kmx git

Commit	Date	Message
aef1ff43	2024-03-06T19:30:43	string: Fix xmlStrncatNew(NULL, "") This should return "" not NULL.
9033a270	2024-03-05T16:45:44	malloc-fail: Stop using xmlSplitQName2 This function doesn't report malloc failures.
8677f547	2024-03-05T03:24:45	malloc-fail: Fix erroneous report in xmlNodeGetBaseSafe
9c2d451c	2024-03-04T01:25:46	malloc-fail: Fix use-after-free in xmlBufBackToBuffer
d2f7ca53	2024-03-03T16:51:07	save: Add range check for level in xmlNodeDump
3061b56a	2024-03-15T02:23:08	valid: Check for NULL text content in xmlValidateOneElement Shouldn't occur in parsed documents but you can create text nodes with NULL content through the API.
edbf1eb6	2024-03-05T18:07:13	entities: Don't allow null name in xmlNewEntity
af3d80b9	2024-03-14T20:49:39	valid: Check for elem->name in xmlIsID elem->name can be NULL is xmlNodeSetDoc failed.
1233805d	2024-03-06T15:49:20	valid: Fix some return codes after errors
9b3750c6	2024-03-04T03:49:23	malloc-fail: Avoid use-after-free in xmlAddChild Returning NULL doesn't signal that the node was freed.
50816b8d	2024-03-05T18:06:38	entities: Check for illegal entity types in xmlAddEntity
04c691f7	2024-03-05T19:59:42	valid: Eliminate xmlCtxtGetDtdElementDesc Improves malloca failure reporting without parser context.
ab345338	2024-03-05T19:58:17	valid: Report malloc failure in legacy DTD serialization
c1fe9e72	2024-03-06T15:21:49	io: Report more malloc failures when writing to output buffer
264b283c	2024-03-05T14:55:42	valid: Fix hash removal in xmlRemoveRef Don't create a NULL entry.
802ad903	2024-03-05T14:54:16	valid: Don't report errors with null context
b38f8eae	2024-03-05T14:55:15	malloc-fail: Report in xmlAddAttributeDecl
702f2e46	2024-03-04T01:39:34	malloc-fail: Fix memory leak in xmlNewNodeEatName
10c4ed1f	2024-03-06T14:14:33	html: Fix quadratic behavior in htmlNodeDump Use an efficient buffer allocation scheme.
f797cdab	2024-03-02T18:59:16	valid: Remove id before updating attribute type
a3e11e3d	2024-03-01T15:55:35	valid: Fix id handling in xmlValidateDtd Free id table before and after validation.
b1e75a91	2024-03-05T20:00:44	save: Report malloc failure in xmlAttrSerializeTxtContent
c4e0db6a	2024-03-02T16:02:39	valid: Reset attribute in xmlFreeID
bbbd7f77	2024-03-01T14:27:08	valid: Rework checks in xmlValidateOneElement Don't check element for extra members and missing content. Consolidate checks for unexpected elements.
10c202f9	2024-03-04T01:31:12	malloc-fail: Check for NULL pointer in xmlSaveNotation*
3494aa4f	2024-03-04T01:39:00	save: Cast return code of xmlBufNodeDump Avoid implicit sign change.
1d392fab	2024-03-05T18:06:02	save: Check for output buffer errors Report more error conditions.
e4e90961	2024-03-07T13:00:14	tree: Prefer xmlGetPropNodeInternal over xmlHasNsProp xmlHasNsProp can cause unreported malloc failures when looking up default attributes. Switch to xmlGetPropNodeInternal when moving attributes. We don't care about default attributes in this case.
7d9ffd40	2024-03-06T19:44:00	tree: Report malloc failure in xmlAddNextSibling
bc7ab5a2	2024-03-02T18:59:51	tree: Rewrite xmlSetTreeDoc Report malloc failures. Fix when called directly on attribute node. Clear 'content' and 'last' and look up new entity for entity reference nodes.
2ba690a7	2024-03-05T16:34:22	tree: Remove more unused node types
fc9a2ca0	2024-03-06T16:02:24	tree: Report more malloc failures
536aa2cd	2024-03-04T16:55:32	tree: Fix adding ids in xmlNewPropInternal Don't try to add ids to NULL document. Report malloc failure from xmlIsID.
d0d6174e	2024-02-29T19:38:29	valid: Rework xmlAddID
d57c57ed	2024-03-05T14:53:35	tree: Improve argument check in xmlTextConcat
16c29557	2024-03-05T14:52:34	tree: Remove unused node types
f960c60d	2024-03-05T03:25:16	tree: Make namespace comparison more consistent The API allows NULL namespace URIs, so we should match them consistently. Simply use xmlStrEqual which already takes NULL strings into account.
d1cc6f7d	2024-03-05T04:34:59	tree: Don't allow NULL name in xmlSetNsProp
2840e33c	2024-03-04T07:34:25	tree: Allocate XML namespace statically
