ~250 bytes.

c7629c9e

2023-11-30T16:52:34

parser: Clarify documentation regarding xmlReadMemory buffer size Fixes #638.

e3959461

2023-11-30T16:15:46

html: Reenable buggy detection of XML declarations Switch to UTF-8 if a document starts with '<?xm' to match old behavior. Also enable this check in the push parser. Fixes #637.

ff6c3188

2023-11-23T15:22:59

include: Remove useless 'const' from function arguments

b9db3d7d

2023-09-22T15:45:20

parser: Simplify xmlStringCurrentChar Start to move away from using this function.

8c084ebd

2023-09-21T22:57:33

doc: Make apibuild.py happy

c5890716

2023-09-21T17:01:35

html: Fix logic in htmlAutoClose Note that the function is never called with a NULL newtag. Fixes #591.

9b5cce7a

2023-09-21T00:44:50

include: Remove more unnecessary includes

11a1839d

2023-09-20T17:54:48

globals: Move remaining globals back to correct header files This undoes a lot of damage.

4e1c13eb

2023-09-18T14:45:10

debug: Remove debugging code This is barely useful these days and only clutters the code base.

e48f2695

2023-08-29T17:41:18

parser: Remove push parser debugging code

0d24fc0a

2023-08-14T12:53:49

html: Remove encoding hack in htmlCreateFileParserCtxt Switch encoding directly instead of calling htmlCheckEncoding with faked content.

5db5a704

2023-08-09T18:39:14

html: Fix UAF in htmlCurrentChar Short-lived regression found by OSS-Fuzz.

95e81a36

2023-08-08T15:21:31

parser: Decode all data in xmlCharEncInput Even with flush set to true, xmlCharEncInput didn't guarantee to decode all data. This complicated the push parser. Remove the flush flag and always decode all available data. Also fix ICU code where the flush flag has a different meaning. Always set flush to false and retry even with empty input buffers.

834b8123

2023-08-08T15:21:28

parser: Stream data when reading from memory Don't create a copy of the whole input buffer. Read the data chunk by chunk to save memory. Historically, it was probably envisioned to read data from memory without additional copying. This doesn't work reliably with the current design of the XML parser which requires a terminating null byte at the end of input buffers. This lead to xmlReadMemory interfaces, which expect pointer and size arguments, being changed to make a zero-terminated copy of the input buffer. Interfaces based on xmlReadDoc, which actually expect a zero-terminated string and would make zero-copy operation work, were then simplified to rely on xmlReadMemoryi, resulting in an unnecessary copy. To avoid copying (possibly gigabytes) of memory temporarily, we now stream in-memory input just like content read from files in a chunk-by-chunk fashion (using a somewhat outdated INPUT_CHUNK size of 250 bytes). As a side effect, we also avoid another copy of the whole input when handling non-UTF-8 data which was made possible by some earlier commits. Interfaces expecting zero-terminated strings now make use of strnlen which unfortunately isn't part of the standard C library and only mandated since POSIX 2008.

facc2a06

2023-08-08T15:21:21

parser: Don't overwrite EOF parser state

59fa0bb3

2023-08-08T15:21:14

parser: Simplify input pointer updates The base member always points to the beginning of the buffer.

ec7be506

2023-08-08T15:19:46

parser: Rework encoding detection Introduce XML_INPUT_HAS_ENCODING flag for xmlParserInput which is set when xmlSwitchEncoding is called. The parser can use the flag to reliably detect whether an encoding was already set via user override, BOM or other auto-detection. In this case, the encoding declaration won't be used to switch the encoding. Before, an inscrutable mix of ctxt->charset, ctxt->input->encoding and ctxt->input->buf->encoder was used. Introduce private helper functions to switch encodings used by both the XML and HTML parser: - xmlDetectEncoding which skips over the BOM, allowing to remove the BOM checks from other encoding functions. - xmlSetDeclaredEncoding, replacing htmlCheckEncodingDirect, which warns about encoding mismatches. If users override the encoding, store the declared instead of the actual encoding in xmlDoc. In this case, the actual encoding is known and the raw value from the doc is more useful. Also use the input flags to store the ISO-8859-1 fallback state. Restrict the fallback to cases where no encoding was specified. (The fallback is only useful in recovery mode and these days broken UTF-8 is probably more likely than ISO-8859-1, so it might eventually be removed completely.) The 'charset' member of xmlParserCtxt is now unused. The 'encoding' member of xmlParserInput is now unused. The 'standalone' member of xmlParserInput is renamed to 'flags'. A new parser state XML_PARSER_XML_DECL is added for the push parser.

