kmx git

Commit	Date	Message
ccb6d544	2022-11-27T02:09:27	Hide internal functions These functions were never declared in public headers, so it should be safe to hide them. Fixes #139.
82bd2c37	2022-11-25T18:09:15	python: Fix memory leak checks xmlInitParser doesn't allocate memory anymore, so the checks can be simplified.
e414f825	2022-11-25T15:01:22	html: Fix htmlInitAutoClose documentation
05c3a458	2022-11-25T14:15:43	tests: Check that xmlInitParser doesn't allocate memory
c16fd705	2022-11-25T14:52:37	xpath: Make init function private
1966382b	2022-11-25T17:39:01	memory: Don't use locks in xmlMemUsed The Python tests call xmlMemUsed after xmlCleanupParser which doesn't work with statically allocated mutexes. This is only used for debugging, so a lock isn't necessary.
53ab3840	2022-11-25T14:26:59	encoding: Make init function private
3e9d5e4f	2022-11-25T14:19:36	encoding: Remove unused variable xmlDefaultCharEncodingHandler
78c0391b	2022-11-25T13:55:39	parser: Register atexit handler in locked section
71931233	2022-10-24T21:50:34	threads: Use __libc_single_threaded if available Fixes #427
c73d464a	2022-11-24T15:00:03	threads: Deprecate some internal functions
65d381f3	2022-11-24T20:54:18	threads: Allocate mutexes statically
7010d877	2022-11-25T12:06:27	threads: Rework initialization Make init/cleanup functions private. Merge xmlOnceInit into xmlInitThreadsInternal.
9dbf1374	2022-11-24T20:52:57	parser: Make some module init/cleanup functions private
cecd364d	2022-11-24T16:38:47	parser: Don't call *DefaultSAXHandlerInit from xmlInitParser Change the default handler definitions to match the result after calling the initialization functions. This makes sure that no thread-local variables are accessed when calling xmlInitParser.
9ef80ff1	2022-11-25T12:33:25	memory: Remove xmlDictInitialized Call xmlInitParser when creating dicts instead.
ed053c50	2022-11-25T12:27:14	dict: Make init/cleanup functions private
2e9aeecb	2022-11-25T12:21:49	memory: Remove xmlMemInitialized Call xmlInitParser instead of xmlInitMemoryInternal.
1406b20f	2022-11-24T19:14:33	encoding: Allocate default handlers statically
278e7874	2022-11-23T03:07:56	libxml.m4: fix -Wstrict-prototypes Signed-off-by: Sam James <sam@gentoo.org>
707ade22	2022-11-22T14:56:58	Visual Studio builds: Allow silencing deprecation warnings Define XML_IGNORE_DEPRECATION_WARNINGS and the corresponding XML_POP_WARNINGS for Visual Studio, and consequently define XML_IGNORE_FPTR_CAST_WARNINGS so that we do not get a compiler warning on Visual Studio by doing a __pragma(warning(pop)) without a corresponding __pragma(warning(push)). Also correct the documentation a bit for XML_POP_WARNINGS.
b9590d5d	2022-11-18T11:23:23	Visual Studio: Define XML_DEPRECATED We can mark APIs as deprecated using __declspec(deprecated) with Visual Studio 2005 and later, so add a definition of that so that we can help users avoid using deprecated APIs when using Visual Studio as well. For the existing GCC definition, check whether we are on GCC 3.1+ before enabling the definition.
b1f9c193	2022-11-22T21:39:01	parser: Fix push parser with unterminated CDATA sections Short-lived regression found by OSS-Fuzz.
97c0a9cf	2022-11-22T17:01:39	tests: Fix use-after-free in Python tests The nodeset must be freed before the document. Fixes #443.
55034505	2022-11-22T17:01:21	Fix .editorconfig
34a5a4a5	2022-11-22T15:40:51	tests: Remove unneeded #includes
701beb4e	2022-11-22T15:37:49	xmllint: Include <io.h> on Windows
b9689d13	2022-11-22T15:37:12	gitlab-ci: Make Test-Msvc exit if ctest fails
138c897d	2022-11-22T14:57:58	gitlab-ci: Treat compiler warnings as errors on MSVC
d725addd	2022-11-22T14:50:14	warnings: Work around MSVC bug MSVC apparently complains when passing a `const char *` to memset. Unlike `const char const *`, this isn't a pointer to const memory.
