kmx git

Commit	Date	Message
b8597f46	2024-04-30T15:58:01	tree: Handle predefined entities in xmlBufGetEntityRefContent It's possible to create references to predefined entities using the tree API. This edge case was exposed by making predefined entities const in commit 63ce5f9a.
619e2808	2024-04-30T15:53:08	tree: Don't call xmlNewCharRef in xmlNodeParseContent xmlNewCharRef also tries to handle strings like '&name;' but in xmlNodeParseContentInternal, we really want to use the possibly invalid name without modification. Otherwise, content like '&"' could create a reference to a predefined entity.
ae960cac	2023-11-07T21:08:01	Allow unlimited length decimals, integers etc.
bffef46c	2024-04-28T22:58:06	doc: Don't install example code
5f75c956	2024-04-28T22:57:02	doc: Remove tutorial The tutorial was moved to the Wiki: https://gitlab.gnome.org/GNOME/libxml2/-/wikis/Tutorial
d381e5de	2024-04-28T21:14:32	doc: Move doc/examples to example
1cdfece1	2024-04-28T18:33:40	memory: Remove memory debugging This is useless compared to sanitizers or valgrind and has a considerable performance impact if enabled accidentally.
5e80f438	2024-04-28T17:33:19	tree: Deprecate xmlRegisterNodeDefault This rarely used feature should be phased out.
88169bfd	2024-04-28T17:54:36	tree: Deprecate xmlSetCompressMode
05654cfe	2024-04-28T17:54:20	html: Deprecate htmlHandleOmittedElem
63ce5f9a	2024-04-28T17:32:35	Make some globals const
577fb0e3	2024-04-27T16:31:01	xinclude: Report malloc failure in xmlXIncludeMergeEntities
68e440ee	2024-04-24T22:52:06	fuzz: Use all test directories for XML seed corpus It's probably better to add as many files as possible to the seed corpus even if they're less specific to a fuzzer.
651465f9	2024-04-24T22:50:53	test: Remove unused test files
0977d7a3	2024-04-23T22:39:53	fuzz: Build with compression support on OSS-Fuzz
510c7988	2024-04-23T18:43:12	fuzz: Remove reader pass from XML fuzzers The reader API is fuzzed separately now.
6641a7e8	2024-04-23T18:17:02	fuzz: Enable reader fuzzer on OSS-Fuzz
45fe9924	2024-04-22T17:12:54	parser: Don't create reference in xmlLookupGeneralEntity This should only be done in xmlParseReference. The handling of undeclared entities is still somewhat inconsistent. In element content we create references even if entity substitution is enabled. In attribute values undeclared entities are always ignored.
b717abdd	2024-04-22T15:42:39	parser: Consolidate error handling for undeclared entities Always use XML_WAR_UNDECLARED_ENTITY with warning error level in documents with external subset or parameter entities. Use XML_ERR_UNDECLARED_ENTITY otherwise.
00336f0f	2024-04-20T20:54:41	cmake: Don't use tabs in CMakeLists.txt Always use spaces and indent_size=4 except for Makefiles.
b62ccf7f	2024-04-16T13:24:12	fuzz: Add fuzzer for XML reader API
087a3464	2024-04-18T11:57:46	xinclude: Increase error count in xmlXIncludeErrMemory
7cbf609a	2024-04-18T12:57:15	reader: Make xmlTextReaderReadString non-recursive Also report malloc failures. Fixes #607.
f6964781	2024-04-22T12:23:39	reader: Rework xmlTextReaderRead{Inner,Outer}Xml Use an xmlOutputBuffer. Report malloc failures.
cdb3103b	2024-04-22T12:23:06	reader: Report malloc failures
d2daf33e	2024-04-16T14:53:07	reader: Fix preservation of attributes Don't use 'curnode' which might be an attribute or namespace node which doesn't have an 'extra' member.
5aa56e73	2024-04-18T14:21:19	reader: Add tests for content accessors
6053f1ff	2023-11-02T13:57:54	Remove redundant size check The condition size > UINT_MAX - 10 is already checked earlier, so the check is always false.
fbea03f3	2024-04-19T15:22:30	tree: Remove another redundant check in xmlDOMWrapCloneNode The node type was already checked earlier.
