kmx git

Commit	Date	Message
87bebd25	2024-02-12T16:45:16	xmllint: Return error code if XPath returns empty nodeset Return an error code as before but make it possible to distinguish from real errors. Fixes #690.
a9e73f11	2024-02-11T12:47:09	catalog: Remove Windows hack Shouldn't be necessary after commit 865520f0. Fixes #688.
b53562bd	2024-02-11T12:33:02	examples: Readd xpath1 test This was removed for some reason in fc119e32. Fixes #685.
13962b06	2023-10-15T13:56:34	xmlreader: Clean up error handling Make sure that xmlTextReaderRead returns -1 immediately if the reader is in an error state.
ddda373e	2024-02-06T12:53:03	xmlreader: Make xmlTextReaderValidateEntity return an error code This makes sure that xmlTextReaderRead returns -1 if a memory allocation fails.
2807df9a	2024-02-06T12:07:19	valid: Fix another use-after-free in xmlAddIDSafe Short-lived regression.
2963a097	2024-02-05T15:35:54	xpath: Report malloc failure in xmlXPathTranslateFunction
1a66b176	2023-10-14T22:45:54	[CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking Fixes a use-after-free if XML Reader if used with DTD validation and XInclude expansion. Fixes #604.
921ab01e	2024-02-04T14:08:44	c14n: Improve error handling Stop raising meaningless internal errors.
70da4c08	2024-02-04T13:30:32	valid: Fix use-after-free in xmlAddIDSafe Short-lived regression.
d463733f	2024-02-01T19:31:03	fuzz: Reenable malloc failure check when serializing
cf875194	2024-02-01T19:26:42	valid: Deprecate old DTD serialization API
fbe10a46	2024-02-01T19:01:57	save: Move DTD serialization code to xmlsave.c
84e50a0c	2024-02-01T17:02:24	fuzz: Don't check for malloc failures when serializing DTD serialization doesn't report malloc failures yet.
6aae1767	2024-02-01T15:18:26	tree: Fix error condition in xmlNodeListGetString Don't return NULL in case of undeclared entities.
4a8f707b	2024-02-01T13:55:20	Update .gitignore
0d170aca	2024-02-01T11:51:58	io: Report malloc failure in xmlOutputBufferWrite Fixes #676.
2835337a	2024-01-30T14:18:45	doc: Mark `xmllint --xpath` as experimental This feature was poorly thought-out.
6b089473	2024-01-30T13:37:16	doc: Update xmllint man page after fixing #180 Fixes #673.
95f2a174	2024-01-30T13:25:17	parser: Fix crash in xmlParseInNodeContext with HTML documents Ignore namespaces if we have an HTML document with namespaces added manually. Fixes #672.
2e19d0ef	2024-01-26T11:39:51	SAX2: Make sure that OOM errors aren't overwritten
12ce9b5f	2024-01-25T12:52:14	dict: Fix warnings with older clang
8961056f	2024-01-23T00:47:44	parser: Make experimental input API private This needs to be reworked.
63986c45	2024-01-22T21:02:16	parser: Report fatal error if document entity couldn't be loaded Only lower error level when loading entities. Fixes #667.
37d474ff	2024-01-17T14:19:42	xpath: Fix return of empty node-set in xmlXPathNodeCollectAndTest Don't return NULL node-sets. Ultimately, we should make sure that obj->nodesetval is always non-NULL even for empty node-sets. See #663.
df618f08	2024-01-15T17:15:02	tests: Add test for issue #661
d636ef1d	2024-01-11T00:43:44	tests: Remove testOOM This was never part of the standard test suite and we now test OOM error handling more comprehensively with fuzz testing.
24059ae9	2024-01-10T18:02:20	autotools: Readd --with-xptr-locs configuration option The option was removed accidentally in 4e4c89a4.
29f4d69e	2024-01-10T16:02:33	xpath: Report malloc failure in xmlXPtrEvalXPtrPart
6dc2fdb2	2024-01-07T14:30:57	parser: Account for full size of non-well-formed entities Account for the full size of the entity if parsing stops because of errors. In our cost model, we have to assume that the entity loader processes the whole entity regardless of its content.