cfbe68e4	2022-11-22T15:20:53	sources: Silence C4013 warnings on Visual Studio The read(), close(), open(), lseek() functions are found in io.h on Visual Studio, which does not ship unistd.h, so include io.h on Windows if unistd.h is not found. C4013 (aka implicit declaration of ...) warnings can often ring alarm bells.
0e193f0d	2022-11-21T22:09:19	parser: Remove dangerous check in xmlParseCharData If this check succeeds, xmlParseCharData could be called over and over again without making progress, resulting in an infinite loop. It's only important to check for XML_PARSER_EOF which is done later. Related to #441.
94ca36c2	2022-11-21T22:07:11	parser: Restore parser state in xmlParseCDSect Fixes #441.
a8b31e68	2022-11-21T21:35:01	parser: Fix progress check when parsing character data Skip over zero bytes to guarantee progress. Short-lived regression.
23491536	2022-11-21T20:11:53	Fix .editorconfig
c63900fb	2022-11-21T20:11:35	parser: Check terminate flag when push parsing CDATA sections Found by OSS-Fuzz.
a781ee33	2022-11-21T20:10:42	Revert "parser: Add overflow checks to xmlParseLookup functions" This reverts commit bfc55d688427972d093be010a8c2ef265375fcb2. It's better to fix the root cause.
bfc55d68	2022-11-21T18:29:54	parser: Add overflow checks to xmlParseLookup functions Short-lived regression found by OSS-Fuzz.
d7e698fc	2022-11-18T17:36:14	python/setup.py.in: Improve Windows import patching Move up the altImport function so that we ensure that it can be referred to and streamline it a bit, since we no longer attempt to build the libxslt Python bits here, at least on Windows.
e208eaa2	2022-11-20T22:41:51	Add .editorconfig Fixes #258.
9e4a46ac	2022-11-20T22:03:08	parser: Merge misc, prolog and epilog cases in push parser
9c63cea5	2022-11-20T15:36:41	test: Add test for push parser boundaries
691a7719	2022-11-20T19:55:12	parser: Fix 'consumed' accounting when switching encodings
c9367938	2022-11-20T19:54:34	html: Fix check for end of comment in push parser Make sure to reset checkIndex. Handle case where "--" or "--!" is at the end of the buffer. Fix "avail" check in htmlParseOrTryFinish.
55fb8f72	2022-11-20T15:35:49	parser: Fix push parser with 1-3 byte initial chunk Make sure that ctxt->charset is initialized properly.
68a6518c	2022-11-15T18:23:33	parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.
2059df53	2022-11-14T22:27:58	buf: Deprecate static/immutable buffers
1ca0dfec	2022-11-14T22:00:50	reader: Switch to xmlParserInputBufferCreateMem This is less efficient but can't result in input buffer overreads. Fixes #326.
f30adb54	2022-11-14T21:05:32	uri: Allow port without host Don't set port to -1 when host is missing. Host can be empty according to spec. Fixes #71.
76d6b0d7	2022-11-14T21:02:15	html: Don't escape ASCII chars in href attributes In several cases, href attributes can contain ASCII characters which are illegal in URIs. Escaping them often does more harm than good. Fixes #321.
4955e0c9	2022-11-14T20:16:22	io: Don't shrink memory input buffers
117bab22	2022-11-14T20:15:59	parser: Don't call xmlSHRINK from push parser xmlSHRINK also calls xmlParserInputGrow which isn't needed in the push parser.
f00739c1	2022-11-14T00:18:39	parser: Ignore cdata argument in xmlParseCharData It never could be used to parse CDATA sections.
e4f56a72	2022-11-13T23:42:10	parser: Simplify xmlParseConditionalSections
3582b07b	2022-11-13T22:57:32	parser: Fix content parser progress checks This is another attempt at fixing parser progress checks. Instead of relying on in->consumed, which could overflow, change some content parser functions to make guaranteed progress on certain byte sequences.