1a865567	2023-11-02T14:07:00	Remove redundant NULL check on cur This variable is already NULL checked in the previous if condition.
6fadd798	2023-11-02T14:05:31	Remove always-false check old == cur This case is already checked at the start of the function. There it returns NULL, which seems more correct.
27665200	2023-11-02T13:59:54	Remove redundant NULL check on cur cur = node, and node cannot be NULL as it is checked at the start of the function.
a0341ac8	2024-04-18T12:08:30	tree: Don't return empty localname in xmlSplitQName{2,3} Match the behavior of xmlSplitQName and xmlSplitQName4.
f506ec66	2024-04-15T11:27:44	parser: Always decode entities in namespace URIs Also decode entities in namespace URIs if entity substitution wasn't requested. This should fix some corner cases when comparing namespace URIs. The Namespaces in XML 1.0 spec says: > In a namespace declaration, the URI reference is the normalized value > of the attribute, so replacement of XML character and entity > references has already been done before any comparison. Make the serialization code escape special characters in namespace URIs like in attribute values. This fixes serialization if entities were substituted when parsing. Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/106
971ce404	2024-04-14T19:33:21	fuzz: Also set fuzzAllocFailed if a real allocation fails Avoid false positives in real OOM situations.
20b0bd98	2024-04-09T18:00:13	fuzz: Account for quadratic runtime in xmlXPathTranslateFunction Avoid fuzzer timeouts caused by this known issue.
fd8a3511	2024-04-09T16:54:02	error: Fix direct invocation of SAX error handlers Revert part of commit c5a8aef2 to make it safe to call the default SAX error handlers directly. This has been deprecated for a long time but even xmllint still uses these handlers. Should fix #713.
20fca2bb	2024-04-09T15:39:06	save: Report malloc failure in xmlAttrSerializeTxtContent Flush buffer before checking for errors.
1f18d377	2024-04-02T23:19:28	fuzz: Add a few more comments
5bb84b47	2024-04-04T11:55:28	relaxng: Fix tree corruption in xmlRelaxNGParseNameClass Don't create cycles in tree structure. This will lead to an infinite loop or call stack overflow later. Closes: https://gitlab.gnome.org/GNOME/libxml2/-/issues/711
16ccb61d	2024-04-05T13:19:56	xinclude: Don't try to fix base of non-elements This would result in a spurious error.
af2bda4e	2024-04-05T13:09:45	SAX2: Also check URI length before resolving We don't want to exceed the size limit of 1 MB in uri.c. Such errors can't be distinguished from malloc failures.
5732ce56	2024-04-04T12:14:46	meson: Initial commit
650f842d	2024-04-02T15:25:28	string: Don't validate UTF-8 in xmlUTF8Strsub Most string functions can assume valid UTF-8. In order to detect malloc failures reliably, xmlUTF8Strsub should only return NULL if the start index is out of bounds or a memory allocation failed.
86c27206	2024-04-02T14:41:15	save: Handle invalid parent pointers in xhtmlNodeDumpOutput See #255 and commit 85b1792e.
f7f14537	2024-04-02T12:56:11	build: Disable support for compression libraries by default libxml2 has limited support for reading and writing compressed data with the help of zlib and liblzma which used to be enabled by default. This only works for files read from the file system and never worked with memory buffers. My guess is that this feature is virtually unused. In light of the recently discovered xz backdoor, it's a good time to disable these features by default to reduce attack surface and prepare for eventual removal. If --with-legacy is passed to the Autotools build, compression will be enabled by default as before.
