kmx git

Commit	Date	Message
9b5a57cf	2015-04-21T13:56:39	os400: implement CL command XMLCATALOG.
d76abc7b	2015-04-20T15:40:00	os400: compile and install program xmlcatalog (qshell-only).
2137326e	2015-04-20T15:00:58	xmlcatalog: flush stdout before interactive shell input.
cad1634e	2015-04-17T17:26:46	os400: expand tabs in sources, strip trailing blanks.
26db5e7a	2015-04-17T17:21:14	os400: implement CL command XMLLINT.
b1682bdb	2015-04-17T17:17:58	os400: compile and install program xmllint (qshell-only).
1463a91d	2015-04-17T17:09:13	os400: initscript make_module(): Use options instead of positional parameters.
11e805d3	2015-04-17T17:02:59	xmllint: flush stdout before interactive shell input.
44e49f47	2015-04-13T14:26:55	os400: c14n.rpgle: allow *omit for nullable reference parameters.
ae0b2240	2015-04-01T19:35:39	os400: use like() for double type.
155faa52	2015-04-01T18:52:37	os400: use like() for int type.
26202cf9	2015-04-01T15:39:45	os400: use like() for unsigned int type.
91e2e698	2015-04-01T15:23:57	os400: use like() for enum types.
2e354d74	2016-04-28T15:09:25	Add xz to xml2-config --libs output XML_LIBS should include LZMA_LIBS. This ensures that 'xml2-config --libs' shows -llzma when xz is enabled. Otherwise static link fails because of missing xz symbols.
839689a9	2016-04-27T18:00:12	Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression The ch1 slot of OP_VALUEs contains an invalid value. Ignore it. Fixes bug #760325: https://bugzilla.gnome.org/show_bug.cgi?id=760325
f39fd66e	2016-04-27T03:01:16	Fix namespace::node() XPath expression Make sure that xmlXPathNodeSetAddNs is called for namespace nodes when matched with a namespace::node() step. This correctly sets the parent of namespace nodes. Note that xmlXPathNodeSetAddNs must only be called if working on the namespace axis. Otherwise, the context node is not the parent of the namespace node and the standard XP_TEST_HIT macro must be invoked. This explains the errors in the C14N tests that the old TODO comment mentioned.
91ac664f	2016-04-26T14:47:56	Fix OOB write in xmlXPathEmptyNodeSet xmlXPathEmptyNodeSet would write a NULL pointer just beyond the end of the nodeTab array. This macro isn't used in libxml2, but in some of the math functions in libexslt where it can result in heap corruption and denial of service. Found by afl-fuzz and ASan.
e2893903	2016-04-21T19:19:23	Fix parsing of NCNames in XPath The NCName parser would allow any NameChar as start character. For example, the following XPath expressions would compile: self::-abc self::0abc self::.abc
96a5c17e	2016-04-21T19:03:47	Fix OOB read with invalid UTF-8 in xmlUTF8Strsize With certain invalid UTF-8, xmlUTF8Strsize can read up to 6 bytes beyond the end of the string and return the wrong size. This means that in xmlUTF8Strndup and similar code, some content behind the string is copied. But since the terminating \0 is copied as well, this probably can't be exploited to leak sensitive information. Found by afl-fuzz and ASan.
cad102b8	2016-04-15T22:41:24	Do normalize string-based datatype value in RelaxNG facet checking Original patch is from Jan Pokorný <jpokorny redhat com> https://mail.gnome.org/archives/xml/2013-November/msg00028.html Improve it according to reviews and add test files.
27aae651	2016-04-13T16:56:08	Fix typo: s{ ec -> cr }cipt Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
bb654feb	2016-04-13T16:56:07	Fix typos: dictio{ nn -> n }ar{y,ies} Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
9811ce78	2016-04-13T16:56:06	Fix typos: PATH_{ SEAPARATOR -> SEPARATOR } Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
d5bd2a9a	2016-04-03T05:14:44	Correct a typo.
c5ddd095	2016-01-20T20:41:44	Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix for "xmlSaveUri() incorrectly recomposes URIs with rootless paths" <https://bugzilla.gnome.org/show_bug.cgi?id=760921> * doc/examples/io1.res: Update expected result.
5be1a6e8	2016-01-19T11:38:52	Bug 760861: REGRESSION (bf9c1dad): Missing results for test/schemas/regexp-char-ref_[01].xsd <https://bugzilla.gnome.org/show_bug.cgi?id=760861> Add missing test results to fix the following errors when running "make Schemastests": ## Schemas regression tests diff: ./result/schemas/regexp-char-ref_0_0.err: No such file or directory diff: ./result/schemas/regexp-char-ref_1_0.err: No such file or directory * result/schemas/regexp-char-ref_0_0.err: Added. * result/schemas/regexp-char-ref_1_0.err: Added.
c4184ba2	2015-12-01T13:24:44	error.c: *input->cur == 0 does not mean no error Complements: ce0b0d0d81fdbb5
49bbfdb6	2016-03-14T15:53:16	Add missing RNG test files For https://bugzilla.gnome.org/show_bug.cgi?id=760249 Add missing test results from Bug 710744 for commit 6473a41a49601da8355c4b407b99474ada170213.
6e3af870	2016-01-05T16:11:28	Bug 760190: configure.ac should be able to build --with-icu without icu-config tool <https://bugzilla.gnome.org/show_bug.cgi?id=760190> * configure.ac: Add fallback tests if the icu-config tool is not installed (like on Mac OS X). This also allows an include prefix to be set using "--with-icu=/prefix/to/icu", similar to --with-iconv.
4f8606c1	2016-01-05T13:38:09	Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer <https://bugzilla.gnome.org/show_bug.cgi?id=760183> * parser.c: (xmlCheckCdataPush): Add 'complete' argument to describe whether the buffer passed in is the whole CDATA buffer, or if there is more data to parse. If there is more data to parse, don't return a negative value for an invalid multi-byte UTF-8 character that is split between buffers. (xmlParseTryOrFinish): Pass 'complete' argument to xmlCheckCdataPush() as appropriate. * result/cdata-2-byte-UTF-8.xml: Added. * result/cdata-2-byte-UTF-8.xml.rde: Added. * result/cdata-2-byte-UTF-8.xml.rdr: Added. * result/cdata-2-byte-UTF-8.xml.sax: Added. * result/cdata-2-byte-UTF-8.xml.sax2: Added. * result/cdata-3-byte-UTF-8.xml: Added. * result/cdata-3-byte-UTF-8.xml.rde: Added. * result/cdata-3-byte-UTF-8.xml.rdr: Added. * result/cdata-3-byte-UTF-8.xml.sax: Added. * result/cdata-3-byte-UTF-8.xml.sax2: Added. * result/cdata-4-byte-UTF-8.xml: Added. * result/cdata-4-byte-UTF-8.xml.rde: Added. * result/cdata-4-byte-UTF-8.xml.rdr: Added. * result/cdata-4-byte-UTF-8.xml.sax: Added. * result/cdata-4-byte-UTF-8.xml.sax2: Added. * result/noent/cdata-2-byte-UTF-8.xml: Added. * result/noent/cdata-3-byte-UTF-8.xml: Added. * result/noent/cdata-4-byte-UTF-8.xml: Added. * test/cdata-2-byte-UTF-8.xml: Added. * test/cdata-3-byte-UTF-8.xml: Added. * test/cdata-4-byte-UTF-8.xml: Added. - Add tests and results. Only 'make Readertests XMLPushtests' fails prior to the fix.