f7ad338e	2022-11-13T21:59:23	parser: Fix attribute parser progress checks This is another attempt at fixing parser progress checks. Instead of relying on in->consumed, which could overflow, make the attribute parser functions return a NULL name only if they don't make progress.
f61b8a62	2022-11-13T21:47:03	parser: Fix DTD parser progress checks This is another attempt at fixing parser progress checks. Instead of relying on in->consumed, which could overflow, change some DTD parser functions to make guaranteed progress on certain byte sequences.
249cee4b	2022-11-13T20:19:13	io: Fix a few integer overflows in I/O statistics There are still many places where arithmetic on "consumed" stats isn't checked for overflow, affecting platforms with a 32-bit long type.
6b570619	2022-11-13T19:44:00	io: Rearrange code in xmlSwitchInputEncodingInt No functional change.
1ef4938f	2022-11-13T17:55:28	io: Rework xmlParserInputBufferGrow with encodings Read data directly into the "raw" buffer when converting encodings. Make sure not to grow memory input buffers.
46cd7d22	2022-11-13T16:30:46	io: Remove xmlInputReadCallbackNop In some cases, for example when using encoders, the read callback was set to NULL, in other cases it was set to xmlInputReadCallbackNop. xmlGROW only tested for xmlInputReadCallbackNop, resulting in errors when parsing large encoded content from memory. Always use a NULL callback for memory buffers to avoid ambiguities. Fixes #262.
9feafbc5	2022-11-13T16:56:10	io: Check for memory buffer early in xmlParserInputGrow
0d1765fd	2022-11-13T15:20:13	doc: Mention new location of XML catalog as breaking change
22d879bf	2022-11-13T15:08:44	io: Fix "buffer full" error with certain buffer sizes Remove a useless check in xmlParserInputBufferGrow that could be triggered after changing xmlBufAvail in c14cac8b. Fixes #438.
a2493721	2022-11-04T15:06:25	doc: Mention potentially breaking changes in NEWS
b693905f	2022-11-04T14:50:39	doc: Remove xmlDllMain from documentation and version script This is a Windows-only symbol.
d48faf1a	2022-11-04T14:30:50	doc: Mention ${sysconfdir} in man pages Fixes #395.
3ab57bf4	2022-11-04T14:25:23	doc: Document xmlcatalog --convert Fixes #417.
ae7096a1	2022-11-04T14:21:53	doc: Document xmllint --nodict and --pedantic Fixes #418.
736487df	2022-11-04T14:17:01	doc: Fix indentation in source XML files
a70f7d47	2022-11-04T14:03:31	parser: Fix error message in xmlParseCommentComplex Fixes #421.
1fa4d14f	2022-11-04T12:34:39	Bypass proxy in nanoHTTP for hosts in "no_proxy"
b4592709	2022-11-02T16:22:54	malloc-fail: Fix memory leak in xmlStringGetNodeList Also make sure to return NULL on error instead of a partial node list. Found with libFuzzer, see #344.
5a19e216	2022-11-02T16:13:27	malloc-fail: Fix use-after-free in xmlXIncludeAddNode Found with libFuzzer, see #344.
afc7e3a7	2022-11-02T16:11:00	malloc-fail: Fix memory leak in xmlParseReference Found with libFuzzer, see #344.
7ceaee94	2022-11-02T16:05:05	malloc-fail: Fix memory leak in xmlSAX2ExternalSubset Found with libFuzzer, see #344.
e129c1d1	2022-11-02T16:02:39	malloc-fail: Fix infinite loop in xmlSkipBlankChars Found with libFuzzer, see #344.
dd50cfeb	2022-11-02T15:58:31	malloc-fail: Fix memory leak in xmlNewDocNodeEatName Found with libFuzzer, see #344.
fa361de0	2022-11-02T15:53:52	malloc-fail: Fix memory leak in xmlNewPropInternal Also fixes a memory leak if called with a non-element node. Found with libFuzzer, see #344.
865e142c	2022-11-02T15:46:11	malloc-fail: Fix memory leak in xmlCreatePushParserCtxt Found with libFuzzer, see #344.
a22bd982	2022-11-02T15:44:42	malloc-fail: Fix memory leak in xmlStaticCopyNodeList Found with libFuzzer, see #344.
abb5a93f	2022-11-02T10:53:24	schemas: Fix infinite loop in xmlSchemaCheckElemSubstGroup Types like xmlSchemaTypeAnyTypeDef have a base type pointing to itself, resulting in an infinite loop. Fixes #430.