365976db	2024-03-30T17:17:21	xinclude: Don't use xmlHasNsProp This function can malloc and doesn't report failures. Another design mistake is that xmlUnsetNsProp requires an xmlNs struct.
fe3cbf89	2024-03-29T14:54:39	fuzz: Check node type before xmlDocSetRootElement
5c553325	2024-03-29T13:45:19	Revert "tree: Only allow elements in xmlDocSetRootElement" This reverts commit 4b698dbaec9bc6775fc8341ef8a3f0d8321f8548. lxml assumes that xmlDocSetRootElement works with non-elements.
7c5daa37	2024-03-29T14:35:07	tree: Ignore namespace with NULL href in xmlSearchNs Some users set href to NULL to unset a namespace without deleting it. Also change the duplicate check in xmlNewNs which must agree with xmlSearchNs. Short-lived regression from f960c60d.
f43197fc	2024-03-29T11:16:45	tree: Don't coalesce text nodes in xmlAdd{Prev,Next}Sibling Commit 9e1c72da from 2001 introduced a bug where xmlAddPrevSibling and xmlAddNextSibling would only try to merge text nodes with one of its new siblings. Commit 4ccd3eb8 fixed this bug but unfortunately, lxml and possibly other downstream code depend on text nodes not being merged. To avoid breaking downstream code while still having somewhat consistent API behavior, it's probably best to make these functions never coalesce text nodes.
2cc7f710	2024-03-29T11:55:20	SAX2: Fix xmlSAX2EntityDecl with empty base Short-lived regression.
730de88b	2024-03-28T15:42:02	SAX2: Optimize appending children xmlSAX2AppendChild can make several assumptions which make appending nodes more efficient. Also handle line numbers in xmlSAX2AppendChild.
2a713a80	2024-03-28T15:09:46	tree: Document behavior if xmlSetTreeDoc fails
f1e9c7bd	2024-03-28T14:54:18	tree: Optimize xmlInsertNode Relink the node directly without calling xmlUnlinkNodeInternal.
ea0ee365	2024-03-28T12:38:43	tree: Align xmlAddChild with other node insertion functions Make xmlAddChild unlink the child before insertion. Originally, linked children would most likely cause tree corruption. The first fix disallowed linked nodes, but there are cases where insertion of such nodes could succeed. Don't abort if the node is already a child of parent. In this case, the node will be moved to the end of the child list.
e5cdb23f	2024-03-28T14:09:10	tree: Introduce xmlUnlinkNodeInternal xmlUnlinkNode also removes references to DTD nodes which shouldn't be done when moving nodes within a document. Introduce a new function xmlUnlinkNodeInternal which only unlinks a node from the tree. Remove references to DTD nodes in xmlNodeSetDoc. Note that moving element and attribute declarations to another document will still leave references in the source document.
1d50df87	2024-03-28T12:08:13	examples: Don't leave temp files
bfb02fbc	2024-03-28T11:30:05	fuzz: Fix xmlSetProp in API fuzzer Finding the old attribute node is a bit more involved.
9bce9dbb	2024-03-26T14:30:57	valid: Report malloc failure in xmlValidateOneElement
887ad90a	2024-03-26T14:23:51	fuzz: Restrict input size of API fuzzer
6c5248e2	2024-03-26T14:21:47	fuzz: Restrict number of copies in API fuzzer Avoid timeouts with large inputs.
aa04838e	2024-03-26T14:10:58	html: Use binary search in htmlEntityValueLookup
23a81841	2024-03-25T20:51:14	tree: Work on documentation
52efb20a	2024-03-24T13:43:25	fuzz: Enable float-divide-by-zero on OSS-Fuzz This was recently disabled globally: https://github.com/google/oss-fuzz/pull/11567
1ace0e85	2024-03-24T12:28:22	xinclude: Report malloc failure in xmlXIncludeAddNode
ad9a5637	2024-03-22T19:37:12	tree: Fix uninitialized value in xmlSearchNsSafe Short-lived regression.
00c2f549	2024-03-22T18:45:31	ci: Support ASan in Docker container Ubuntu now requires libclang-rt-dev for ASan libraries.