e6b97476	2016-03-07T20:16:41	Bug 758572: ASAN crash in make check <https://bugzilla.gnome.org/show_bug.cgi?id=758572> Instead of sending a random string length into API methods, compute the string length properly to fix out-of-bounds accesses caught with AddressSanitizer turned on. * testapi.c: (test_htmlCreateMemoryParserCtxt): (test_htmlCreatePushParserCtxt): (test_htmlCtxtReadMemory): (test_htmlParseChunk): (test_htmlReadMemory): (test_xmlDictExists): (test_xmlDictLookup): (test_xmlCreatePushParserCtxt): (test_xmlCtxtReadMemory): (test_xmlCtxtResetPush): (test_xmlParseChunk): (test_xmlParseInNodeContext): (test_xmlParseMemory): (test_xmlReadMemory): (test_xmlRecoverMemory): (test_xmlSAXParseMemory): (test_xmlSAXParseMemoryWithData): (test_xmlSAXUserParseMemory): (test_xmlCreateMemoryParserCtxt): (test_xmlRelaxNGNewMemParserCtxt): (test_xmlBufferAdd): (test_xmlBufferAddHead): (test_xmlBuildQName): (test_xmlDocDumpFormatMemory): (test_xmlDocDumpFormatMemoryEnc): (test_xmlDocDumpMemory): (test_xmlNewCDataBlock): (test_xmlNewDocTextLen): (test_xmlNewTextLen): (test_xmlNodeAddContentLen): (test_xmlNodeSetContentLen): (test_xmlSplitQName3): (test_xmlStringLenGetNodeList): (test_xmlTextConcat): (test_xmlOutputBufferWrite): (test_xmlParserInputBufferCreateMem): (test_xmlParserInputBufferCreateStatic): (test_xmlParserInputBufferPush): (test_xmlReaderForMemory): (test_xmlReaderNewMemory): (test_xmlSchemaNewMemParserCtxt): (test_xmlCharStrndup): (test_xmlStrncatNew): (test_xmlStrncmp): (test_xmlStrndup): (test_xmlStrsub): (test_xmlTextWriterWriteBase64): (test_xmlTextWriterWriteBinHex): (test_xmlTextWriterWriteRawLen):
783931fc	2016-03-02T12:48:51	Bug 721158: Missing ICU string when doing --version on xmllint <https://bugzilla.gnome.org/show_bug.cgi?id=721158> * xmllint.c: (showVersion): Add "ICU" to xmllint version string if libxml2 is built with ICU enabled.
65112cb3	2016-01-18T12:46:41	python 3: libxml2.c wrappers create Unicode str already ... so stop decoding these, which only results in "TypeError: 'str' does not support the buffer interface".
dfbacd4f	2016-03-07T13:46:28	win32\VC10\config.h and VS 2015 --047d7bacb4ee71848a052d7c673a Content-Type: text/plain; charset=UTF-8 The config.h file in win32\VC10 is incompatible with VS 2015 because VS 2015 provides an implementation of snprintf and prohibits using the preprocessor to define it. Therefor an ifdef check is needed around that definition in VC10\config.h. Here is a patch that is compatible with the change that we made to Chromium's copy:
0f84ee23	2016-02-09T17:55:40	Add autogen.sh to distrib For https://bugzilla.gnome.org/show_bug.cgi?id=761782 autogen.sh was not included in the tarball releases which complicates situations when users have to make changes to e.g. configure.ac andi have to re-generate configure.
b5ca2607	2016-02-09T17:23:48	Add configure maintainer mode For https://bugzilla.gnome.org/show_bug.cgi?id=761784 I wasn't able to build libxml2 because aclocal-1.13 was missing from my machine. With AM_MAINTAINER_MODE, I'm able to configure libxml2 with '--disable-maintainer-mode' which will disable checks for aclocal.
a7a94612	2016-02-09T12:55:29	Heap-based buffer overread in xmlNextChar For https://bugzilla.gnome.org/show_bug.cgi?id=759671 when the end of the internal subset isn't properly detected xmlParseInternalSubset should just return instead of trying to process input further.
6657afe8	2015-11-20T17:55:11	Release of libxml2-2.9.3 * configure.ac: updated * doc/*: regenerated
8fb4a770	2015-11-20T17:16:06	CVE-2015-8242 Buffer overead with HTML parser in push mode For https://bugzilla.gnome.org/show_bug.cgi?id=756372 Error in the code pointing to the codepoint in the stack for the current char value instead of the pointer in the input that the SAX callback expects Reported and fixed by Hugh Davenport
f1063fdb	2015-11-20T16:06:59	CVE-2015-7500 Fix memory access error due to incorrect entities boundaries For https://bugzilla.gnome.org/show_bug.cgi?id=756525 handle properly the case where we popped out of the current entity while processing a start tag Reported by Kostya Serebryany @ Google This slightly modifies the output of 754946 in regression tests
fdfeecc1	2015-11-20T15:07:38	Bug on creating new stream from entity sometimes the entity could have a lenght of 0, i.e. it wasn't parsed or used yet, and we ended up with an incoherent input state
3bd6ae14	2015-11-20T15:06:02	Fix some loop issues embedding NEXT Next can switch the parser back to XML_PARSER_EOF state, we need to consider those in loops consuming input
35bcb1d7	2015-11-20T15:04:09	Detect incoherency on GROW the current pointer to the input has to be between the base and end if not stop everything we have an internal state error.
ce0b0d0d	2015-11-20T15:01:22	Do not print error context when there is none Which now happens more frequently du to xmlHaltParser use
e3b15974	2015-11-20T14:59:30	Reuse xmlHaltParser() where it makes sense Unify the various place where either xmlStopParser was called (which resets the error as a side effect) and places where we used ctxt->instate = XML_PARSER_EOF to stop further processing
28cd9cb7	2015-11-20T14:55:30	Add xmlHaltParser() to stop the parser The problem is doing it in a consistent and safe fashion It's more complex than just setting ctxt->instate = XML_PARSER_EOF Update the public function to reuse that new internal routine
69030714	2015-11-20T11:13:45	CVE-2015-5312 Another entity expansion issue For https://bugzilla.gnome.org/show_bug.cgi?id=756733 It is one case where the code in place to detect entities expansions failed to exit when the situation was detected, leading to DoS Problem reported by Kostya Serebryany @ Google Patch provided by David Drysdale @ Google
6360a31a	2015-11-20T10:47:12	CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey For https://bugzilla.gnome.org/show_bug.cgi?id=756528 It was possible to hit a negative offset in the name indexing used to randomize the dictionary key generation Reported and fix provided by David Drysdale @ Google
53ac9c96	2015-11-09T18:16:00	xmlStopParser reset errNo I had used it in contexts where that information ought to be preserved
afd27c21	2015-11-09T18:07:18	Avoid processing entities after encoding conversion failures For https://bugzilla.gnome.org/show_bug.cgi?id=756527 and was also raised by Chromium team in the past When we hit a convwersion failure when switching encoding it is bestter to stop parsing there, this was treated as a fatal error but the parser was continuing to process to extract more errors, unfortunately that makes little sense as the data is obviously corrupt and can potentially lead to unexpected behaviour.