9aba613b	2022-10-31T17:09:54	fuzz: Add new XInclude test directory to corpus
b456e3bb	2022-10-30T20:28:20	xinclude: Always allow XPtr expressions in external documents
f14529ba	2022-10-30T12:32:14	xinclude: Fix more memory leaks in xmlXIncludeLoadDoc
eef0a739	2022-10-30T12:21:20	xinclude: Implement "streaming" mode When using xmlreader, XPointer expressions in XIncludes simply cannot work. Expressions can reference nodes which weren't parsed yet or which were already deleted. After fixing nested XIncludes, we reference includes which were parsed previously. When streaming, these nodes could have been deleted, leading to use-after-free errors. Disallow XPointer expressions and truncate the include table in streaming mode.
7e078cc1	2022-10-30T12:03:51	xinclude: Clean up xmlXIncludeDoProcess Only scan new includes in the second pass. Always reset the "replace" flag. This only matters if xmlXIncludeDoProcess is called multiple times on the same document which currently only happens when called from xmlreader.
075cee9e	2022-10-29T15:38:16	xinclude: Fix memory leak when fuzzing This only affects the fuzzing build mode.
b59ff587	2022-10-28T20:08:02	xinclude: Fix memory leak in xmlXIncludeLoadDoc Regressed in a recent commit.
66f781cf	2022-10-24T14:56:26	gitlab-ci: Upgrade image to Ubuntu 22.10, reenable MSan MSan and 64-bit stat was broken on Ubuntu 22.04 (glibc >= 2.33, LLVM <= 14), see https://github.com/llvm/llvm-project/commit/1f82d0f7
80e43d1b	2022-10-24T01:08:25	gitlab-ci: Reenable LeakSanitizer Let's hope it works on the asan runners.
d767c6be	2022-10-23T23:26:31	gitlab-ci: Fix llvm-symbolizer Newer versions of llvm-symbolizer require libxml2 themselves. Running a test program with LD_LIBRARY_PATH set to .libs makes llvm-symbolizer pick up the tested development version of libxml2 which breaks completely if the build is instrumented with ASan. Add a wrapper script that invokes llvm-symbolizer with an empty LD_LIBRARY_PATH.
128c0261	2022-10-25T19:23:07	warnings: Fix -Wstrict-prototypes warning
b6f1298a	2022-10-24T20:47:10	warnings: Remove set-but-unused variables Fixes compiler warnings with clang 15.
bffc67d1	2022-10-24T20:24:17	threads: Remove check for pthread_equal GCC 12 fixed -Waddress warnings for inline functions, resulting in warnings when comparing pthread_equal with NULL. Simply remove the check and assume that pthread_equal is available if all the other functions are. This code is only enabled on Linux anyway.
20e2fb4c	2022-10-23T17:52:29	xinclude: Avoid creation of subcontexts Don't create subcontext in xmlXIncludeRecurseDoc. Save and restore 'doc' and 'incTab' instead. Make xmlXIncludeLoadFallback call xmlXIncludeCopyNode which seems safer than xmlXIncludeDoProcess since the latter may modify the document. This should also be more performant since we need to copy the whole fallback subtree anyway. Also make sure to avoid replacements in fallback elements in xmlXIncludeDoProcess.
010b682f	2022-10-23T16:02:48	xinclude: Rework XInclude cache Use a single cache stored in the "root" context, avoiding cache misses in some scenarios. Separate the cache from the "include" table. Rework recursion check.
3b68aa47	2022-10-23T16:54:22	xinclude: Remove unused 'doc' argument from xmlXIncludeDoProcess
0b09f132	2022-10-23T14:59:31	xinclude: Remove unused member 'url' from xmlXIncludeCtxt
966f5ebd	2022-10-23T14:14:39	xinclude: Remove inefficient refcounting scheme xinclude.c used to implement a refcounting mechanism for documents which could result in documents being freed too early and reloaded. We really should keep parsed and processed documents around for as long as possible to avoid reprocessing.