29beef65	2024-01-02T21:50:38	parser: Pop inputs if parsing DTD failed This should provide some statistics in ctxt->sizeentcopy even in the error or recovery case.
2cebf209	2024-01-10T15:37:50	gitlab-ci: Disable Python tests on MinGW for now See #658.
57c68759	2024-01-07T20:44:40	SAX2: Limit entity URI length to 2000 bytes Avoid quadratic behavior when loading entities with long URIs multiple times. This limitation could be dropped if we cached external entities.
02a2038d	2024-01-10T14:17:49	parser: Handle NOCDATA properly when expanding entities Short-lived regression from e1153832.
fd801845	2024-01-07T15:19:58	fuzz: Cap URL size Cap URL size to avoid quadratic behavior when generating error messages.
83c1ae13	2024-01-07T15:40:23	fuzz: Add missing include Fix build failure.
e1153832	2024-01-07T01:29:37	parser: Fix quadratic behavior when copying entities Process the first and last text node with the SAX handler to make the text merging optimization kick in. Fixes #657.
d2b55a7a	2024-01-05T20:31:10	writer: Implement xmlTextWriterClose This function can be used to make sure that closing the output stream succeeded. Fixes #513.
f237e5b9	2024-01-05T15:40:23	parser: Avoid duplicate namespace errors Don't report an extra attribute uniqueness error if a namespace is undeclared. This matches old behavior.
02cc5c36	2024-01-05T04:17:14	parser: Add XML_PARSE_NO_XXE parser option
12f0bb94	2024-01-05T01:14:28	parser: Synchronize more options
3efbe916	2024-01-05T00:11:29	parser: Mark 'token' member as unused in xmlParserCtxt
b82fd81d	2024-01-04T23:25:06	parser: Rework xmlCtxtParseDocument Make xmlCtxtParseDocument take a parser input which can be popped after parsing.
c2b3294f	2024-01-04T21:20:51	fuzz: Abort on invalid UTF-8 The parser should never generate invalid UTF-8 these days even in recovery mode.
df098e3b	2023-12-22T12:02:08	Set LIBXML2_FOUND if it has been properly configured
d7d300ba	2024-01-04T17:50:11	parser: Remove remnants of runtime debugging feature Apparently, this feature was remove long ago. Fixes #651.
8c5848bd	2024-01-04T17:14:31	parser: Make xmlParseContent more useful This is an internal function which isn't really usable without some hacks. See WebKit/Chromium trying to recreate the effects of xmlDetectSAX2 manually, for example. Make xmlParseContent perform late initialization and check whether the content was fully parsed. Also rename xmlDetectSAX2 and document why it's needed.
65c65b65	2024-01-04T13:59:23	tests: Move away from global error handlers
07c05546	2024-01-04T02:48:02	error: Make xmlFormatError public This is a useful function to get a verbose error report. Allows to remove duplicated code from runtest.c. Also reactivate check for schema parser failures.
d0eb5a7e	2024-01-03T18:12:29	parser: Remove xmlErrEncodingInt Convert the last user to xmlFatalErr.
f30b9b23	2024-01-03T18:11:44	fuzz: Add assertion in xmlCopyCharMultibyte This is an internal function that should never receive out-of-range codepoints.
a7356dfe	2024-01-03T18:02:46	parser: Clear invalid entity content This was removed in earlier commits, but we really want to make sure that entity content is syntactically valid.
30d83977	2024-01-04T15:18:14	fuzz: Disable catalogs The catalogs API doesn't report OOM errors. It's basically impossible to use it safely in its current form.
ca5965d5	2024-01-02T21:49:43	save: Report more malloc failures
2c9cd0b6	2024-01-02T18:51:24	fuzz: Abort on internal errors
661ef936	2024-01-02T18:50:59	valid: Fix some error codes
0821efc8	2024-01-02T18:33:57	encoding: Check whether encoding handlers support input/output The "HTML" encoding handler doesn't support input which could lead to a wrong error report.