ab2b9a93	2015-11-03T20:40:49	Avoid extra processing of MarkupDecl when EOF For https://bugzilla.gnome.org/show_bug.cgi?id=756263 One place where ctxt->instate == XML_PARSER_EOF whic was set up by entity detection issues doesn't get noticed, and even overrided
18b89885	2015-11-03T15:46:29	Reenable xz support by default For https://bugzilla.gnome.org/show_bug.cgi?id=757466 problem was introduced by commit f3f86ff465c92c79f834d7b981f3c7274a8bb5c8 for https://bugzilla.gnome.org/show_bug.cgi?id=711026
f0709e3c	2015-11-03T15:31:25	CVE-2015-8035 Fix XZ compression support loop For https://bugzilla.gnome.org/show_bug.cgi?id=757466 DoS when parsing specially crafted XML document if XZ support is compiled in (which wasn't the case for 2.9.2 and master since Nov 2013, fixed in next commit !)
e724879d	2015-10-30T21:14:55	Fix parsing short unclosed comment uninitialized access For https://bugzilla.gnome.org/show_bug.cgi?id=746048 The HTML parser was too optimistic when processing comments and didn't check for the end of the stream on the first 2 characters
41ac9049	2015-10-27T10:53:44	Fix an error in previous Conditional section patch an off by one mistake in the change, led to error on correct document where the end of the included entity was exactly the end of the conditional section, leading to regtest failure
73c50805	2015-10-26T18:33:14	Correct spelling of "calling"
b40c1940	2015-10-23T19:35:02	Fix a small error in xmllint --format description Obviously it operates on the output not the input
bd0526e6	2015-10-23T19:02:28	Another variation of overflow in Conditional sections Which happen after the previous fix to https://bugzilla.gnome.org/show_bug.cgi?id=756456 But stopping the parser and exiting we didn't pop the intermediary entities and doing the SKIP there applies on an input which may be too small
cf77e605	2015-09-30T14:46:29	Add missing Null check in xmlParseExternalEntityPrivate For https://bugzilla.gnome.org/show_bug.cgi?id=755857 a case where we check for NULL but not everywhere
4a5d80ad	2015-09-18T15:06:46	Fix a bug in CData error handling in the push parser For https://bugzilla.gnome.org/show_bug.cgi?id=754947 The checking function was returning incorrect args in some cases Adds the test to teh reg suite and fix one of the existing test output
51f02b0a	2015-09-15T16:50:32	Fix a bug on name parsing at the end of current input buffer For https://bugzilla.gnome.org/show_bug.cgi?id=754946 When hitting the end of the current input buffer while parsing a name we could end up loosing the beginning of the name, which led to various issues.
ef709ce2	2015-09-10T19:41:41	Fix the spurious ID already defined error For https://bugzilla.gnome.org/show_bug.cgi?id=737840 the fix for 724903 introduced a regression on external entities carrying IDs, revert that patch in part and add a specific test to avoid readding it
3eaedba1	2015-07-11T14:27:34	Fix previous change to node sort order Commit ba58f23 broke comparison of nodes from different documents. Thanks to Olli Pottonen for the report.
73b2d73d	2015-07-03T20:58:33	Avoid XSS on the search of xmlsoft.org query string need to be escaped before being displayed back
140c251e	2015-06-30T11:36:28	Recover unescaped less-than character in HTML recovery parsing As pointed by Christian Schoenebeck <schoenebeck@crudebyte.com> on the list and based on some of his early patches, this preserve content when unescaped opening angle brackets are not escaped in textual content like: <p> a < b </p> <p> a <0 </p> <p> a <=0 </p> while still reporting the error.
58b84e1f	2015-06-30T10:47:16	Fix a self assignment issue raised by clang For https://bugzilla.gnome.org/show_bug.cgi?id=751679 Also added a few newline cleanups
709a9521	2015-06-29T16:10:26	Fail parsing early on if encoding conversion failed For https://bugzilla.gnome.org/show_bug.cgi?id=751631 If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors.
9aa37588	2015-06-29T09:08:25	Do not process encoding values if the declaration if broken For https://bugzilla.gnome.org/show_bug.cgi?id=751603 If the string is not properly terminated do not try to convert to the given encoding.
b02a167a	2015-04-14T13:51:01	Silence clang's -Wunknown-attribute Clang doesn't have perfect feature compatibility with GCC, unfortunately. https://bugzilla.gnome.org/show_bug.cgi?id=747870
22b0415a	2015-04-16T16:04:06	os400: fix various ILE/RPG types definitions. Adjust build scripts. - A typo caused an undefined symbol reference. - A structure field name did not match the corresponding C name due to a typo. - Some structured fields were not properly aligned. - The long/ulong types were wrongly mapped to 64-bit types. - A typo in a /include directive caused a compilation error. - Doc files copy now converts from UTF-8 and split long lines. - Adjust /include file name mapping translation for proper prefix handling.
213f1fe0	2015-04-14T17:41:48	CVE-2015-1819 Enforce the reader to run in constant memory One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect.
8985cde7	2015-04-13T16:32:14	xmlMemUsed is not thread-safe For https://bugzilla.gnome.org/show_bug.cgi?id=747437 just use the mutex to protect access to those variables
7607d9dd	2015-04-03T22:52:36	Allow HTML serializer to output HTML5 DOCTYPE For https://bugzilla.gnome.org/show_bug.cgi?id=747301 Use simple HTML5 DOCTYPE for about:legacy-compat HTML5 uses a DOCTYPE without a PUBLIC or SYSTEM identifier. It looks like this: <!DOCTYPE html> I can't use XSLT to output this, because to get a DOCTYPE I have to provide a PUBLIC or SYSTEM identifier. Luckily, the standards folks recognized this and provided this semantically equivalent form for the HTML DOCTYPE: <!DOCTYPE html SYSTEM "about:legacy-compat"> But people don't like seeing the "legacy" identifier in their output. They'd rather see the shiny new DOCTYPE. Since we know that about:legacy-compat is defined by the W3C to be semantically equivalent to the sans-SYSTEM DOCTYPE, we could just special-case it in the HTML serializer in libxml2. So if you set the SYSTEM identifier to "about:legacy-compat", you get an HTML5 short-form DOCTYPE.
2fab235d	2015-03-16T08:38:36	Fix support for except in nameclasses For https://bugzilla.gnome.org/show_bug.cgi?id=565219 The code was imply missing even if simple, added a few regression tests.
02b252d7	2015-03-08T17:00:37	Regression test for bug #695699