0e6e3921	2024-03-22T18:36:49	ci: Show config.log if configuration failed
c978a5d8	2024-03-22T18:34:12	ci: Remove Python 2 job, update C89 job Python 2 isn't supported on newer Ubuntu releases. Newer Python releases have header files which aren't compatible with C89.
3d6a25e5	2024-03-22T18:12:25	doc: Update Docker CI instructions
e7ff3ca4	2024-03-22T18:09:23	ci: Update Docker container to Ubuntu 23.10 This removes Python 2.
22455e97	2024-03-22T17:52:35	ci: Add meson to Docker container
d8741b81	2024-03-22T14:46:36	fuzz: Fix namespaces after xmlDOMWrapRemoveNode
05c147c3	2024-03-22T13:03:37	SAX2: Report malloc failure in xmlSAX2AttributeNs
0d04d79c	2024-03-22T12:26:28	xinclude: Report malloc failures in xmlXIncludeIncludeNode
7b316c11	2024-03-22T12:15:23	tree: Fix uninitialized value in xmlSearchNsByHrefSafe Short-lived regression.
d4d1f3f3	2024-03-20T18:45:10	fuzz: Enable API fuzzer on OSS-Fuzz
5ea29703	2024-03-20T18:41:26	fuzz: Reorder API fuzzer ops
da32c852	2024-03-20T13:45:13	fuzz: Check text nodes after merging Avoid exponential growth of text.
577e2516	2024-03-19T17:06:07	valid: Check for NULL node->name in xmlSnprintfElements Unfortunately, we can have NULL element names if xmlSetTreeDoc fails.
a279aae3	2024-03-18T14:20:19	io: Allocate output buffer with XML_BUFFER_ALLOC_IO This allows efficient shrinking of memory buffers. Support IO buffers in xmlBufDetach.
072facc4	2024-03-18T14:17:57	encoding: Don't shrink input too early in xmlCharEncOutput Some exotic encodings like ISO646-FR don't support '#' characters, so encoding a character reference can actually fail. Don't skip the offending input in this case so the error will be reported on the next call.
3f05508a	2024-03-18T14:14:00	tree: Report malloc failures in attribute setters
3bdd0d7b	2024-03-18T12:12:15	xinclude: Set errNo in xmlXIncludeErrMemory
6a49bb77	2024-03-17T17:16:55	tree: Introduce xmlSearchNsSafe After the failed experiment with a static XML namespace, introduce versions of xmlSearchNs that report malloc failures. Optimize the no-document case by only adding the XML namespace declaration if it wasn't found in an ancestor.
047ea3ec	2024-03-17T16:23:31	Revert "tree: Allocate XML namespace statically" This reverts commit 2840e33c5e4b51589a0b96e8102638eeaea6df72.
fb1e6302	2024-03-17T19:24:06	save: Check for NULL node->name in xhtmlIsEmpty
869f7244	2024-03-17T16:11:15	schemas: Fix ADD_ANNOTATION Fix adding multiple annotations.
1b4bf22c	2024-03-17T15:05:42	xmlreader: Fix memory leak in xmlTextReaderFreeProp Short-lived regression.
dc2a03d4	2024-03-16T14:50:56	valid: Deprecate internal validation functions
c0edd792	2024-03-16T15:10:32	fuzz: Move fuzzer options to environment variable
55175f75	2024-03-15T21:48:27	fuzz: Add OSS-Fuzz build.sh Move build.sh to our repo to facilitate changes.
f14f089f	2024-03-15T21:04:04	fuzz: Add some comments in api.c
ee0c1f87	2024-02-29T14:51:49	fuzz: New tree API fuzzer
2469d5d0	2024-03-15T02:55:11	tree: Tighten source doc check in xmlDOMWrapAdoptNode sourceDoc must match even if node->doc is NULL.
37556eb3	2024-03-14T16:32:58	tree: Check destParent->doc in xmlDOMWrapCloneNode The document must match destDoc to avoid tree corruption.
7c48c01b	2024-03-13T12:42:43	tree: Switch to xmlNodeSetDoc in xmlDOMWrapAdoptNode Report malloc failures. Also fixes an issue where xmlDOMWrapAdoptAttr would descend into entity references.
be2c26fb	2024-03-13T12:15:30	tree: Fix tree iteration in xmlDOMWrapRemoveNode We didn't descend into elements having attributes.
4a90ce08	2024-03-12T22:30:43	tree: Don't abort early if malloc fails in DOM functions If malloc fails halfway through updating a subtree, we must process the rest of the tree to avoid tree corruption.