85f99023	2024-01-02T17:52:43	parser: Fix buffer size checks Don't test size of remaining data. This causes false positives with memory buffers. Also impose XML_MAX_HUGE_LENGTH limit when parsing with XML_PARSE_HUGE.
e8fb3d63	2024-01-02T17:45:54	parser: Convert some "internal errors" to meaningful codes
9912c369	2024-01-02T17:23:59	SAX2: Enforce size limit in xmlSAX2Text with XML_PARSE_HUGE
5cb4b05c	2024-01-02T17:16:22	parser: Lower maximum entity nesting depth Limit entity nesting depth to 20 or 40 with XML_PARSE_HUGE. Change error code to XML_ERR_RESOURCE_LIMIT.
a2cc7f5f	2024-01-02T17:02:21	parser: Set depth limit to 2048 with XML_PARSE_HUGE Deeply nested documents can cause performance problems, so the nesting depth should always be limited to a reasonable value. Also remove the global xmlParserMaxDepth setting which isn't thread-safe and seems unused.
875bb084	2023-09-07T03:25:45	parser: Implement xmlCtxtSetOptions Surprisingly, some options can only be enabled with xmlCtxtUseOptions and it's impossible to unset them. Add a new API function xmlCtxtSetOptions which sets or clears all options. Finally document all parser options. Make sure to synchronize option bits and struct members.
33ec407a	2023-09-07T03:33:09	parser: Always prefer option members over bitmask If an option has an extra member in xmlParserCtxt, it takes precedence over the value from the options bitmask. Fix a few places where this was ignored.
22fd571f	2023-09-06T22:15:20	parser: Don't modify SAX2 handler if XML_PARSE_SAX1 is set It's a bad idea to modify members of the SAX handler struct for option state management. Ideally, ctxt->options should be the preferred source of truth.
37c6618b	2023-12-30T02:50:34	parser: Rework parsing of attribute and entity values Don't use a separate function to handle "complex" attributes. Validate UTF-8 byte sequences without decoding. This should improve performance considerably when parsing multi-byte UTF-8 sequences. Use a string buffer to avoid unnecessary allocations and copying when expanding entities. Normalize attribute values in a single pass while expanding entities. Be more lenient in recovery mode. If no entity substitution was requested, validate entities without expanding. Fixes #596. Also fixes #655.
4dcc2d74	2024-01-02T14:04:44	save: Output U+FFFD replacement characters This degrades more gracefully and helps to diagnose errors. We stop raising errors for now, since there's no way to report malloc failures during error handling yet.
2b79f106	2023-12-29T21:07:04	parser: Simplify entity size accounting
08d9b258	2023-12-29T15:20:56	parser: Support namespace scope in NsData struct The previous approach of recreating the NsData struct was flawed.
5de48d12	2023-12-29T14:41:40	parser: Simplify error handling when parsing entities
f0dc52d0	2023-12-29T06:00:20	parser: Move cleanup of element stacks to xmlParseContent
a1ed589b	2023-12-29T23:12:06	parser: Avoid unwanted expansion of parameter entities Remove PE handling from xmlSkipBlankChars and add a separate version that handles PEs. Only call xmlSkipBlankCharsPE when parsing DTD constructs. This should make sure that PEs don't get expanded accidentally, for example in text declarations.
16b0dbc1	2023-12-29T18:47:30	parser: Fix XML_ERR_UNSUPPORTED_ENCODING errors Commit 45157261 added the check in the wrong place. Also allow unsupported encoding in xmlNewInputInternal. Fixes #654.
e45a4d71	2023-12-29T00:00:21	io: Always forward IO errors to global handler The HTTP module raises errors without context. This won't be fixed, so send them to the global error handler.
a73483ed	2023-12-29T00:22:02	parser: Remove extraneous error message This is not an "internal error" but some other error reported elsewhere.