342658a1	2015-03-08T16:46:04	Add a couple of XPath tests
ba58f23c	2015-03-08T16:44:11	Fix order of root nodes Make sure root nodes are sorted before other nodes.
f6aaabce	2015-03-08T16:05:26	Allow attributes on descendant-or-self axis If the context node is an attribute, the attribute itself is on the descendant-or-self axis. The principal node type of this axis is element, so the only node test that can return the attribute is "node()". In other words, "@attr/descendant-or-self::node()" is equivalent to "@attr". This matches the behavior of Saxon-CE.
620a7061	2015-03-03T19:40:06	Fix the fix to Windows locking For https://bugzilla.gnome.org/show_bug.cgi?id=737851 Unfortunately this change has introduced a problem which results in occasional hangs on Windows when running multi-threaded on a multi-core host. When locking the xmlRMutex the count field is increment inside the critical section but when unlocking the count field is decremented outside the critical section. The increment/decrement is not atomic so this can result in the count field being updated incorrectly. The solution is to change xmlRMutexUnlock to decrement the count field before leaving the critical section rather than after.
9b987f8c	2015-02-27T14:55:49	Fix timsort invariant loop re: Envisage article See http://envisage-project.eu/proving-android-java-and-python-sorting-algorithm-is-broken-and-how-to-fix-it/ We use a "runLen" array of size 128, so it should be nearly impossible to have our implementation overflow. But in any case, the fix is relatively simple -- checking two extra conditions in the invariant calculation. I also took this opportunity to remove some redundancy in the left/right merge logic in the invariant loop.
9b851233	2015-02-23T11:29:20	Cleanup conditional section error handling For https://bugzilla.gnome.org/show_bug.cgi?id=744980 The error handling of Conditional Section also need to be straightened as the structure of the document can't be guessed on a failure there and it's better to stop parsing as further errors are likely to be irrelevant.
a7dfab74	2015-02-23T11:17:35	Stop parsing on entities boundaries errors For https://bugzilla.gnome.org/show_bug.cgi?id=744980 There are times, like on unterminated entities that it's preferable to stop parsing, even if that means less error reporting. Entities are feeding the parser on further processing, and if they are ill defined then it's possible to get the parser to bug. Also do the same on Conditional Sections if the input is broken, as the structure of the document can't be guessed.
fb8e9e21	2015-02-18T22:47:13	Add Python 3 rpm subpackage Allow compilation and packaging of both python2 and python3 when present
32119739	2014-12-29T20:44:06	libxml2-config.cmake.in: update include directories Align the include directories on those from the pkg-config module. Signed-off-by: Samuel Martin <s.martin49@gmail.com>
220a7bae	2014-12-23T21:28:37	Don't add IDs in xmlSetTreeDoc This partially reverts my previous commit fixing bug #741919.
fff8a6b8	2014-12-22T11:12:12	threads: use forward declarations only for glibc Fixes bug #704908 The declarations of pthread functions, used to generate weak references to them, fail to suppress macros. Thus, if any pthread function has been provided as a macro, compiling threads.c will fail. This breaks on musl libc, which defines pthread_equal as a macro (in addition to providing the function, as required). Prevent the declarations for e.g. musl libc by refining the condition. The idea for this solution was borrowed from the alpine linux guys, see http://git.alpinelinux.org/cgit/aports/tree/main/libxml2/libxml2-pthread.patch Signed-off-by: Michael Heimpold <mhei@heimpold.de>
f54d6a92	2014-12-19T00:08:35	Account for ID attributes in xmlSetTreeDoc
7580ce0a	2014-10-28T18:13:53	Update Win32 configure.js to search for configure.ac as configure.in was renamed
57941042	2014-10-26T18:08:04	Remove various unused value assignments As detected by Coverity (CIDs 60467–60472). https://bugzilla.gnome.org/show_bug.cgi?id=739220
df23f584	2014-10-23T13:52:47	Adding example from bugs 738805 to regression tests For https://bugzilla.gnome.org/show_bug.cgi?id=738805 Tortuous test case provided by pierre.labastie@neuf.fr
72a46a51	2014-10-23T11:35:36	Fix missing entities after CVE-2014-3660 fix For https://bugzilla.gnome.org/show_bug.cgi?id=738805 The fix for CVE-2014-3660 introduced a regression in some case where entity substitution is required and the entity is used first in anotther entity referenced from an attribute value
f65128f3	2014-10-17T17:13:41	Revert "Missing initialization for the catalog module" This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7. As this break xmlcatalog command https://bugzilla.redhat.com/show_bug.cgi?id=1153753
726f67e2	2014-10-16T15:40:16	Release of libxml2-2.9.2
2fcdb424	2014-10-16T15:39:41	Forgot to add the cmake Makefile
be2a7eda	2014-10-16T13:59:47	Fix for CVE-2014-3660 Issues related to the billion laugh entity expansion which happened to escape the initial set of fixes
500c54ef	2014-10-16T12:17:20	fix memory leak xml header encoding field with XML_PARSE_IGNORE_ENC When the xml parser encounters an xml encoding in an xml header while configured with option XML_PARSE_IGNORE_ENC, it fails to free memory allocated for storing the encoding. The patch below fixes this. How to reproduce: 1. Change doc/examples/parse4.c to add xmlCtxtUseOptions(ctxt, XML_PARSE_IGNORE_ENC); after the call to xmlCreatePushParserCtxt. 2. Rebuild 3. run the following command from the top libxml2 directory: LD_LIBRARY_PATH=.libs/ valgrind --leak-check=full ./doc/examples/.libs/parse4 ./test.xml , where test.xml contains following input: <?xml version="1.0" encoding="UTF-81" ?><hi/> valgrind will report: ==1964== 10 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==1964== at 0x4C272DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==1964== by 0x4E88497: xmlParseEncName (parser.c:10224) ==1964== by 0x4E888FE: xmlParseEncodingDecl (parser.c:10295) ==1964== by 0x4E89630: xmlParseXMLDecl (parser.c:10534) ==1964== by 0x4E8B737: xmlParseTryOrFinish (parser.c:11293) ==1964== by 0x4E8E775: xmlParseChunk (parser.c:12283) Signed-off-by: Bart De Schuymer <bart at amplidata com>
974db365	2014-10-16T12:07:43	AC_CONFIG_FILES and executable bit
f3efaba3	2012-09-19T00:10:55	remove HAVE_CONFIG_H dependency in testlimits.c
c2450d8b	2013-11-28T22:42:08	fix some tabs mixing incompatible with python3
21fec499	2012-09-12T01:33:12	win32/libxml2.def.src after rebuild in doc