696faeb4	2024-03-05T16:17:57	tree: Rework xmlNodeListGetString Use string buffer to avoid quadratic complexity. Handle entities with xmlBufGetNodeContent. Report malloc failures.
41964548	2024-02-28T12:17:57	tree: Rework xmlTextMerge Return NULL on error. Check for malloc failure. Check that nodes are distinct.
a3713f78	2024-02-28T11:44:46	tree: Rework xmlNodeSetName Disallow xmlNodeSetName on DTD nodes. DTD nodes don't store the name in a dictionary. Calling xmlNodeSetName with a DTD node could result in an invalid free. This function doesn't report errors but we can make sure that name isn't set to NULL.
77c71350	2024-02-27T20:21:48	tree: Simplify xmlAddChild with text parent
7e462425	2024-02-27T20:18:42	tree: Don't allow misuse of xmlAddChild xmlAddChild assumes that the child is unlinked. If the child is already linked, return an error instead of corrupting the tree.
b23175d1	2024-02-29T19:57:28	valid: Check element type in xmlIsID Also rearrange code for readability.
0ddd63db	2024-02-29T16:40:26	valid: Change error code to XML_ERR_ARGUMENT
b043d959	2024-03-08T12:40:12	tree: Check return value of xmlNodeAddContent
18ebdacf	2024-03-07T13:02:46	tree: Fix error return in xmlGetPropNodeValueInternal
2c214a50	2024-02-27T16:29:52	tree: Fix xmlAddPropSibling with duplicate attributes Look up existing attribute before unlinking new attribute. This makes it easier for the fuzzer to detect which attribute will de deleted if there are multiple attributes with the same name.
2e765083	2024-02-27T16:23:44	tree: Fix indentation in xmlAddPropSibling
16c0374a	2024-02-27T15:31:33	tree: Fix xmlAddSibling with last sibling If the node to be added was already at the correct position, the tree could be corrupted.
74ca2f59	2024-02-27T13:44:54	tree: Move type check in xmlAddChild Avoid aborting halfway after changing parent pointer if node types don't match when adding attributes.
29db9881	2024-02-23T16:59:40	tree: Fix xmlDocSetRootElement with multiple top-level elements Fix xmlDocSetRootElement when setting the original root if multiple top-level elements are present.
4b698dba	2024-02-22T18:13:53	tree: Only allow elements in xmlDocSetRootElement
d5f50602	2024-02-22T16:12:07	tree: Disallow setting content of entity reference nodes The content of entity reference nodes points to the entity declaration and isn't freed. Changing the content would result in a memory leak.
77f2012c	2024-02-22T15:25:05	tree: Rework xmlReconciliateNs
af66a6b5	2024-02-22T13:03:59	tree: Unlink DTD in xmlStaticCopyNodeList Avoid tree corruption when copying within a document.
bb22cfb9	2024-02-22T12:39:42	tree: Unlink DTD in xmlFreeNodeList Avoid dangling next/prev pointers.
186562a1	2024-03-12T19:55:33	parser: Fix detection of duplicate attributes in XML namespace Fixes a regression from commit e0dd330b, resulting in duplicate attributes in the predefined XML namespace not being detected or extraneous default attributes being passed. Fixes #704.
ce8f3d2c	2024-03-10T15:03:41	fuzz: Improve README
723b4de0	2024-03-03T21:57:59	catalog: Fetch XML catalog before dumping Catalog entries seem to be loaded lazily. Should fix #699.
653ef999	2024-03-02T17:02:30	schemas: fix spurious warning about truncated snprintf output Fix warning: xmlschemas.c: In function 'xmlSchemaVAttributesComplex': xmlschemas.c:25506:63: warning: 'snprintf' output may be truncated before the last format character [-Wformat-truncation=] xmlschemas.c:25506:29: note: 'snprintf' output between 3 and 13 bytes into a destination of size 12 On my system (GCC 13.2.1 x86_64) the warning only appears with -O0. counter can't exceed 1000, so there's no real bug.
25afd931	2024-02-29T01:29:42	xmlschemastypes: Remove unreachable if statement Pointer `cur` is created by `value` variable and there is no need to check `cur` for NULL because of `value` is checked in the beginning of function. Found by RASU JSC.
cd94985f	2024-02-29T01:14:06	relaxng: Remove useless if statement
84a71860	2024-02-26T15:14:28	xmlreader: Fix xmlTextReaderConstEncoding Regression from commit f1c1f5c6. Fixes #697.
b55ee729	2024-02-26T13:22:08	html: Regression test for #696 This was already fixed in the master branch, so we only add a test.