3a64f394

2023-08-08T15:19:25

html: Remove some debugging code in htmlParseTryOrFinish

20f5c734

2023-06-07T14:05:34

parser: Recover more input from encoding errors Don't halt the parser in xmlParserGrow to allow more input to be recovered in case of encoding errors. Fixes #543.

320f5084

2023-04-30T18:25:09

parser: Improve handling of encoding and IO errors Make sure that xmlCharEncInput, xmlParserInputBufferPush and xmlParserInputBufferGrow set the correct error code in the xmlParserInputBuffer. Handle errors when calling these functions.

1061537e

2023-03-26T22:40:54

malloc-fail: Fix buffer overread with HTML doctype declarations Found by OSS-Fuzz, see #344.

7fbd454d

2023-03-21T13:26:36

parser: Grow input buffer earlier when reading characters Make more bytes available after invoking CUR_CHAR or NEXT.

04d1bedd

2023-03-21T13:08:44

parser: Rework shrinking of input buffers Don't try to grow the input buffer in xmlParserShrink. This makes sure that no memory allocations are made and the function always succeeds. Remove unnecessary invocations of SHRINK. Invoke SHRINK at the end of DTD parsing loops. Shrink before growing.

44ecefc8

2023-03-20T15:52:38

malloc-fail: Fix buffer overread after htmlParseScript Found by OSS-Fuzz, see #344.

067986fa

2023-03-18T14:44:28

parser: Fix regressions from previous commits - Fix memory leak in xmlParseNmtoken. - Fix buffer overread after htmlParseCharDataInternal.

9ef2a9ab

2023-03-17T14:06:28

html: Rely on CUR_CHAR to grow the input buffer - Remove useless invocations of GROW. - Add some error checks. - Fix invocations of SHRINK.

62f199ed

2023-03-17T12:40:46

malloc-fail: Add error check in htmlParseHTMLAttribute This function must return NULL is an error occurs. Found by OSS-Fuzz, see #344.

8090e585

2023-03-17T12:27:07

malloc-fail: Fix buffer overread in htmlParseScript Found by OSS-Fuzz, see #344.

ca2bfece

2023-03-15T16:18:11

malloc-fail: Fix buffer overread when reading from input Found by OSS-Fuzz, see #344.

4b3452d1

2023-03-15T16:56:36

html: Fix quadratic behavior in htmlParseTryOrFinish Fix check for end of script content. Found by OSS-Fuzz.

14c62e0d

2023-03-15T16:22:13

html: Use NEXTL in htmlParseHTMLAttribute This is more efficient than NEXT.

2099441f

2023-03-13T17:51:13

parser: Stop calling xmlParserInputShrink Introduce xmlParserShrink which takes a parser context to simplify error handling.

cabde70f

2023-03-12T19:07:23

parser: Simplify calculation of available buffer space

b75976e0

2023-03-12T19:06:19

parser: Use size_t when subtracting input buffer pointers Avoid integer overflows.

9a6ca816

2023-03-12T19:03:11

parser: Check for integer overflow when updating checkIndex Unfortunately, checkIndex is a long, not a size_t. Check for integer overflow before updating the value.

bd63d730

2023-03-12T17:40:55

html: Impose some length limits Impose length limits on names, attribute values, PIs and comments, similar to the XML parser.

3eb6bf03

2023-03-12T16:47:15

parser: Stop calling xmlParserInputGrow Introduce xmlParserGrow which takes a parser context to simplify error handling.

53d1cc98

2023-02-16T15:09:32

malloc-fail: Fix error code in htmlParseChunk Found with libFuzzer, see #344.

15b0ed08

2023-02-16T15:09:02

malloc-fail: Fix infinite loop in htmlParseDocTypeDecl Found with libFuzzer, see #344.

041789d9

2023-02-16T15:02:08

malloc-fail: Fix null deref in htmlnamePush Found with libFuzzer, see #344.