b8597f46

2024-04-30T15:58:01

tree: Handle predefined entities in xmlBufGetEntityRefContent It's possible to create references to predefined entities using the tree API. This edge case was exposed by making predefined entities const in commit 63ce5f9a.

619e2808

2024-04-30T15:53:08

tree: Don't call xmlNewCharRef in xmlNodeParseContent xmlNewCharRef also tries to handle strings like '&name;' but in xmlNodeParseContentInternal, we really want to use the possibly invalid name without modification. Otherwise, content like '&"' could create a reference to a predefined entity.

ae960cac

2023-11-07T21:08:01

Allow unlimited length decimals, integers etc.

bffef46c

2024-04-28T22:58:06

doc: Don't install example code

5f75c956

2024-04-28T22:57:02

doc: Remove tutorial The tutorial was moved to the Wiki: https://gitlab.gnome.org/GNOME/libxml2/-/wikis/Tutorial

d381e5de

2024-04-28T21:14:32

doc: Move doc/examples to example

1cdfece1

2024-04-28T18:33:40

memory: Remove memory debugging This is useless compared to sanitizers or valgrind and has a considerable performance impact if enabled accidentally.

5e80f438

2024-04-28T17:33:19

tree: Deprecate xmlRegisterNodeDefault This rarely used feature should be phased out.

88169bfd

2024-04-28T17:54:36

tree: Deprecate xmlSetCompressMode

05654cfe

2024-04-28T17:54:20

html: Deprecate htmlHandleOmittedElem

63ce5f9a

2024-04-28T17:32:35

Make some globals const

577fb0e3

2024-04-27T16:31:01

xinclude: Report malloc failure in xmlXIncludeMergeEntities

68e440ee

2024-04-24T22:52:06

fuzz: Use all test directories for XML seed corpus It's probably better to add as many files as possible to the seed corpus even if they're less specific to a fuzzer.

651465f9

2024-04-24T22:50:53

test: Remove unused test files

0977d7a3

2024-04-23T22:39:53

fuzz: Build with compression support on OSS-Fuzz

510c7988

2024-04-23T18:43:12

fuzz: Remove reader pass from XML fuzzers The reader API is fuzzed separately now.

6641a7e8

2024-04-23T18:17:02

fuzz: Enable reader fuzzer on OSS-Fuzz

45fe9924

2024-04-22T17:12:54

parser: Don't create reference in xmlLookupGeneralEntity This should only be done in xmlParseReference. The handling of undeclared entities is still somewhat inconsistent. In element content we create references even if entity substitution is enabled. In attribute values undeclared entities are always ignored.

b717abdd

2024-04-22T15:42:39

parser: Consolidate error handling for undeclared entities Always use XML_WAR_UNDECLARED_ENTITY with warning error level in documents with external subset or parameter entities. Use XML_ERR_UNDECLARED_ENTITY otherwise.

00336f0f

2024-04-20T20:54:41

cmake: Don't use tabs in CMakeLists.txt Always use spaces and indent_size=4 except for Makefiles.

b62ccf7f

2024-04-16T13:24:12

fuzz: Add fuzzer for XML reader API

087a3464

2024-04-18T11:57:46

xinclude: Increase error count in xmlXIncludeErrMemory

7cbf609a

2024-04-18T12:57:15

reader: Make xmlTextReaderReadString non-recursive Also report malloc failures. Fixes #607.

f6964781

2024-04-22T12:23:39

reader: Rework xmlTextReaderRead{Inner,Outer}Xml Use an xmlOutputBuffer. Report malloc failures.

cdb3103b

2024-04-22T12:23:06

reader: Report malloc failures

d2daf33e

2024-04-16T14:53:07

reader: Fix preservation of attributes Don't use 'curnode' which might be an attribute or namespace node which doesn't have an 'extra' member.

5aa56e73

2024-04-18T14:21:19

reader: Add tests for content accessors

6053f1ff

2023-11-02T13:57:54

Remove redundant size check The condition size > UINT_MAX - 10 is already checked earlier, so the check is always false.

fbea03f3

2024-04-19T15:22:30

tree: Remove another redundant check in xmlDOMWrapCloneNode The node type was already checked earlier.