a581f651	2024-02-21T12:09:10	tree: Check for integer overflow in xmlStringGetNodeList This function is called with unvalidated strings from functions like xmlNewDocProp, xmlNewDocNode or xmlNodeSetContent, so we have to check for integer overflow after all.
7dc8600a	2024-02-20T12:32:17	SAX2: Report malloc failure in xmlCheckDefaultedAttributes
67e475b7	2024-02-19T11:09:39	http: Improve error message for HTTPS redirects
e314109a	2024-02-16T15:42:38	save: Don't write directly to internal buffer Make sure that OOM errors are reported.
595ee5bc	2024-02-14T13:58:14	dict: Include unistd.h for getentropy
c444c96e	2024-02-13T12:22:28	parser: Report OOM errors even after parser was stopped
9835ec2b	2024-02-13T10:58:19	valid: Fix xmlAddIDSafe in "streaming" mode Make sure that IDs and attributes never reference each other in streaming (XML reader) mode, even when attributes are copied from an entity. Also update lineno. Fixes a short-lived use-after-free.
e97b4d84	2024-02-13T11:37:05	autotools: Remove useless substitution Fixes #689.
4d774612	2024-02-13T11:35:12	parser: Fix column number in attribute values Short-lived regression from 37c6618b.
87bebd25	2024-02-12T16:45:16	xmllint: Return error code if XPath returns empty nodeset Return an error code as before but make it possible to distinguish from real errors. Fixes #690.
a9e73f11	2024-02-11T12:47:09	catalog: Remove Windows hack Shouldn't be necessary after commit 865520f0. Fixes #688.
b53562bd	2024-02-11T12:33:02	examples: Readd xpath1 test This was removed for some reason in fc119e32. Fixes #685.
13962b06	2023-10-15T13:56:34	xmlreader: Clean up error handling Make sure that xmlTextReaderRead returns -1 immediately if the reader is in an error state.
ddda373e	2024-02-06T12:53:03	xmlreader: Make xmlTextReaderValidateEntity return an error code This makes sure that xmlTextReaderRead returns -1 if a memory allocation fails.
2807df9a	2024-02-06T12:07:19	valid: Fix another use-after-free in xmlAddIDSafe Short-lived regression.
2963a097	2024-02-05T15:35:54	xpath: Report malloc failure in xmlXPathTranslateFunction
1a66b176	2023-10-14T22:45:54	[CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking Fixes a use-after-free if XML Reader if used with DTD validation and XInclude expansion. Fixes #604.
921ab01e	2024-02-04T14:08:44	c14n: Improve error handling Stop raising meaningless internal errors.
70da4c08	2024-02-04T13:30:32	valid: Fix use-after-free in xmlAddIDSafe Short-lived regression.
d463733f	2024-02-01T19:31:03	fuzz: Reenable malloc failure check when serializing
cf875194	2024-02-01T19:26:42	valid: Deprecate old DTD serialization API
fbe10a46	2024-02-01T19:01:57	save: Move DTD serialization code to xmlsave.c
84e50a0c	2024-02-01T17:02:24	fuzz: Don't check for malloc failures when serializing DTD serialization doesn't report malloc failures yet.
6aae1767	2024-02-01T15:18:26	tree: Fix error condition in xmlNodeListGetString Don't return NULL in case of undeclared entities.
4a8f707b	2024-02-01T13:55:20	Update .gitignore
0d170aca	2024-02-01T11:51:58	io: Report malloc failure in xmlOutputBufferWrite Fixes #676.
2835337a	2024-01-30T14:18:45	doc: Mark `xmllint --xpath` as experimental This feature was poorly thought-out.
6b089473	2024-01-30T13:37:16	doc: Update xmllint man page after fixing #180 Fixes #673.
95f2a174	2024-01-30T13:25:17	parser: Fix crash in xmlParseInNodeContext with HTML documents Ignore namespaces if we have an HTML document with namespaces added manually. Fixes #672.
2e19d0ef	2024-01-26T11:39:51	SAX2: Make sure that OOM errors aren't overwritten
12ce9b5f	2024-01-25T12:52:14	dict: Fix warnings with older clang
8961056f	2024-01-23T00:47:44	parser: Make experimental input API private This needs to be reworked.
63986c45	2024-01-22T21:02:16	parser: Report fatal error if document entity couldn't be loaded Only lower error level when loading entities. Fixes #667.
37d474ff	2024-01-17T14:19:42	xpath: Fix return of empty node-set in xmlXPathNodeCollectAndTest Don't return NULL node-sets. Ultimately, we should make sure that obj->nodesetval is always non-NULL even for empty node-sets. See #663.