7e0bbbc1	2023-12-27T18:33:30	parser: New input API Provide a new set of functions to create xmlParserInputs. These can be used for the document entity or from external entity loaders. - Don't require xmlParserInputBuffer. - All functions take a base URI. - All functions take an encoding as string. - xmlNewInputURL also takes a public ID. - xmlNewInputMemory takes a size_t. - Optimization hints for memory buffers. Improve documentation. Only call xmlInitParser before allocating a new parser context. Call xmlCtxtUseOptions as early as possible.
45157261	2023-12-27T21:30:13	parser: Downgrade XML_ERR_UNSUPPORTED_ENCODING to warning If the actual encoding is UTF-8 or ASCII, we don't want to fail.
24b7144f	2023-12-27T15:50:58	parser: More refactoring of entity parsing Remove xmlCreateEntityParserCtxtInternal. Rework xmlNewEntityInputStream.
d3ceea0b	2023-12-27T15:18:09	parser: Fix encoding handling in xmlParserInputBufferCreateIO Don't pass encoding to xmlParserInputBufferCreateIO but use xmlSwitchEncoding to make sure that the encoding sticks.
d025cfbb	2023-12-27T03:53:24	parser: Always copy content from entity to target. Make sure that references from IDs are updated. Note that if there are IDs with the same value in a document, the last one will now be returned. IDs should be unique, but maybe this should be addressed.
6337ff79	2023-12-27T03:29:13	parser: Simplify control flow in xmlParseReference
579186f2	2023-12-27T03:03:26	parser: Remove xmlSetEntityReferenceFunc feature This has been deprecated for a long time.
b848338c	2023-12-27T01:46:40	parser: More refactoring of entity loading This sets input->entity also for general entities.
4ecc85d2	2023-12-27T00:44:16	parser: Push general entity input streams on the stack This allows the error handler to give more context.
a5dcf0f4	2023-12-26T03:27:23	parser: Mark more parser context members as unused
6a9a88a1	2023-12-26T03:13:05	parser: Move progressive flag into input struct
4f14fe9c	2023-12-26T02:44:38	parser: Remove remaining ctxt->instate checks Now ctxt->instate is only used for push parser states.
d944a415	2023-12-26T02:10:35	parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.
477a7ed8	2023-12-28T19:06:32	html: Abort earlier on fatal errors
5f319304	2023-12-28T19:05:51	SAX2: Fix error code Today I learned that the TSCII character encoding [1] can blow up the size of text 12 times when converted to UTF-8: $ printf '\x82' \|iconv -f TSCII -t UTF-8 \|hexdump -C 00000000 e0 ae b8 e0 af 8d e0 ae b0 e0 af 80 0000000c [1] https://en.wikipedia.org/wiki/Tamil_Script_Code_for_Information_Interchange
ab631971	2023-12-28T17:07:03	uri: Keep fragment intact when resolving filesystem paths
b8313b58	2023-12-26T21:59:08	xpath: Rewrite substring-before and substring-after Don't use buffers. Check malloc failures.
3874e5d0	2023-12-26T01:42:23	tests: Remove unneeded error formatting code
2a2fbe1e	2023-12-28T16:42:03	xinclude: Only set xml:base if necessary
8a685a3d	2023-12-26T00:42:22	xinclude: Allow empty nodesets There's no reason to treat an empty nodeset as error.
f3fa34dc	2023-12-26T22:37:26	parser: Fix general entity parsing Clear namespace database. Ignore non-fatal errors.
ecfbcc8a	2023-12-25T04:33:00	parser: Rework general entity parsing Don't create a new parser context but reuse the existing one. This exposes bug #601 in a more obvious way.
c2ef78f7	2023-12-24T23:56:57	io: Fix close error handling There's no way to report error codes from closing an output buffer yet.
6d27c549	2023-12-24T17:59:02	io: Fix read/write error handling Handle short reads/writes from fd. Fix stdio error handling.
0bef93bf	2023-12-23T04:03:41	io: More refactoring and unescaping fixes Merge Windows wrappers into relevant functions. Remove more unnecessary unescaping. Merge OpenW into Open functions. Use unbuffered IO for output.