1a865567

2023-11-02T14:07:00

Remove redundant NULL check on cur This variable is already NULL checked in the previous if condition.

6fadd798

2023-11-02T14:05:31

Remove always-false check old == cur This case is already checked at the start of the function. There it returns NULL, which seems more correct.

27665200

2023-11-02T13:59:54

Remove redundant NULL check on cur cur = node, and node cannot be NULL as it is checked at the start of the function.

a0341ac8

2024-04-18T12:08:30

tree: Don't return empty localname in xmlSplitQName{2,3} Match the behavior of xmlSplitQName and xmlSplitQName4.

f506ec66

2024-04-15T11:27:44

parser: Always decode entities in namespace URIs Also decode entities in namespace URIs if entity substitution wasn't requested. This should fix some corner cases when comparing namespace URIs. The Namespaces in XML 1.0 spec says: > In a namespace declaration, the URI reference is the normalized value > of the attribute, so replacement of XML character and entity > references has already been done before any comparison. Make the serialization code escape special characters in namespace URIs like in attribute values. This fixes serialization if entities were substituted when parsing. Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/106

971ce404

2024-04-14T19:33:21

fuzz: Also set fuzzAllocFailed if a real allocation fails Avoid false positives in real OOM situations.

20b0bd98

2024-04-09T18:00:13

fuzz: Account for quadratic runtime in xmlXPathTranslateFunction Avoid fuzzer timeouts caused by this known issue.

fd8a3511

2024-04-09T16:54:02

error: Fix direct invocation of SAX error handlers Revert part of commit c5a8aef2 to make it safe to call the default SAX error handlers directly. This has been deprecated for a long time but even xmllint still uses these handlers. Should fix #713.

20fca2bb

2024-04-09T15:39:06

save: Report malloc failure in xmlAttrSerializeTxtContent Flush buffer before checking for errors.

1f18d377

2024-04-02T23:19:28

fuzz: Add a few more comments

5bb84b47

2024-04-04T11:55:28

relaxng: Fix tree corruption in xmlRelaxNGParseNameClass Don't create cycles in tree structure. This will lead to an infinite loop or call stack overflow later. Closes: https://gitlab.gnome.org/GNOME/libxml2/-/issues/711

16ccb61d

2024-04-05T13:19:56

xinclude: Don't try to fix base of non-elements This would result in a spurious error.

af2bda4e

2024-04-05T13:09:45

SAX2: Also check URI length before resolving We don't want to exceed the size limit of 1 MB in uri.c. Such errors can't be distinguished from malloc failures.

5732ce56

2024-04-04T12:14:46

meson: Initial commit

650f842d

2024-04-02T15:25:28

string: Don't validate UTF-8 in xmlUTF8Strsub Most string functions can assume valid UTF-8. In order to detect malloc failures reliably, xmlUTF8Strsub should only return NULL if the start index is out of bounds or a memory allocation failed.

86c27206

2024-04-02T14:41:15

save: Handle invalid parent pointers in xhtmlNodeDumpOutput See #255 and commit 85b1792e.

f7f14537

2024-04-02T12:56:11

build: Disable support for compression libraries by default libxml2 has limited support for reading and writing compressed data with the help of zlib and liblzma which used to be enabled by default. This only works for files read from the file system and never worked with memory buffers. My guess is that this feature is virtually unused. In light of the recently discovered xz backdoor, it's a good time to disable these features by default to reduce attack surface and prepare for eventual removal. If --with-legacy is passed to the Autotools build, compression will be enabled by default as before.

365976db

2024-03-30T17:17:21

xinclude: Don't use xmlHasNsProp This function can malloc and doesn't report failures. Another design mistake is that xmlUnsetNsProp requires an xmlNs struct.

fe3cbf89

2024-03-29T14:54:39

fuzz: Check node type before xmlDocSetRootElement

5c553325

2024-03-29T13:45:19

Revert "tree: Only allow elements in xmlDocSetRootElement" This reverts commit 4b698dbaec9bc6775fc8341ef8a3f0d8321f8548. lxml assumes that xmlDocSetRootElement works with non-elements.