aef1ff43

2024-03-06T19:30:43

string: Fix xmlStrncatNew(NULL, "") This should return "" not NULL.

9033a270

2024-03-05T16:45:44

malloc-fail: Stop using xmlSplitQName2 This function doesn't report malloc failures.

8677f547

2024-03-05T03:24:45

malloc-fail: Fix erroneous report in xmlNodeGetBaseSafe

9c2d451c

2024-03-04T01:25:46

malloc-fail: Fix use-after-free in xmlBufBackToBuffer

d2f7ca53

2024-03-03T16:51:07

save: Add range check for level in xmlNodeDump

3061b56a

2024-03-15T02:23:08

valid: Check for NULL text content in xmlValidateOneElement Shouldn't occur in parsed documents but you can create text nodes with NULL content through the API.

edbf1eb6

2024-03-05T18:07:13

entities: Don't allow null name in xmlNewEntity

af3d80b9

2024-03-14T20:49:39

valid: Check for elem->name in xmlIsID elem->name can be NULL is xmlNodeSetDoc failed.

1233805d

2024-03-06T15:49:20

valid: Fix some return codes after errors

9b3750c6

2024-03-04T03:49:23

malloc-fail: Avoid use-after-free in xmlAddChild Returning NULL doesn't signal that the node was freed.

50816b8d

2024-03-05T18:06:38

entities: Check for illegal entity types in xmlAddEntity

04c691f7

2024-03-05T19:59:42

valid: Eliminate xmlCtxtGetDtdElementDesc Improves malloca failure reporting without parser context.

ab345338

2024-03-05T19:58:17

valid: Report malloc failure in legacy DTD serialization

c1fe9e72

2024-03-06T15:21:49

io: Report more malloc failures when writing to output buffer

264b283c

2024-03-05T14:55:42

valid: Fix hash removal in xmlRemoveRef Don't create a NULL entry.