87bebd25

2024-02-12T16:45:16

xmllint: Return error code if XPath returns empty nodeset Return an error code as before but make it possible to distinguish from real errors. Fixes #690.

a9e73f11

2024-02-11T12:47:09

catalog: Remove Windows hack Shouldn't be necessary after commit 865520f0. Fixes #688.

b53562bd

2024-02-11T12:33:02

examples: Readd xpath1 test This was removed for some reason in fc119e32. Fixes #685.

13962b06

2023-10-15T13:56:34

xmlreader: Clean up error handling Make sure that xmlTextReaderRead returns -1 immediately if the reader is in an error state.

ddda373e

2024-02-06T12:53:03

xmlreader: Make xmlTextReaderValidateEntity return an error code This makes sure that xmlTextReaderRead returns -1 if a memory allocation fails.

2807df9a

2024-02-06T12:07:19

valid: Fix another use-after-free in xmlAddIDSafe Short-lived regression.

2963a097

2024-02-05T15:35:54

xpath: Report malloc failure in xmlXPathTranslateFunction

1a66b176

2023-10-14T22:45:54

[CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking Fixes a use-after-free if XML Reader if used with DTD validation and XInclude expansion. Fixes #604.

921ab01e

2024-02-04T14:08:44

c14n: Improve error handling Stop raising meaningless internal errors.

70da4c08

2024-02-04T13:30:32

valid: Fix use-after-free in xmlAddIDSafe Short-lived regression.

d463733f

2024-02-01T19:31:03

fuzz: Reenable malloc failure check when serializing

cf875194

2024-02-01T19:26:42

valid: Deprecate old DTD serialization API

fbe10a46

2024-02-01T19:01:57

save: Move DTD serialization code to xmlsave.c

84e50a0c

2024-02-01T17:02:24

fuzz: Don't check for malloc failures when serializing DTD serialization doesn't report malloc failures yet.

6aae1767

2024-02-01T15:18:26

tree: Fix error condition in xmlNodeListGetString Don't return NULL in case of undeclared entities.

4a8f707b

2024-02-01T13:55:20

Update .gitignore

0d170aca

2024-02-01T11:51:58

io: Report malloc failure in xmlOutputBufferWrite Fixes #676.

2835337a

2024-01-30T14:18:45

doc: Mark `xmllint --xpath` as experimental This feature was poorly thought-out.

6b089473

2024-01-30T13:37:16

doc: Update xmllint man page after fixing #180 Fixes #673.

95f2a174

2024-01-30T13:25:17

parser: Fix crash in xmlParseInNodeContext with HTML documents Ignore namespaces if we have an HTML document with namespaces added manually. Fixes #672.

2e19d0ef

2024-01-26T11:39:51

SAX2: Make sure that OOM errors aren't overwritten

12ce9b5f

2024-01-25T12:52:14

dict: Fix warnings with older clang

8961056f

2024-01-23T00:47:44

parser: Make experimental input API private This needs to be reworked.

63986c45

2024-01-22T21:02:16

parser: Report fatal error if document entity couldn't be loaded Only lower error level when loading entities. Fixes #667.

37d474ff

2024-01-17T14:19:42

xpath: Fix return of empty node-set in xmlXPathNodeCollectAndTest Don't return NULL node-sets. Ultimately, we should make sure that obj->nodesetval is always non-NULL even for empty node-sets. See #663.

df618f08

2024-01-15T17:15:02

tests: Add test for issue #661

d636ef1d

2024-01-11T00:43:44

tests: Remove testOOM This was never part of the standard test suite and we now test OOM error handling more comprehensively with fuzz testing.

24059ae9

2024-01-10T18:02:20

autotools: Readd --with-xptr-locs configuration option The option was removed accidentally in 4e4c89a4.

29f4d69e

2024-01-10T16:02:33

xpath: Report malloc failure in xmlXPtrEvalXPtrPart

6dc2fdb2

2024-01-07T14:30:57

parser: Account for full size of non-well-formed entities Account for the full size of the entity if parsing stops because of errors. In our cost model, we have to assume that the entity loader processes the whole entity regardless of its content.