ccb6d544

2022-11-27T02:09:27

Hide internal functions These functions were never declared in public headers, so it should be safe to hide them. Fixes #139.

82bd2c37

2022-11-25T18:09:15

python: Fix memory leak checks xmlInitParser doesn't allocate memory anymore, so the checks can be simplified.

e414f825

2022-11-25T15:01:22

html: Fix htmlInitAutoClose documentation

05c3a458

2022-11-25T14:15:43

tests: Check that xmlInitParser doesn't allocate memory

c16fd705

2022-11-25T14:52:37

xpath: Make init function private

1966382b

2022-11-25T17:39:01

memory: Don't use locks in xmlMemUsed The Python tests call xmlMemUsed after xmlCleanupParser which doesn't work with statically allocated mutexes. This is only used for debugging, so a lock isn't necessary.

53ab3840

2022-11-25T14:26:59

encoding: Make init function private

3e9d5e4f

2022-11-25T14:19:36

encoding: Remove unused variable xmlDefaultCharEncodingHandler

78c0391b

2022-11-25T13:55:39

parser: Register atexit handler in locked section

71931233

2022-10-24T21:50:34

threads: Use __libc_single_threaded if available Fixes #427

c73d464a

2022-11-24T15:00:03

threads: Deprecate some internal functions

65d381f3

2022-11-24T20:54:18

threads: Allocate mutexes statically

7010d877

2022-11-25T12:06:27

threads: Rework initialization Make init/cleanup functions private. Merge xmlOnceInit into xmlInitThreadsInternal.

9dbf1374

2022-11-24T20:52:57

parser: Make some module init/cleanup functions private

cecd364d

2022-11-24T16:38:47

parser: Don't call *DefaultSAXHandlerInit from xmlInitParser Change the default handler definitions to match the result after calling the initialization functions. This makes sure that no thread-local variables are accessed when calling xmlInitParser.

9ef80ff1

2022-11-25T12:33:25

memory: Remove xmlDictInitialized Call xmlInitParser when creating dicts instead.

ed053c50

2022-11-25T12:27:14

dict: Make init/cleanup functions private

2e9aeecb

2022-11-25T12:21:49

memory: Remove xmlMemInitialized Call xmlInitParser instead of xmlInitMemoryInternal.

1406b20f

2022-11-24T19:14:33

encoding: Allocate default handlers statically

278e7874

2022-11-23T03:07:56

libxml.m4: fix -Wstrict-prototypes Signed-off-by: Sam James <sam@gentoo.org>

707ade22

2022-11-22T14:56:58

Visual Studio builds: Allow silencing deprecation warnings Define XML_IGNORE_DEPRECATION_WARNINGS and the corresponding XML_POP_WARNINGS for Visual Studio, and consequently define XML_IGNORE_FPTR_CAST_WARNINGS so that we do not get a compiler warning on Visual Studio by doing a __pragma(warning(pop)) without a corresponding __pragma(warning(push)). Also correct the documentation a bit for XML_POP_WARNINGS.

b9590d5d

2022-11-18T11:23:23

Visual Studio: Define XML_DEPRECATED We can mark APIs as deprecated using __declspec(deprecated) with Visual Studio 2005 and later, so add a definition of that so that we can help users avoid using deprecated APIs when using Visual Studio as well. For the existing GCC definition, check whether we are on GCC 3.1+ before enabling the definition.

b1f9c193

2022-11-22T21:39:01

parser: Fix push parser with unterminated CDATA sections Short-lived regression found by OSS-Fuzz.