802ad903

2024-03-05T14:54:16

valid: Don't report errors with null context

b38f8eae

2024-03-05T14:55:15

malloc-fail: Report in xmlAddAttributeDecl

702f2e46

2024-03-04T01:39:34

malloc-fail: Fix memory leak in xmlNewNodeEatName

10c4ed1f

2024-03-06T14:14:33

html: Fix quadratic behavior in htmlNodeDump Use an efficient buffer allocation scheme.

f797cdab

2024-03-02T18:59:16

valid: Remove id before updating attribute type

a3e11e3d

2024-03-01T15:55:35

valid: Fix id handling in xmlValidateDtd Free id table before and after validation.

b1e75a91

2024-03-05T20:00:44

save: Report malloc failure in xmlAttrSerializeTxtContent

c4e0db6a

2024-03-02T16:02:39

valid: Reset attribute in xmlFreeID

bbbd7f77

2024-03-01T14:27:08

valid: Rework checks in xmlValidateOneElement Don't check element for extra members and missing content. Consolidate checks for unexpected elements.

10c202f9

2024-03-04T01:31:12

malloc-fail: Check for NULL pointer in xmlSaveNotation*

3494aa4f

2024-03-04T01:39:00

save: Cast return code of xmlBufNodeDump Avoid implicit sign change.

1d392fab

2024-03-05T18:06:02

save: Check for output buffer errors Report more error conditions.

e4e90961

2024-03-07T13:00:14

tree: Prefer xmlGetPropNodeInternal over xmlHasNsProp xmlHasNsProp can cause unreported malloc failures when looking up default attributes. Switch to xmlGetPropNodeInternal when moving attributes. We don't care about default attributes in this case.

7d9ffd40

2024-03-06T19:44:00

tree: Report malloc failure in xmlAddNextSibling

bc7ab5a2

2024-03-02T18:59:51

tree: Rewrite xmlSetTreeDoc Report malloc failures. Fix when called directly on attribute node. Clear 'content' and 'last' and look up new entity for entity reference nodes.

2ba690a7

2024-03-05T16:34:22

tree: Remove more unused node types

fc9a2ca0

2024-03-06T16:02:24

tree: Report more malloc failures

536aa2cd

2024-03-04T16:55:32

tree: Fix adding ids in xmlNewPropInternal Don't try to add ids to NULL document. Report malloc failure from xmlIsID.

d0d6174e

2024-02-29T19:38:29

valid: Rework xmlAddID

d57c57ed

2024-03-05T14:53:35

tree: Improve argument check in xmlTextConcat

16c29557

2024-03-05T14:52:34

tree: Remove unused node types

f960c60d

2024-03-05T03:25:16

tree: Make namespace comparison more consistent The API allows NULL namespace URIs, so we should match them consistently. Simply use xmlStrEqual which already takes NULL strings into account.

d1cc6f7d

2024-03-05T04:34:59

tree: Don't allow NULL name in xmlSetNsProp

2840e33c

2024-03-04T07:34:25

tree: Allocate XML namespace statically

696faeb4

2024-03-05T16:17:57

tree: Rework xmlNodeListGetString Use string buffer to avoid quadratic complexity. Handle entities with xmlBufGetNodeContent. Report malloc failures.

41964548

2024-02-28T12:17:57

tree: Rework xmlTextMerge Return NULL on error. Check for malloc failure. Check that nodes are distinct.

a3713f78

2024-02-28T11:44:46

tree: Rework xmlNodeSetName Disallow xmlNodeSetName on DTD nodes. DTD nodes don't store the name in a dictionary. Calling xmlNodeSetName with a DTD node could result in an invalid free. This function doesn't report errors but we can make sure that name isn't set to NULL.

77c71350

2024-02-27T20:21:48

tree: Simplify xmlAddChild with text parent

7e462425

2024-02-27T20:18:42

tree: Don't allow misuse of xmlAddChild xmlAddChild assumes that the child is unlinked. If the child is already linked, return an error instead of corrupting the tree.

b23175d1

2024-02-29T19:57:28

valid: Check element type in xmlIsID Also rearrange code for readability.