0ec9c910

2023-02-16T14:57:24

malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.

04c29551

2023-02-16T14:53:29

malloc-fail: Fix infinite loop in htmlParseContentInternal Found with libFuzzer, see #344.

f3e62035

2023-02-16T14:49:06

malloc-fail: Fix memory leak in htmlCreatePushParserCtxt Found with libFuzzer, see #344.

fc256953

2023-02-16T14:47:41

malloc-fail: Fix memory leak in htmlCreateMemoryParserCtxt Found with libFuzzer, see #344.

643b4e90

2023-02-16T14:45:06

malloc-fail: Fix infinite loop in htmlParseStartTag Found with libFuzzer, see #344.

59b33661

2022-12-27T14:15:51

error: Limit number of parser errors Reporting errors is expensive and some abusive test cases can generate an error for each invalid input byte. This causes the parser to spend most of the time with error handling. Limit the number of errors and warnings to 100.

4b959ee1

2022-12-01T13:23:09

Remove hacky heuristic from b2dc5675e94aa6b5557ba63f7d66b0f08dd17e4d Checking whether the context is close to the parent context by hardcoding 250 is not portable (I noticed tests were failing on Morello since the value is 288 there due to pointers being 128 bits). Instead we should ensure that the XML_VCTXT_USE_PCTXT flag is not set in cases where the user data is not actually a parser context (or ideally add a separate field but that would be an ABI break. From what I can see in the source, the XML_VCTXT_USE_PCTXT is only set if the userData field points to a valid context, and if this is not the case the flag should be cleared when changing userData rather than relying on the offset between the two. Looking at the history, I think d7cb33cf44aa688f24215c9cd398c1a26f0d25ff fixed most of the need for this workaround, but it looks like there are a few more locations that need updating; This commit changes two more places to set/clear/copy the XML_VCTXT_USE_PCTXT flag, so this heuristic should not be needed anymore. I've also drop two = NULL assignment in xmllint since this is not needed after a call to memset(). There was also an uninitialized vctxt.flags (and other fields) in `xmlShellValidate()`, which I've fixed by adding a memset() call.

c715ded0

2022-12-01T12:53:15

Avoid creating an out-of-bounds pointer by rewriting a check Creating more than one-past-the-end pointers is undefined behaviour in C and while this code is unlikely to be miscompiled, I discovered that an out-of-bounds pointer is being created using UBSan on a CHERI-enabled system.

c7a9b85c

2022-11-30T17:11:33

html: Improve parsing of nested lists Allow ul/ol as immediate children of ul/ol. This is more in line with the HTML5 spec. Fixes #447.

e414f825

2022-11-25T15:01:22

html: Fix htmlInitAutoClose documentation

c9367938

2022-11-20T19:54:34

html: Fix check for end of comment in push parser Make sure to reset checkIndex. Handle case where "--" or "--!" is at the end of the buffer. Fix "avail" check in htmlParseOrTryFinish.

68a6518c

2022-11-15T18:23:33

parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.

6843fc72

2022-09-01T02:58:00

Remove or annotate char casts

2cac6269

2022-09-01T03:14:13

Don't use sizeof(xmlChar) or sizeof(char)

ad338ca7

2022-09-01T01:18:30

Remove explicit integer casts Remove explicit integer casts as final operation - in assignments - when passing arguments - when returning values Remove casts - to the same type - from certain range-bound values The main motivation is that these explicit casts don't change the result of operations and only render UBSan's implicit-conversion checks useless. Removing these casts allows UBSan to detect cases where truncation or sign-changes occur unexpectedly. Document some explicit casts as truncating and add a few missing ones.

65dc8a63

2022-09-01T00:13:19

Make xmlNewSAXParserCtx take a const sax handler Also improve documentation.

0f568c0b

2022-08-26T01:22:33

Consolidate private header files Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.

58fc89e8

2022-08-25T20:57:30

Deprecate internal parser functions

a308c0cd

2022-08-25T20:18:16

Deprecate old HTML SAX API

9a82b94a

2022-08-24T04:21:58

Introduce xmlNewSAXParserCtxt and htmlNewSAXParserCtxt Add API functions to create a parser context with a custom SAX handler without having to mess with ctxt->sax manually.