29beef65

2024-01-02T21:50:38

parser: Pop inputs if parsing DTD failed This should provide some statistics in ctxt->sizeentcopy even in the error or recovery case.

2cebf209

2024-01-10T15:37:50

gitlab-ci: Disable Python tests on MinGW for now See #658.

57c68759

2024-01-07T20:44:40

SAX2: Limit entity URI length to 2000 bytes Avoid quadratic behavior when loading entities with long URIs multiple times. This limitation could be dropped if we cached external entities.

02a2038d

2024-01-10T14:17:49

parser: Handle NOCDATA properly when expanding entities Short-lived regression from e1153832.

fd801845

2024-01-07T15:19:58

fuzz: Cap URL size Cap URL size to avoid quadratic behavior when generating error messages.

83c1ae13

2024-01-07T15:40:23

fuzz: Add missing include Fix build failure.

e1153832

2024-01-07T01:29:37

parser: Fix quadratic behavior when copying entities Process the first and last text node with the SAX handler to make the text merging optimization kick in. Fixes #657.

d2b55a7a

2024-01-05T20:31:10

writer: Implement xmlTextWriterClose This function can be used to make sure that closing the output stream succeeded. Fixes #513.

f237e5b9

2024-01-05T15:40:23

parser: Avoid duplicate namespace errors Don't report an extra attribute uniqueness error if a namespace is undeclared. This matches old behavior.

02cc5c36

2024-01-05T04:17:14

parser: Add XML_PARSE_NO_XXE parser option

12f0bb94

2024-01-05T01:14:28

parser: Synchronize more options

3efbe916

2024-01-05T00:11:29

parser: Mark 'token' member as unused in xmlParserCtxt

b82fd81d

2024-01-04T23:25:06

parser: Rework xmlCtxtParseDocument Make xmlCtxtParseDocument take a parser input which can be popped after parsing.

c2b3294f

2024-01-04T21:20:51

fuzz: Abort on invalid UTF-8 The parser should never generate invalid UTF-8 these days even in recovery mode.

df098e3b

2023-12-22T12:02:08

Set LIBXML2_FOUND if it has been properly configured

d7d300ba

2024-01-04T17:50:11

parser: Remove remnants of runtime debugging feature Apparently, this feature was remove long ago. Fixes #651.

8c5848bd

2024-01-04T17:14:31

parser: Make xmlParseContent more useful This is an internal function which isn't really usable without some hacks. See WebKit/Chromium trying to recreate the effects of xmlDetectSAX2 manually, for example. Make xmlParseContent perform late initialization and check whether the content was fully parsed. Also rename xmlDetectSAX2 and document why it's needed.

65c65b65

2024-01-04T13:59:23

tests: Move away from global error handlers

07c05546

2024-01-04T02:48:02

error: Make xmlFormatError public This is a useful function to get a verbose error report. Allows to remove duplicated code from runtest.c. Also reactivate check for schema parser failures.

d0eb5a7e

2024-01-03T18:12:29

parser: Remove xmlErrEncodingInt Convert the last user to xmlFatalErr.

f30b9b23

2024-01-03T18:11:44

fuzz: Add assertion in xmlCopyCharMultibyte This is an internal function that should never receive out-of-range codepoints.

a7356dfe

2024-01-03T18:02:46

parser: Clear invalid entity content This was removed in earlier commits, but we really want to make sure that entity content is syntactically valid.

30d83977

2024-01-04T15:18:14

fuzz: Disable catalogs The catalogs API doesn't report OOM errors. It's basically impossible to use it safely in its current form.

ca5965d5

2024-01-02T21:49:43

save: Report more malloc failures

2c9cd0b6

2024-01-02T18:51:24

fuzz: Abort on internal errors

661ef936

2024-01-02T18:50:59

valid: Fix some error codes

0821efc8

2024-01-02T18:33:57

encoding: Check whether encoding handlers support input/output The "HTML" encoding handler doesn't support input which could lead to a wrong error report.