9b5a57cf

2015-04-21T13:56:39

os400: implement CL command XMLCATALOG.

d76abc7b

2015-04-20T15:40:00

os400: compile and install program xmlcatalog (qshell-only).

2137326e

2015-04-20T15:00:58

xmlcatalog: flush stdout before interactive shell input.

cad1634e

2015-04-17T17:26:46

os400: expand tabs in sources, strip trailing blanks.

26db5e7a

2015-04-17T17:21:14

os400: implement CL command XMLLINT.

b1682bdb

2015-04-17T17:17:58

os400: compile and install program xmllint (qshell-only).

1463a91d

2015-04-17T17:09:13

os400: initscript make_module(): Use options instead of positional parameters.

11e805d3

2015-04-17T17:02:59

xmllint: flush stdout before interactive shell input.

44e49f47

2015-04-13T14:26:55

os400: c14n.rpgle: allow *omit for nullable reference parameters.

ae0b2240

2015-04-01T19:35:39

os400: use like() for double type.

155faa52

2015-04-01T18:52:37

os400: use like() for int type.

26202cf9

2015-04-01T15:39:45

os400: use like() for unsigned int type.

91e2e698

2015-04-01T15:23:57

os400: use like() for enum types.

2e354d74

2016-04-28T15:09:25

Add xz to xml2-config --libs output XML_LIBS should include LZMA_LIBS. This ensures that 'xml2-config --libs' shows -llzma when xz is enabled. Otherwise static link fails because of missing xz symbols.

839689a9

2016-04-27T18:00:12

Don't recurse into OP_VALUEs in xmlXPathOptimizeExpression The ch1 slot of OP_VALUEs contains an invalid value. Ignore it. Fixes bug #760325: https://bugzilla.gnome.org/show_bug.cgi?id=760325

f39fd66e

2016-04-27T03:01:16

Fix namespace::node() XPath expression Make sure that xmlXPathNodeSetAddNs is called for namespace nodes when matched with a namespace::node() step. This correctly sets the parent of namespace nodes. Note that xmlXPathNodeSetAddNs must only be called if working on the namespace axis. Otherwise, the context node is not the parent of the namespace node and the standard XP_TEST_HIT macro must be invoked. This explains the errors in the C14N tests that the old TODO comment mentioned.

91ac664f

2016-04-26T14:47:56

Fix OOB write in xmlXPathEmptyNodeSet xmlXPathEmptyNodeSet would write a NULL pointer just beyond the end of the nodeTab array. This macro isn't used in libxml2, but in some of the math functions in libexslt where it can result in heap corruption and denial of service. Found by afl-fuzz and ASan.

e2893903

2016-04-21T19:19:23

Fix parsing of NCNames in XPath The NCName parser would allow any NameChar as start character. For example, the following XPath expressions would compile: self::-abc self::0abc self::.abc

96a5c17e

2016-04-21T19:03:47

Fix OOB read with invalid UTF-8 in xmlUTF8Strsize With certain invalid UTF-8, xmlUTF8Strsize can read up to 6 bytes beyond the end of the string and return the wrong size. This means that in xmlUTF8Strndup and similar code, some content behind the string is copied. But since the terminating \0 is copied as well, this probably can't be exploited to leak sensitive information. Found by afl-fuzz and ASan.

cad102b8

2016-04-15T22:41:24

Do normalize string-based datatype value in RelaxNG facet checking Original patch is from Jan Pokorný <jpokorny redhat com> https://mail.gnome.org/archives/xml/2013-November/msg00028.html Improve it according to reviews and add test files.

27aae651

2016-04-13T16:56:08

Fix typo: s{ ec -> cr }cipt Signed-off-by: Jan Pokorný <jpokorny@redhat.com>

bb654feb

2016-04-13T16:56:07

Fix typos: dictio{ nn -> n }ar{y,ies} Signed-off-by: Jan Pokorný <jpokorny@redhat.com>

9811ce78

2016-04-13T16:56:06

Fix typos: PATH_{ SEAPARATOR -> SEPARATOR } Signed-off-by: Jan Pokorný <jpokorny@redhat.com>

d5bd2a9a

2016-04-03T05:14:44

Correct a typo.

c5ddd095

2016-01-20T20:41:44

Bug 760921: REGRESSION (8eb55d78): doc/examples/io1 test fails after fix for "xmlSaveUri() incorrectly recomposes URIs with rootless paths" <https://bugzilla.gnome.org/show_bug.cgi?id=760921> * doc/examples/io1.res: Update expected result.

5be1a6e8

2016-01-19T11:38:52

Bug 760861: REGRESSION (bf9c1dad): Missing results for test/schemas/regexp-char-ref_[01].xsd <https://bugzilla.gnome.org/show_bug.cgi?id=760861> Add missing test results to fix the following errors when running "make Schemastests": ## Schemas regression tests diff: ./result/schemas/regexp-char-ref_0_0.err: No such file or directory diff: ./result/schemas/regexp-char-ref_1_0.err: No such file or directory * result/schemas/regexp-char-ref_0_0.err: Added. * result/schemas/regexp-char-ref_1_0.err: Added.

c4184ba2

2015-12-01T13:24:44

error.c: *input->cur == 0 does not mean no error Complements: ce0b0d0d81fdbb5

49bbfdb6

2016-03-14T15:53:16

Add missing RNG test files For https://bugzilla.gnome.org/show_bug.cgi?id=760249 Add missing test results from Bug 710744 for commit 6473a41a49601da8355c4b407b99474ada170213.

6e3af870

2016-01-05T16:11:28

Bug 760190: configure.ac should be able to build --with-icu without icu-config tool <https://bugzilla.gnome.org/show_bug.cgi?id=760190> * configure.ac: Add fallback tests if the icu-config tool is not installed (like on Mac OS X). This also allows an include prefix to be set using "--with-icu=/prefix/to/icu", similar to --with-iconv.

4f8606c1

2016-01-05T13:38:09

Bug 760183: REGRESSION (v2.9.3): XML push parser fails with bogus UTF-8 encoding error when multi-byte character in large CDATA section is split across buffer <https://bugzilla.gnome.org/show_bug.cgi?id=760183> * parser.c: (xmlCheckCdataPush): Add 'complete' argument to describe whether the buffer passed in is the whole CDATA buffer, or if there is more data to parse. If there is more data to parse, don't return a negative value for an invalid multi-byte UTF-8 character that is split between buffers. (xmlParseTryOrFinish): Pass 'complete' argument to xmlCheckCdataPush() as appropriate. * result/cdata-2-byte-UTF-8.xml: Added. * result/cdata-2-byte-UTF-8.xml.rde: Added. * result/cdata-2-byte-UTF-8.xml.rdr: Added. * result/cdata-2-byte-UTF-8.xml.sax: Added. * result/cdata-2-byte-UTF-8.xml.sax2: Added. * result/cdata-3-byte-UTF-8.xml: Added. * result/cdata-3-byte-UTF-8.xml.rde: Added. * result/cdata-3-byte-UTF-8.xml.rdr: Added. * result/cdata-3-byte-UTF-8.xml.sax: Added. * result/cdata-3-byte-UTF-8.xml.sax2: Added. * result/cdata-4-byte-UTF-8.xml: Added. * result/cdata-4-byte-UTF-8.xml.rde: Added. * result/cdata-4-byte-UTF-8.xml.rdr: Added. * result/cdata-4-byte-UTF-8.xml.sax: Added. * result/cdata-4-byte-UTF-8.xml.sax2: Added. * result/noent/cdata-2-byte-UTF-8.xml: Added. * result/noent/cdata-3-byte-UTF-8.xml: Added. * result/noent/cdata-4-byte-UTF-8.xml: Added. * test/cdata-2-byte-UTF-8.xml: Added. * test/cdata-3-byte-UTF-8.xml: Added. * test/cdata-4-byte-UTF-8.xml: Added. - Add tests and results. Only 'make Readertests XMLPushtests' fails prior to the fix.