0a04db19

2022-08-24T14:06:00

Don't mess with parser options in htmlParseDocument Don't set ctxt->html. This member should already be initialized. Set ctxt->linenumbers in htmlCtxtUseOptions like the XML parser does.

d45263a2

2022-08-24T14:04:35

Remove useless call to htmlDefaultSAXHandlerInit This function is already called from xmlInitParser.

4b184240

2022-08-22T14:11:15

Remove htmlDefaultSAXHandler from non-SAX1 build This matches long-standing behavior of the XML counterpart.

80bd34c3

2022-08-22T14:06:37

Don't initialize SAX handler in htmlReadMemory The SAX handler is already initialized when creating the parser context.

37cedc0b

2022-08-22T14:04:07

Fix htmlReadMemory mixing up XML and HTML functions Also see fe6890e2.

920753c4

2022-08-22T13:46:50

Don't use default SAX handler to report unrelated errors

38f04779

2022-08-22T13:33:35

Fix HTML parser with threads and --without-legacy If the legacy functions are disabled, the default "V1" HTML SAX handler isn't initialized in threads other than the main thread. htmlInitParserCtxt would later use the empty V1 SAX handler, resulting in NULL documents. Change htmlInitParserCtxt to initialize the HTML SAX handler by calling xmlSAX2InitHtmlDefaultSAXHandler. This removes the ability to change the default handler but is more in line with the XML parser which initializes the SAX handler by calling xmlSAXVersion, ignoring the V1 default handler. Fixes #399.

5b2d07a7

2022-08-20T17:00:50

Use xmlStrlen in *CtxtReadDoc xmlStrlen handles buffers larger than INT_MAX more gracefully.

4ad71c2d

2022-08-20T16:19:34

Fix xmlCtxtReadDoc with encoding xmlCtxtReadDoc used to create an input stream involving xmlNewStringInputStream. This would create a stream without an input buffer, causing problems with encodings (see #34). After commit aab584dc3, an error was returned even with UTF-8 encodings which happened to work before. Make xmlCtxtReadDoc call xmlCtxtReadMemory which doesn't suffer from these issues. Also fix htmlCtxtReadDoc. Fixes #397.

e986d09c

2022-07-15T14:02:26

Skip incorrectly opened HTML comments Commit 4fd69f3e fixed handling of '<' characters not followed by an ASCII letter. But a '<!' sequence followed by invalid characters should be treated as bogus comment and skipped. Fixes #380.

6722d22c

2022-07-15T13:26:41

Reduce indentation in HTMLparser.c No functional change.

a82ea25f

2022-07-28T21:35:17

Also reset nsNr in htmlCtxtReset

44e9118c

2022-04-08T12:33:17

Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() * HTMLparser.c: (htmlSkipBlankChars): * parser.c: (xmlSkipBlankChars): - Cap the return value at INT_MAX. - The commit range that OSS-Fuzz listed for the fix didn't make any changes to xmlSkipBlankChars(), so it seems like this issue may still exist. Found by OSS-Fuzz Issue 44803.

40483d0c

2022-03-06T13:55:48

Deprecate module init and cleanup functions These functions shouldn't be part of the public API. Most init functions are only thread-safe when called from xmlInitParser. Global variables should only be cleaned up by calling xmlCleanupParser.

ebb17970

2022-03-04T02:31:59

Remove unneeded #includes

d7b287b9

2021-07-17T14:36:53

htmlParseComment: handle abruptly-closed comments See guidance provided on abrutply-closed comments here: https://html.spec.whatwg.org/multipage/parsing.html#parse-error-abrupt-closing-of-empty-comment

776d15d3

2022-03-02T00:29:17

Don't check for standard C89 headers Don't check for - ctype.h - errno.h - float.h - limits.h - math.h - signal.h - stdarg.h - stdlib.h - string.h - time.h Stop including non-standard headers - malloc.h - strings.h

4fd69f3e

2022-02-22T18:15:53

Fix recovery from invalid HTML start tags Only try to parse a start tag if there's a '<' followed by an ASCII letter. This is more in line with HTML5 and the old behavior in recovery mode. Emit a literal '<' if the following character is invalid. Fixes #101. Fixes #339.

kc3-lang/libxml2/HTMLparser.c

HTMLparser.c

Log