85f99023

2024-01-02T17:52:43

parser: Fix buffer size checks Don't test size of remaining data. This causes false positives with memory buffers. Also impose XML_MAX_HUGE_LENGTH limit when parsing with XML_PARSE_HUGE.

e8fb3d63

2024-01-02T17:45:54

parser: Convert some "internal errors" to meaningful codes

9912c369

2024-01-02T17:23:59

SAX2: Enforce size limit in xmlSAX2Text with XML_PARSE_HUGE

5cb4b05c

2024-01-02T17:16:22

parser: Lower maximum entity nesting depth Limit entity nesting depth to 20 or 40 with XML_PARSE_HUGE. Change error code to XML_ERR_RESOURCE_LIMIT.

a2cc7f5f

2024-01-02T17:02:21

parser: Set depth limit to 2048 with XML_PARSE_HUGE Deeply nested documents can cause performance problems, so the nesting depth should always be limited to a reasonable value. Also remove the global xmlParserMaxDepth setting which isn't thread-safe and seems unused.

875bb084

2023-09-07T03:25:45

parser: Implement xmlCtxtSetOptions Surprisingly, some options can only be enabled with xmlCtxtUseOptions and it's impossible to unset them. Add a new API function xmlCtxtSetOptions which sets or clears all options. Finally document all parser options. Make sure to synchronize option bits and struct members.

33ec407a

2023-09-07T03:33:09

parser: Always prefer option members over bitmask If an option has an extra member in xmlParserCtxt, it takes precedence over the value from the options bitmask. Fix a few places where this was ignored.

22fd571f

2023-09-06T22:15:20

parser: Don't modify SAX2 handler if XML_PARSE_SAX1 is set It's a bad idea to modify members of the SAX handler struct for option state management. Ideally, ctxt->options should be the preferred source of truth.

37c6618b

2023-12-30T02:50:34

parser: Rework parsing of attribute and entity values Don't use a separate function to handle "complex" attributes. Validate UTF-8 byte sequences without decoding. This should improve performance considerably when parsing multi-byte UTF-8 sequences. Use a string buffer to avoid unnecessary allocations and copying when expanding entities. Normalize attribute values in a single pass while expanding entities. Be more lenient in recovery mode. If no entity substitution was requested, validate entities without expanding. Fixes #596. Also fixes #655.

4dcc2d74

2024-01-02T14:04:44

save: Output U+FFFD replacement characters This degrades more gracefully and helps to diagnose errors. We stop raising errors for now, since there's no way to report malloc failures during error handling yet.

2b79f106

2023-12-29T21:07:04

parser: Simplify entity size accounting

08d9b258

2023-12-29T15:20:56

parser: Support namespace scope in NsData struct The previous approach of recreating the NsData struct was flawed.

5de48d12

2023-12-29T14:41:40

parser: Simplify error handling when parsing entities

f0dc52d0

2023-12-29T06:00:20

parser: Move cleanup of element stacks to xmlParseContent

a1ed589b

2023-12-29T23:12:06

parser: Avoid unwanted expansion of parameter entities Remove PE handling from xmlSkipBlankChars and add a separate version that handles PEs. Only call xmlSkipBlankCharsPE when parsing DTD constructs. This should make sure that PEs don't get expanded accidentally, for example in text declarations.

16b0dbc1

2023-12-29T18:47:30

parser: Fix XML_ERR_UNSUPPORTED_ENCODING errors Commit 45157261 added the check in the wrong place. Also allow unsupported encoding in xmlNewInputInternal. Fixes #654.

e45a4d71

2023-12-29T00:00:21

io: Always forward IO errors to global handler The HTTP module raises errors without context. This won't be fixed, so send them to the global error handler.

a73483ed

2023-12-29T00:22:02

parser: Remove extraneous error message This is not an "internal error" but some other error reported elsewhere.