97c0a9cf

2022-11-22T17:01:39

tests: Fix use-after-free in Python tests The nodeset must be freed before the document. Fixes #443.

55034505

2022-11-22T17:01:21

Fix .editorconfig

34a5a4a5

2022-11-22T15:40:51

tests: Remove unneeded #includes

701beb4e

2022-11-22T15:37:49

xmllint: Include <io.h> on Windows

b9689d13

2022-11-22T15:37:12

gitlab-ci: Make Test-Msvc exit if ctest fails

138c897d

2022-11-22T14:57:58

gitlab-ci: Treat compiler warnings as errors on MSVC

d725addd

2022-11-22T14:50:14

warnings: Work around MSVC bug MSVC apparently complains when passing a `const char **` to memset. Unlike `const char *const *`, this isn't a pointer to const memory.

cfbe68e4

2022-11-22T15:20:53

sources: Silence C4013 warnings on Visual Studio The read(), close(), open(), lseek() functions are found in io.h on Visual Studio, which does not ship unistd.h, so include io.h on Windows if unistd.h is not found. C4013 (aka implicit declaration of ...) warnings can often ring alarm bells.

0e193f0d

2022-11-21T22:09:19

parser: Remove dangerous check in xmlParseCharData If this check succeeds, xmlParseCharData could be called over and over again without making progress, resulting in an infinite loop. It's only important to check for XML_PARSER_EOF which is done later. Related to #441.

94ca36c2

2022-11-21T22:07:11

parser: Restore parser state in xmlParseCDSect Fixes #441.

a8b31e68

2022-11-21T21:35:01

parser: Fix progress check when parsing character data Skip over zero bytes to guarantee progress. Short-lived regression.

23491536

2022-11-21T20:11:53

Fix .editorconfig

c63900fb

2022-11-21T20:11:35

parser: Check terminate flag when push parsing CDATA sections Found by OSS-Fuzz.

a781ee33

2022-11-21T20:10:42

Revert "parser: Add overflow checks to xmlParseLookup functions" This reverts commit bfc55d688427972d093be010a8c2ef265375fcb2. It's better to fix the root cause.

bfc55d68

2022-11-21T18:29:54

parser: Add overflow checks to xmlParseLookup functions Short-lived regression found by OSS-Fuzz.

d7e698fc

2022-11-18T17:36:14

python/setup.py.in: Improve Windows import patching Move up the altImport function so that we ensure that it can be referred to and streamline it a bit, since we no longer attempt to build the libxslt Python bits here, at least on Windows.

e208eaa2

2022-11-20T22:41:51

Add .editorconfig Fixes #258.

9e4a46ac

2022-11-20T22:03:08

parser: Merge misc, prolog and epilog cases in push parser

9c63cea5

2022-11-20T15:36:41

test: Add test for push parser boundaries

691a7719

2022-11-20T19:55:12

parser: Fix 'consumed' accounting when switching encodings

c9367938

2022-11-20T19:54:34

html: Fix check for end of comment in push parser Make sure to reset checkIndex. Handle case where "--" or "--!" is at the end of the buffer. Fix "avail" check in htmlParseOrTryFinish.

55fb8f72

2022-11-20T15:35:49

parser: Fix push parser with 1-3 byte initial chunk Make sure that ctxt->charset is initialized properly.

68a6518c

2022-11-15T18:23:33

parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.

2059df53

2022-11-14T22:27:58

buf: Deprecate static/immutable buffers

1ca0dfec

2022-11-14T22:00:50

reader: Switch to xmlParserInputBufferCreateMem This is less efficient but can't result in input buffer overreads. Fixes #326.

f30adb54

2022-11-14T21:05:32

uri: Allow port without host Don't set port to -1 when host is missing. Host can be empty according to spec. Fixes #71.

76d6b0d7

2022-11-14T21:02:15

html: Don't escape ASCII chars in href attributes In several cases, href attributes can contain ASCII characters which are illegal in URIs. Escaping them often does more harm than good. Fixes #321.