7c5daa37

2024-03-29T14:35:07

tree: Ignore namespace with NULL href in xmlSearchNs Some users set href to NULL to unset a namespace without deleting it. Also change the duplicate check in xmlNewNs which must agree with xmlSearchNs. Short-lived regression from f960c60d.

f43197fc

2024-03-29T11:16:45

tree: Don't coalesce text nodes in xmlAdd{Prev,Next}Sibling Commit 9e1c72da from 2001 introduced a bug where xmlAddPrevSibling and xmlAddNextSibling would only try to merge text nodes with one of its new siblings. Commit 4ccd3eb8 fixed this bug but unfortunately, lxml and possibly other downstream code depend on text nodes not being merged. To avoid breaking downstream code while still having somewhat consistent API behavior, it's probably best to make these functions never coalesce text nodes.

2cc7f710

2024-03-29T11:55:20

SAX2: Fix xmlSAX2EntityDecl with empty base Short-lived regression.

730de88b

2024-03-28T15:42:02

SAX2: Optimize appending children xmlSAX2AppendChild can make several assumptions which make appending nodes more efficient. Also handle line numbers in xmlSAX2AppendChild.

2a713a80

2024-03-28T15:09:46

tree: Document behavior if xmlSetTreeDoc fails

f1e9c7bd

2024-03-28T14:54:18

tree: Optimize xmlInsertNode Relink the node directly without calling xmlUnlinkNodeInternal.

ea0ee365

2024-03-28T12:38:43

tree: Align xmlAddChild with other node insertion functions Make xmlAddChild unlink the child before insertion. Originally, linked children would most likely cause tree corruption. The first fix disallowed linked nodes, but there are cases where insertion of such nodes could succeed. Don't abort if the node is already a child of parent. In this case, the node will be moved to the end of the child list.

e5cdb23f

2024-03-28T14:09:10

tree: Introduce xmlUnlinkNodeInternal xmlUnlinkNode also removes references to DTD nodes which shouldn't be done when moving nodes within a document. Introduce a new function xmlUnlinkNodeInternal which only unlinks a node from the tree. Remove references to DTD nodes in xmlNodeSetDoc. Note that moving element and attribute declarations to another document will still leave references in the source document.

1d50df87

2024-03-28T12:08:13

examples: Don't leave temp files

bfb02fbc

2024-03-28T11:30:05

fuzz: Fix xmlSetProp in API fuzzer Finding the old attribute node is a bit more involved.

9bce9dbb

2024-03-26T14:30:57

valid: Report malloc failure in xmlValidateOneElement

887ad90a

2024-03-26T14:23:51

fuzz: Restrict input size of API fuzzer

6c5248e2

2024-03-26T14:21:47

fuzz: Restrict number of copies in API fuzzer Avoid timeouts with large inputs.

aa04838e

2024-03-26T14:10:58

html: Use binary search in htmlEntityValueLookup

23a81841

2024-03-25T20:51:14

tree: Work on documentation

52efb20a

2024-03-24T13:43:25

fuzz: Enable float-divide-by-zero on OSS-Fuzz This was recently disabled globally: https://github.com/google/oss-fuzz/pull/11567

1ace0e85

2024-03-24T12:28:22

xinclude: Report malloc failure in xmlXIncludeAddNode

ad9a5637

2024-03-22T19:37:12

tree: Fix uninitialized value in xmlSearchNsSafe Short-lived regression.

00c2f549

2024-03-22T18:45:31

ci: Support ASan in Docker container Ubuntu now requires libclang-rt-dev for ASan libraries.

0e6e3921

2024-03-22T18:36:49

ci: Show config.log if configuration failed

c978a5d8

2024-03-22T18:34:12

ci: Remove Python 2 job, update C89 job Python 2 isn't supported on newer Ubuntu releases. Newer Python releases have header files which aren't compatible with C89.

3d6a25e5

2024-03-22T18:12:25

doc: Update Docker CI instructions

e7ff3ca4

2024-03-22T18:09:23

ci: Update Docker container to Ubuntu 23.10 This removes Python 2.