0ddd63db

2024-02-29T16:40:26

valid: Change error code to XML_ERR_ARGUMENT

b043d959

2024-03-08T12:40:12

tree: Check return value of xmlNodeAddContent

18ebdacf

2024-03-07T13:02:46

tree: Fix error return in xmlGetPropNodeValueInternal

2c214a50

2024-02-27T16:29:52

tree: Fix xmlAddPropSibling with duplicate attributes Look up existing attribute before unlinking new attribute. This makes it easier for the fuzzer to detect which attribute will de deleted if there are multiple attributes with the same name.

2e765083

2024-02-27T16:23:44

tree: Fix indentation in xmlAddPropSibling

16c0374a

2024-02-27T15:31:33

tree: Fix xmlAddSibling with last sibling If the node to be added was already at the correct position, the tree could be corrupted.

74ca2f59

2024-02-27T13:44:54

tree: Move type check in xmlAddChild Avoid aborting halfway after changing parent pointer if node types don't match when adding attributes.

29db9881

2024-02-23T16:59:40

tree: Fix xmlDocSetRootElement with multiple top-level elements Fix xmlDocSetRootElement when setting the original root if multiple top-level elements are present.

4b698dba

2024-02-22T18:13:53

tree: Only allow elements in xmlDocSetRootElement

d5f50602

2024-02-22T16:12:07

tree: Disallow setting content of entity reference nodes The content of entity reference nodes points to the entity declaration and isn't freed. Changing the content would result in a memory leak.

77f2012c

2024-02-22T15:25:05

tree: Rework xmlReconciliateNs

af66a6b5

2024-02-22T13:03:59

tree: Unlink DTD in xmlStaticCopyNodeList Avoid tree corruption when copying within a document.

bb22cfb9

2024-02-22T12:39:42

tree: Unlink DTD in xmlFreeNodeList Avoid dangling next/prev pointers.

186562a1

2024-03-12T19:55:33

parser: Fix detection of duplicate attributes in XML namespace Fixes a regression from commit e0dd330b, resulting in duplicate attributes in the predefined XML namespace not being detected or extraneous default attributes being passed. Fixes #704.

ce8f3d2c

2024-03-10T15:03:41

fuzz: Improve README

723b4de0

2024-03-03T21:57:59

catalog: Fetch XML catalog before dumping Catalog entries seem to be loaded lazily. Should fix #699.

653ef999

2024-03-02T17:02:30

schemas: fix spurious warning about truncated snprintf output Fix warning: xmlschemas.c: In function 'xmlSchemaVAttributesComplex': xmlschemas.c:25506:63: warning: 'snprintf' output may be truncated before the last format character [-Wformat-truncation=] xmlschemas.c:25506:29: note: 'snprintf' output between 3 and 13 bytes into a destination of size 12 On my system (GCC 13.2.1 x86_64) the warning only appears with -O0. counter can't exceed 1000, so there's no real bug.

25afd931

2024-02-29T01:29:42

xmlschemastypes: Remove unreachable if statement Pointer `cur` is created by `value` variable and there is no need to check `cur` for NULL because of `value` is checked in the beginning of function. Found by RASU JSC.

cd94985f

2024-02-29T01:14:06

relaxng: Remove useless if statement

84a71860

2024-02-26T15:14:28

xmlreader: Fix xmlTextReaderConstEncoding Regression from commit f1c1f5c6. Fixes #697.

b55ee729

2024-02-26T13:22:08

html: Regression test for #696 This was already fixed in the master branch, so we only add a test.

a581f651

2024-02-21T12:09:10

tree: Check for integer overflow in xmlStringGetNodeList This function is called with unvalidated strings from functions like xmlNewDocProp, xmlNewDocNode or xmlNodeSetContent, so we have to check for integer overflow after all.

7dc8600a

2024-02-20T12:32:17

SAX2: Report malloc failure in xmlCheckDefaultedAttributes

67e475b7

2024-02-19T11:09:39

http: Improve error message for HTTPS redirects

e314109a

2024-02-16T15:42:38

save: Don't write directly to internal buffer Make sure that OOM errors are reported.