7e0bbbc1

2023-12-27T18:33:30

parser: New input API Provide a new set of functions to create xmlParserInputs. These can be used for the document entity or from external entity loaders. - Don't require xmlParserInputBuffer. - All functions take a base URI. - All functions take an encoding as string. - xmlNewInputURL also takes a public ID. - xmlNewInputMemory takes a size_t. - Optimization hints for memory buffers. Improve documentation. Only call xmlInitParser before allocating a new parser context. Call xmlCtxtUseOptions as early as possible.

45157261

2023-12-27T21:30:13

parser: Downgrade XML_ERR_UNSUPPORTED_ENCODING to warning If the actual encoding is UTF-8 or ASCII, we don't want to fail.

24b7144f

2023-12-27T15:50:58

parser: More refactoring of entity parsing Remove xmlCreateEntityParserCtxtInternal. Rework xmlNewEntityInputStream.

d3ceea0b

2023-12-27T15:18:09

parser: Fix encoding handling in xmlParserInputBufferCreateIO Don't pass encoding to xmlParserInputBufferCreateIO but use xmlSwitchEncoding to make sure that the encoding sticks.

d025cfbb

2023-12-27T03:53:24

parser: Always copy content from entity to target. Make sure that references from IDs are updated. Note that if there are IDs with the same value in a document, the last one will now be returned. IDs should be unique, but maybe this should be addressed.

6337ff79

2023-12-27T03:29:13

parser: Simplify control flow in xmlParseReference

579186f2

2023-12-27T03:03:26

parser: Remove xmlSetEntityReferenceFunc feature This has been deprecated for a long time.

b848338c

2023-12-27T01:46:40

parser: More refactoring of entity loading This sets input->entity also for general entities.

4ecc85d2

2023-12-27T00:44:16

parser: Push general entity input streams on the stack This allows the error handler to give more context.

a5dcf0f4

2023-12-26T03:27:23

parser: Mark more parser context members as unused

6a9a88a1

2023-12-26T03:13:05

parser: Move progressive flag into input struct

4f14fe9c

2023-12-26T02:44:38

parser: Remove remaining ctxt->instate checks Now ctxt->instate is only used for push parser states.

d944a415

2023-12-26T02:10:35

parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.

477a7ed8

2023-12-28T19:06:32

html: Abort earlier on fatal errors

5f319304

2023-12-28T19:05:51

SAX2: Fix error code Today I learned that the TSCII character encoding [1] can blow up the size of text 12 times when converted to UTF-8: $ printf '\x82' |iconv -f TSCII -t UTF-8 |hexdump -C 00000000 e0 ae b8 e0 af 8d e0 ae b0 e0 af 80 0000000c [1] https://en.wikipedia.org/wiki/Tamil_Script_Code_for_Information_Interchange

ab631971

2023-12-28T17:07:03

uri: Keep fragment intact when resolving filesystem paths

b8313b58

2023-12-26T21:59:08

xpath: Rewrite substring-before and substring-after Don't use buffers. Check malloc failures.

3874e5d0

2023-12-26T01:42:23

tests: Remove unneeded error formatting code

2a2fbe1e

2023-12-28T16:42:03

xinclude: Only set xml:base if necessary

8a685a3d

2023-12-26T00:42:22

xinclude: Allow empty nodesets There's no reason to treat an empty nodeset as error.

f3fa34dc

2023-12-26T22:37:26

parser: Fix general entity parsing Clear namespace database. Ignore non-fatal errors.

ecfbcc8a

2023-12-25T04:33:00

parser: Rework general entity parsing Don't create a new parser context but reuse the existing one. This exposes bug #601 in a more obvious way.

c2ef78f7

2023-12-24T23:56:57

io: Fix close error handling There's no way to report error codes from closing an output buffer yet.

6d27c549

2023-12-24T17:59:02

io: Fix read/write error handling Handle short reads/writes from fd. Fix stdio error handling.

0bef93bf

2023-12-23T04:03:41

io: More refactoring and unescaping fixes Merge Windows wrappers into relevant functions. Remove more unnecessary unescaping. Merge *OpenW into *Open functions. Use unbuffered IO for output.

kc3-lang/libxml2

Log