22455e97

2024-03-22T17:52:35

ci: Add meson to Docker container

d8741b81

2024-03-22T14:46:36

fuzz: Fix namespaces after xmlDOMWrapRemoveNode

05c147c3

2024-03-22T13:03:37

SAX2: Report malloc failure in xmlSAX2AttributeNs

0d04d79c

2024-03-22T12:26:28

xinclude: Report malloc failures in xmlXIncludeIncludeNode

7b316c11

2024-03-22T12:15:23

tree: Fix uninitialized value in xmlSearchNsByHrefSafe Short-lived regression.

d4d1f3f3

2024-03-20T18:45:10

fuzz: Enable API fuzzer on OSS-Fuzz

5ea29703

2024-03-20T18:41:26

fuzz: Reorder API fuzzer ops

da32c852

2024-03-20T13:45:13

fuzz: Check text nodes after merging Avoid exponential growth of text.

577e2516

2024-03-19T17:06:07

valid: Check for NULL node->name in xmlSnprintfElements Unfortunately, we can have NULL element names if xmlSetTreeDoc fails.

a279aae3

2024-03-18T14:20:19

io: Allocate output buffer with XML_BUFFER_ALLOC_IO This allows efficient shrinking of memory buffers. Support IO buffers in xmlBufDetach.

072facc4

2024-03-18T14:17:57

encoding: Don't shrink input too early in xmlCharEncOutput Some exotic encodings like ISO646-FR don't support '#' characters, so encoding a character reference can actually fail. Don't skip the offending input in this case so the error will be reported on the next call.

3f05508a

2024-03-18T14:14:00

tree: Report malloc failures in attribute setters

3bdd0d7b

2024-03-18T12:12:15

xinclude: Set errNo in xmlXIncludeErrMemory

6a49bb77

2024-03-17T17:16:55

tree: Introduce xmlSearchNsSafe After the failed experiment with a static XML namespace, introduce versions of xmlSearchNs that report malloc failures. Optimize the no-document case by only adding the XML namespace declaration if it wasn't found in an ancestor.

047ea3ec

2024-03-17T16:23:31

Revert "tree: Allocate XML namespace statically" This reverts commit 2840e33c5e4b51589a0b96e8102638eeaea6df72.

fb1e6302

2024-03-17T19:24:06

save: Check for NULL node->name in xhtmlIsEmpty

869f7244

2024-03-17T16:11:15

schemas: Fix ADD_ANNOTATION Fix adding multiple annotations.

1b4bf22c

2024-03-17T15:05:42

xmlreader: Fix memory leak in xmlTextReaderFreeProp Short-lived regression.

dc2a03d4

2024-03-16T14:50:56

valid: Deprecate internal validation functions

c0edd792

2024-03-16T15:10:32

fuzz: Move fuzzer options to environment variable

55175f75

2024-03-15T21:48:27

fuzz: Add OSS-Fuzz build.sh Move build.sh to our repo to facilitate changes.

f14f089f

2024-03-15T21:04:04

fuzz: Add some comments in api.c

ee0c1f87

2024-02-29T14:51:49

fuzz: New tree API fuzzer

2469d5d0

2024-03-15T02:55:11

tree: Tighten source doc check in xmlDOMWrapAdoptNode sourceDoc must match even if node->doc is NULL.

37556eb3

2024-03-14T16:32:58

tree: Check destParent->doc in xmlDOMWrapCloneNode The document must match destDoc to avoid tree corruption.

7c48c01b

2024-03-13T12:42:43

tree: Switch to xmlNodeSetDoc in xmlDOMWrapAdoptNode Report malloc failures. Also fixes an issue where xmlDOMWrapAdoptAttr would descend into entity references.

be2c26fb

2024-03-13T12:15:30

tree: Fix tree iteration in xmlDOMWrapRemoveNode We didn't descend into elements having attributes.

4a90ce08

2024-03-12T22:30:43

tree: Don't abort early if malloc fails in DOM functions If malloc fails halfway through updating a subtree, we must process the rest of the tree to avoid tree corruption.

kc3-lang/libxml2

Log