595ee5bc

2024-02-14T13:58:14

dict: Include unistd.h for getentropy

c444c96e

2024-02-13T12:22:28

parser: Report OOM errors even after parser was stopped

9835ec2b

2024-02-13T10:58:19

valid: Fix xmlAddIDSafe in "streaming" mode Make sure that IDs and attributes never reference each other in streaming (XML reader) mode, even when attributes are copied from an entity. Also update lineno. Fixes a short-lived use-after-free.

e97b4d84

2024-02-13T11:37:05

autotools: Remove useless substitution Fixes #689.

4d774612

2024-02-13T11:35:12

parser: Fix column number in attribute values Short-lived regression from 37c6618b.

87bebd25

2024-02-12T16:45:16

xmllint: Return error code if XPath returns empty nodeset Return an error code as before but make it possible to distinguish from real errors. Fixes #690.

a9e73f11

2024-02-11T12:47:09

catalog: Remove Windows hack Shouldn't be necessary after commit 865520f0. Fixes #688.

b53562bd

2024-02-11T12:33:02

examples: Readd xpath1 test This was removed for some reason in fc119e32. Fixes #685.

13962b06

2023-10-15T13:56:34

xmlreader: Clean up error handling Make sure that xmlTextReaderRead returns -1 immediately if the reader is in an error state.

ddda373e

2024-02-06T12:53:03

xmlreader: Make xmlTextReaderValidateEntity return an error code This makes sure that xmlTextReaderRead returns -1 if a memory allocation fails.

2807df9a

2024-02-06T12:07:19

valid: Fix another use-after-free in xmlAddIDSafe Short-lived regression.

2963a097

2024-02-05T15:35:54

xpath: Report malloc failure in xmlXPathTranslateFunction

1a66b176

2023-10-14T22:45:54

[CVE-2024-25062] xmlreader: Don't expand XIncludes when backtracking Fixes a use-after-free if XML Reader if used with DTD validation and XInclude expansion. Fixes #604.

921ab01e

2024-02-04T14:08:44

c14n: Improve error handling Stop raising meaningless internal errors.

70da4c08

2024-02-04T13:30:32

valid: Fix use-after-free in xmlAddIDSafe Short-lived regression.

d463733f

2024-02-01T19:31:03

fuzz: Reenable malloc failure check when serializing

cf875194

2024-02-01T19:26:42

valid: Deprecate old DTD serialization API

fbe10a46

2024-02-01T19:01:57

save: Move DTD serialization code to xmlsave.c

84e50a0c

2024-02-01T17:02:24

fuzz: Don't check for malloc failures when serializing DTD serialization doesn't report malloc failures yet.

6aae1767

2024-02-01T15:18:26

tree: Fix error condition in xmlNodeListGetString Don't return NULL in case of undeclared entities.

4a8f707b

2024-02-01T13:55:20

Update .gitignore

0d170aca

2024-02-01T11:51:58

io: Report malloc failure in xmlOutputBufferWrite Fixes #676.

2835337a

2024-01-30T14:18:45

doc: Mark `xmllint --xpath` as experimental This feature was poorly thought-out.

6b089473

2024-01-30T13:37:16

doc: Update xmllint man page after fixing #180 Fixes #673.

95f2a174

2024-01-30T13:25:17

parser: Fix crash in xmlParseInNodeContext with HTML documents Ignore namespaces if we have an HTML document with namespaces added manually. Fixes #672.

2e19d0ef

2024-01-26T11:39:51

SAX2: Make sure that OOM errors aren't overwritten

12ce9b5f

2024-01-25T12:52:14

dict: Fix warnings with older clang

8961056f

2024-01-23T00:47:44

parser: Make experimental input API private This needs to be reworked.

63986c45

2024-01-22T21:02:16

parser: Report fatal error if document entity couldn't be loaded Only lower error level when loading entities. Fixes #667.

37d474ff

2024-01-17T14:19:42

xpath: Fix return of empty node-set in xmlXPathNodeCollectAndTest Don't return NULL node-sets. Ultimately, we should make sure that obj->nodesetval is always non-NULL even for empty node-sets. See #663.

kc3-lang/libxml2

Log