e6b97476

2016-03-07T20:16:41

Bug 758572: ASAN crash in make check <https://bugzilla.gnome.org/show_bug.cgi?id=758572> Instead of sending a random string length into API methods, compute the string length properly to fix out-of-bounds accesses caught with AddressSanitizer turned on. * testapi.c: (test_htmlCreateMemoryParserCtxt): (test_htmlCreatePushParserCtxt): (test_htmlCtxtReadMemory): (test_htmlParseChunk): (test_htmlReadMemory): (test_xmlDictExists): (test_xmlDictLookup): (test_xmlCreatePushParserCtxt): (test_xmlCtxtReadMemory): (test_xmlCtxtResetPush): (test_xmlParseChunk): (test_xmlParseInNodeContext): (test_xmlParseMemory): (test_xmlReadMemory): (test_xmlRecoverMemory): (test_xmlSAXParseMemory): (test_xmlSAXParseMemoryWithData): (test_xmlSAXUserParseMemory): (test_xmlCreateMemoryParserCtxt): (test_xmlRelaxNGNewMemParserCtxt): (test_xmlBufferAdd): (test_xmlBufferAddHead): (test_xmlBuildQName): (test_xmlDocDumpFormatMemory): (test_xmlDocDumpFormatMemoryEnc): (test_xmlDocDumpMemory): (test_xmlNewCDataBlock): (test_xmlNewDocTextLen): (test_xmlNewTextLen): (test_xmlNodeAddContentLen): (test_xmlNodeSetContentLen): (test_xmlSplitQName3): (test_xmlStringLenGetNodeList): (test_xmlTextConcat): (test_xmlOutputBufferWrite): (test_xmlParserInputBufferCreateMem): (test_xmlParserInputBufferCreateStatic): (test_xmlParserInputBufferPush): (test_xmlReaderForMemory): (test_xmlReaderNewMemory): (test_xmlSchemaNewMemParserCtxt): (test_xmlCharStrndup): (test_xmlStrncatNew): (test_xmlStrncmp): (test_xmlStrndup): (test_xmlStrsub): (test_xmlTextWriterWriteBase64): (test_xmlTextWriterWriteBinHex): (test_xmlTextWriterWriteRawLen):

783931fc

2016-03-02T12:48:51

Bug 721158: Missing ICU string when doing --version on xmllint <https://bugzilla.gnome.org/show_bug.cgi?id=721158> * xmllint.c: (showVersion): Add "ICU" to xmllint version string if libxml2 is built with ICU enabled.

65112cb3

2016-01-18T12:46:41

python 3: libxml2.c wrappers create Unicode str already ... so stop decoding these, which only results in "TypeError: 'str' does not support the buffer interface".

dfbacd4f

2016-03-07T13:46:28

win32\VC10\config.h and VS 2015 --047d7bacb4ee71848a052d7c673a Content-Type: text/plain; charset=UTF-8 The config.h file in win32\VC10 is incompatible with VS 2015 because VS 2015 provides an implementation of snprintf and prohibits using the preprocessor to define it. Therefor an ifdef check is needed around that definition in VC10\config.h. Here is a patch that is compatible with the change that we made to Chromium's copy:

0f84ee23

2016-02-09T17:55:40

Add autogen.sh to distrib For https://bugzilla.gnome.org/show_bug.cgi?id=761782 autogen.sh was not included in the tarball releases which complicates situations when users have to make changes to e.g. configure.ac andi have to re-generate configure.

b5ca2607

2016-02-09T17:23:48

Add configure maintainer mode For https://bugzilla.gnome.org/show_bug.cgi?id=761784 I wasn't able to build libxml2 because aclocal-1.13 was missing from my machine. With AM_MAINTAINER_MODE, I'm able to configure libxml2 with '--disable-maintainer-mode' which will disable checks for aclocal.

a7a94612

2016-02-09T12:55:29

Heap-based buffer overread in xmlNextChar For https://bugzilla.gnome.org/show_bug.cgi?id=759671 when the end of the internal subset isn't properly detected xmlParseInternalSubset should just return instead of trying to process input further.

6657afe8

2015-11-20T17:55:11

Release of libxml2-2.9.3 * configure.ac: updated * doc/*: regenerated

8fb4a770

2015-11-20T17:16:06

CVE-2015-8242 Buffer overead with HTML parser in push mode For https://bugzilla.gnome.org/show_bug.cgi?id=756372 Error in the code pointing to the codepoint in the stack for the current char value instead of the pointer in the input that the SAX callback expects Reported and fixed by Hugh Davenport

f1063fdb

2015-11-20T16:06:59

CVE-2015-7500 Fix memory access error due to incorrect entities boundaries For https://bugzilla.gnome.org/show_bug.cgi?id=756525 handle properly the case where we popped out of the current entity while processing a start tag Reported by Kostya Serebryany @ Google This slightly modifies the output of 754946 in regression tests

fdfeecc1

2015-11-20T15:07:38

Bug on creating new stream from entity sometimes the entity could have a lenght of 0, i.e. it wasn't parsed or used yet, and we ended up with an incoherent input state

3bd6ae14

2015-11-20T15:06:02

Fix some loop issues embedding NEXT Next can switch the parser back to XML_PARSER_EOF state, we need to consider those in loops consuming input

35bcb1d7

2015-11-20T15:04:09

Detect incoherency on GROW the current pointer to the input has to be between the base and end if not stop everything we have an internal state error.

ce0b0d0d

2015-11-20T15:01:22

Do not print error context when there is none Which now happens more frequently du to xmlHaltParser use

e3b15974

2015-11-20T14:59:30

Reuse xmlHaltParser() where it makes sense Unify the various place where either xmlStopParser was called (which resets the error as a side effect) and places where we used ctxt->instate = XML_PARSER_EOF to stop further processing

28cd9cb7

2015-11-20T14:55:30

Add xmlHaltParser() to stop the parser The problem is doing it in a consistent and safe fashion It's more complex than just setting ctxt->instate = XML_PARSER_EOF Update the public function to reuse that new internal routine

69030714

2015-11-20T11:13:45

CVE-2015-5312 Another entity expansion issue For https://bugzilla.gnome.org/show_bug.cgi?id=756733 It is one case where the code in place to detect entities expansions failed to exit when the situation was detected, leading to DoS Problem reported by Kostya Serebryany @ Google Patch provided by David Drysdale @ Google

6360a31a

2015-11-20T10:47:12

CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey For https://bugzilla.gnome.org/show_bug.cgi?id=756528 It was possible to hit a negative offset in the name indexing used to randomize the dictionary key generation Reported and fix provided by David Drysdale @ Google

53ac9c96

2015-11-09T18:16:00

xmlStopParser reset errNo I had used it in contexts where that information ought to be preserved

afd27c21

2015-11-09T18:07:18

Avoid processing entities after encoding conversion failures For https://bugzilla.gnome.org/show_bug.cgi?id=756527 and was also raised by Chromium team in the past When we hit a convwersion failure when switching encoding it is bestter to stop parsing there, this was treated as a fatal error but the parser was continuing to process to extract more errors, unfortunately that makes little sense as the data is obviously corrupt and can potentially lead to unexpected behaviour.

ab2b9a93

2015-11-03T20:40:49

Avoid extra processing of MarkupDecl when EOF For https://bugzilla.gnome.org/show_bug.cgi?id=756263 One place where ctxt->instate == XML_PARSER_EOF whic was set up by entity detection issues doesn't get noticed, and even overrided

18b89885

2015-11-03T15:46:29

Reenable xz support by default For https://bugzilla.gnome.org/show_bug.cgi?id=757466 problem was introduced by commit f3f86ff465c92c79f834d7b981f3c7274a8bb5c8 for https://bugzilla.gnome.org/show_bug.cgi?id=711026

f0709e3c

2015-11-03T15:31:25

CVE-2015-8035 Fix XZ compression support loop For https://bugzilla.gnome.org/show_bug.cgi?id=757466 DoS when parsing specially crafted XML document if XZ support is compiled in (which wasn't the case for 2.9.2 and master since Nov 2013, fixed in next commit !)

e724879d

2015-10-30T21:14:55

Fix parsing short unclosed comment uninitialized access For https://bugzilla.gnome.org/show_bug.cgi?id=746048 The HTML parser was too optimistic when processing comments and didn't check for the end of the stream on the first 2 characters

41ac9049

2015-10-27T10:53:44

Fix an error in previous Conditional section patch an off by one mistake in the change, led to error on correct document where the end of the included entity was exactly the end of the conditional section, leading to regtest failure

73c50805

2015-10-26T18:33:14

Correct spelling of "calling"

b40c1940

2015-10-23T19:35:02

Fix a small error in xmllint --format description Obviously it operates on the output not the input

bd0526e6

2015-10-23T19:02:28

Another variation of overflow in Conditional sections Which happen after the previous fix to https://bugzilla.gnome.org/show_bug.cgi?id=756456 But stopping the parser and exiting we didn't pop the intermediary entities and doing the SKIP there applies on an input which may be too small

cf77e605

2015-09-30T14:46:29

Add missing Null check in xmlParseExternalEntityPrivate For https://bugzilla.gnome.org/show_bug.cgi?id=755857 a case where we check for NULL but not everywhere

4a5d80ad

2015-09-18T15:06:46

Fix a bug in CData error handling in the push parser For https://bugzilla.gnome.org/show_bug.cgi?id=754947 The checking function was returning incorrect args in some cases Adds the test to teh reg suite and fix one of the existing test output

51f02b0a

2015-09-15T16:50:32

Fix a bug on name parsing at the end of current input buffer For https://bugzilla.gnome.org/show_bug.cgi?id=754946 When hitting the end of the current input buffer while parsing a name we could end up loosing the beginning of the name, which led to various issues.

ef709ce2

2015-09-10T19:41:41

Fix the spurious ID already defined error For https://bugzilla.gnome.org/show_bug.cgi?id=737840 the fix for 724903 introduced a regression on external entities carrying IDs, revert that patch in part and add a specific test to avoid readding it

3eaedba1

2015-07-11T14:27:34

Fix previous change to node sort order Commit ba58f23 broke comparison of nodes from different documents. Thanks to Olli Pottonen for the report.

73b2d73d

2015-07-03T20:58:33

Avoid XSS on the search of xmlsoft.org query string need to be escaped before being displayed back

140c251e

2015-06-30T11:36:28

Recover unescaped less-than character in HTML recovery parsing As pointed by Christian Schoenebeck <schoenebeck@crudebyte.com> on the list and based on some of his early patches, this preserve content when unescaped opening angle brackets are not escaped in textual content like: a a <0 a <=0 while still reporting the error.

58b84e1f

2015-06-30T10:47:16

Fix a self assignment issue raised by clang For https://bugzilla.gnome.org/show_bug.cgi?id=751679 Also added a few newline cleanups

709a9521

2015-06-29T16:10:26

Fail parsing early on if encoding conversion failed For https://bugzilla.gnome.org/show_bug.cgi?id=751631 If we fail conversing the current input stream while processing the encoding declaration of the XMLDecl then it's safer to just abort there and not try to report further errors.

9aa37588

2015-06-29T09:08:25

Do not process encoding values if the declaration if broken For https://bugzilla.gnome.org/show_bug.cgi?id=751603 If the string is not properly terminated do not try to convert to the given encoding.

b02a167a

2015-04-14T13:51:01

Silence clang's -Wunknown-attribute Clang doesn't have perfect feature compatibility with GCC, unfortunately. https://bugzilla.gnome.org/show_bug.cgi?id=747870

22b0415a

2015-04-16T16:04:06

os400: fix various ILE/RPG types definitions. Adjust build scripts. - A typo caused an undefined symbol reference. - A structure field name did not match the corresponding C name due to a typo. - Some structured fields were not properly aligned. - The long/ulong types were wrongly mapped to 64-bit types. - A typo in a /include directive caused a compilation error. - Doc files copy now converts from UTF-8 and split long lines. - Adjust /include file name mapping translation for proper prefix handling.

213f1fe0

2015-04-14T17:41:48

CVE-2015-1819 Enforce the reader to run in constant memory One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect.

8985cde7

2015-04-13T16:32:14

xmlMemUsed is not thread-safe For https://bugzilla.gnome.org/show_bug.cgi?id=747437 just use the mutex to protect access to those variables

7607d9dd

2015-04-03T22:52:36

Allow HTML serializer to output HTML5 DOCTYPE For https://bugzilla.gnome.org/show_bug.cgi?id=747301 Use simple HTML5 DOCTYPE for about:legacy-compat HTML5 uses a DOCTYPE without a PUBLIC or SYSTEM identifier. It looks like this: <!DOCTYPE html> I can't use XSLT to output this, because to get a DOCTYPE I have to provide a PUBLIC or SYSTEM identifier. Luckily, the standards folks recognized this and provided this semantically equivalent form for the HTML DOCTYPE: <!DOCTYPE html SYSTEM "about:legacy-compat"> But people don't like seeing the "legacy" identifier in their output. They'd rather see the shiny new DOCTYPE. Since we know that about:legacy-compat is defined by the W3C to be semantically equivalent to the sans-SYSTEM DOCTYPE, we could just special-case it in the HTML serializer in libxml2. So if you set the SYSTEM identifier to "about:legacy-compat", you get an HTML5 short-form DOCTYPE.

2fab235d

2015-03-16T08:38:36

Fix support for except in nameclasses For https://bugzilla.gnome.org/show_bug.cgi?id=565219 The code was imply missing even if simple, added a few regression tests.

02b252d7

2015-03-08T17:00:37

Regression test for bug #695699

342658a1

2015-03-08T16:46:04

Add a couple of XPath tests

ba58f23c

2015-03-08T16:44:11

Fix order of root nodes Make sure root nodes are sorted before other nodes.

f6aaabce

2015-03-08T16:05:26

Allow attributes on descendant-or-self axis If the context node is an attribute, the attribute itself is on the descendant-or-self axis. The principal node type of this axis is element, so the only node test that can return the attribute is "node()". In other words, "@attr/descendant-or-self::node()" is equivalent to "@attr". This matches the behavior of Saxon-CE.

620a7061

2015-03-03T19:40:06

Fix the fix to Windows locking For https://bugzilla.gnome.org/show_bug.cgi?id=737851 Unfortunately this change has introduced a problem which results in occasional hangs on Windows when running multi-threaded on a multi-core host. When locking the xmlRMutex the count field is increment inside the critical section but when unlocking the count field is decremented outside the critical section. The increment/decrement is not atomic so this can result in the count field being updated incorrectly. The solution is to change xmlRMutexUnlock to decrement the count field before leaving the critical section rather than after.

9b987f8c

2015-02-27T14:55:49

Fix timsort invariant loop re: Envisage article See http://envisage-project.eu/proving-android-java-and-python-sorting-algorithm-is-broken-and-how-to-fix-it/ We use a "runLen" array of size 128, so it should be nearly impossible to have our implementation overflow. But in any case, the fix is relatively simple -- checking two extra conditions in the invariant calculation. I also took this opportunity to remove some redundancy in the left/right merge logic in the invariant loop.

9b851233

2015-02-23T11:29:20

Cleanup conditional section error handling For https://bugzilla.gnome.org/show_bug.cgi?id=744980 The error handling of Conditional Section also need to be straightened as the structure of the document can't be guessed on a failure there and it's better to stop parsing as further errors are likely to be irrelevant.

a7dfab74

2015-02-23T11:17:35

Stop parsing on entities boundaries errors For https://bugzilla.gnome.org/show_bug.cgi?id=744980 There are times, like on unterminated entities that it's preferable to stop parsing, even if that means less error reporting. Entities are feeding the parser on further processing, and if they are ill defined then it's possible to get the parser to bug. Also do the same on Conditional Sections if the input is broken, as the structure of the document can't be guessed.

fb8e9e21

2015-02-18T22:47:13

Add Python 3 rpm subpackage Allow compilation and packaging of both python2 and python3 when present

32119739

2014-12-29T20:44:06

libxml2-config.cmake.in: update include directories Align the include directories on those from the pkg-config module. Signed-off-by: Samuel Martin <s.martin49@gmail.com>

220a7bae

2014-12-23T21:28:37

Don't add IDs in xmlSetTreeDoc This partially reverts my previous commit fixing bug #741919.

fff8a6b8

2014-12-22T11:12:12

threads: use forward declarations only for glibc Fixes bug #704908 The declarations of pthread functions, used to generate weak references to them, fail to suppress macros. Thus, if any pthread function has been provided as a macro, compiling threads.c will fail. This breaks on musl libc, which defines pthread_equal as a macro (in addition to providing the function, as required). Prevent the declarations for e.g. musl libc by refining the condition. The idea for this solution was borrowed from the alpine linux guys, see http://git.alpinelinux.org/cgit/aports/tree/main/libxml2/libxml2-pthread.patch Signed-off-by: Michael Heimpold <mhei@heimpold.de>

f54d6a92

2014-12-19T00:08:35

Account for ID attributes in xmlSetTreeDoc

7580ce0a

2014-10-28T18:13:53

Update Win32 configure.js to search for configure.ac as configure.in was renamed

57941042

2014-10-26T18:08:04

Remove various unused value assignments As detected by Coverity (CIDs 60467–60472). https://bugzilla.gnome.org/show_bug.cgi?id=739220

df23f584

2014-10-23T13:52:47

Adding example from bugs 738805 to regression tests For https://bugzilla.gnome.org/show_bug.cgi?id=738805 Tortuous test case provided by pierre.labastie@neuf.fr

72a46a51

2014-10-23T11:35:36

Fix missing entities after CVE-2014-3660 fix For https://bugzilla.gnome.org/show_bug.cgi?id=738805 The fix for CVE-2014-3660 introduced a regression in some case where entity substitution is required and the entity is used first in anotther entity referenced from an attribute value

f65128f3

2014-10-17T17:13:41

Revert "Missing initialization for the catalog module" This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7. As this break xmlcatalog command https://bugzilla.redhat.com/show_bug.cgi?id=1153753

726f67e2

2014-10-16T15:40:16

Release of libxml2-2.9.2

2fcdb424

2014-10-16T15:39:41

Forgot to add the cmake Makefile

be2a7eda

2014-10-16T13:59:47

Fix for CVE-2014-3660 Issues related to the billion laugh entity expansion which happened to escape the initial set of fixes

500c54ef

2014-10-16T12:17:20

fix memory leak xml header encoding field with XML_PARSE_IGNORE_ENC When the xml parser encounters an xml encoding in an xml header while configured with option XML_PARSE_IGNORE_ENC, it fails to free memory allocated for storing the encoding. The patch below fixes this. How to reproduce: 1. Change doc/examples/parse4.c to add xmlCtxtUseOptions(ctxt, XML_PARSE_IGNORE_ENC); after the call to xmlCreatePushParserCtxt. 2. Rebuild 3. run the following command from the top libxml2 directory: LD_LIBRARY_PATH=.libs/ valgrind --leak-check=full ./doc/examples/.libs/parse4 ./test.xml , where test.xml contains following input: <?xml version="1.0" encoding="UTF-81" ?><hi/> valgrind will report: ==1964== 10 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==1964== at 0x4C272DB: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==1964== by 0x4E88497: xmlParseEncName (parser.c:10224) ==1964== by 0x4E888FE: xmlParseEncodingDecl (parser.c:10295) ==1964== by 0x4E89630: xmlParseXMLDecl (parser.c:10534) ==1964== by 0x4E8B737: xmlParseTryOrFinish (parser.c:11293) ==1964== by 0x4E8E775: xmlParseChunk (parser.c:12283) Signed-off-by: Bart De Schuymer <bart at amplidata com>

974db365

2014-10-16T12:07:43

AC_CONFIG_FILES and executable bit

f3efaba3

2012-09-19T00:10:55

remove HAVE_CONFIG_H dependency in testlimits.c

c2450d8b

2013-11-28T22:42:08

fix some tabs mixing incompatible with python3

21fec499

2012-09-12T01:33:12

win32/libxml2.def.src after rebuild in doc

kc3-lang/libxml2

Log