4955e0c9

2022-11-14T20:16:22

io: Don't shrink memory input buffers

117bab22

2022-11-14T20:15:59

parser: Don't call xmlSHRINK from push parser xmlSHRINK also calls xmlParserInputGrow which isn't needed in the push parser.

f00739c1

2022-11-14T00:18:39

parser: Ignore cdata argument in xmlParseCharData It never could be used to parse CDATA sections.

e4f56a72

2022-11-13T23:42:10

parser: Simplify xmlParseConditionalSections

3582b07b

2022-11-13T22:57:32

parser: Fix content parser progress checks This is another attempt at fixing parser progress checks. Instead of relying on in->consumed, which could overflow, change some content parser functions to make guaranteed progress on certain byte sequences.

f7ad338e

2022-11-13T21:59:23

parser: Fix attribute parser progress checks This is another attempt at fixing parser progress checks. Instead of relying on in->consumed, which could overflow, make the attribute parser functions return a NULL name only if they don't make progress.

f61b8a62

2022-11-13T21:47:03

parser: Fix DTD parser progress checks This is another attempt at fixing parser progress checks. Instead of relying on in->consumed, which could overflow, change some DTD parser functions to make guaranteed progress on certain byte sequences.

249cee4b

2022-11-13T20:19:13

io: Fix a few integer overflows in I/O statistics There are still many places where arithmetic on "consumed" stats isn't checked for overflow, affecting platforms with a 32-bit long type.

6b570619

2022-11-13T19:44:00

io: Rearrange code in xmlSwitchInputEncodingInt No functional change.

1ef4938f

2022-11-13T17:55:28

io: Rework xmlParserInputBufferGrow with encodings Read data directly into the "raw" buffer when converting encodings. Make sure not to grow memory input buffers.

46cd7d22

2022-11-13T16:30:46

io: Remove xmlInputReadCallbackNop In some cases, for example when using encoders, the read callback was set to NULL, in other cases it was set to xmlInputReadCallbackNop. xmlGROW only tested for xmlInputReadCallbackNop, resulting in errors when parsing large encoded content from memory. Always use a NULL callback for memory buffers to avoid ambiguities. Fixes #262.

9feafbc5

2022-11-13T16:56:10

io: Check for memory buffer early in xmlParserInputGrow

0d1765fd

2022-11-13T15:20:13

doc: Mention new location of XML catalog as breaking change

22d879bf

2022-11-13T15:08:44

io: Fix "buffer full" error with certain buffer sizes Remove a useless check in xmlParserInputBufferGrow that could be triggered after changing xmlBufAvail in c14cac8b. Fixes #438.

a2493721

2022-11-04T15:06:25

doc: Mention potentially breaking changes in NEWS

b693905f

2022-11-04T14:50:39

doc: Remove xmlDllMain from documentation and version script This is a Windows-only symbol.

d48faf1a

2022-11-04T14:30:50

doc: Mention ${sysconfdir} in man pages Fixes #395.

3ab57bf4

2022-11-04T14:25:23

doc: Document xmlcatalog --convert Fixes #417.

ae7096a1

2022-11-04T14:21:53

doc: Document xmllint --nodict and --pedantic Fixes #418.

736487df

2022-11-04T14:17:01

doc: Fix indentation in source XML files

a70f7d47

2022-11-04T14:03:31

parser: Fix error message in xmlParseCommentComplex Fixes #421.

1fa4d14f

2022-11-04T12:34:39

Bypass proxy in nanoHTTP for hosts in "no_proxy"

b4592709

2022-11-02T16:22:54

malloc-fail: Fix memory leak in xmlStringGetNodeList Also make sure to return NULL on error instead of a partial node list. Found with libFuzzer, see #344.

5a19e216

2022-11-02T16:13:27

malloc-fail: Fix use-after-free in xmlXIncludeAddNode Found with libFuzzer, see #344.

afc7e3a7

2022-11-02T16:11:00

malloc-fail: Fix memory leak in xmlParseReference Found with libFuzzer, see #344.

7ceaee94

2022-11-02T16:05:05

malloc-fail: Fix memory leak in xmlSAX2ExternalSubset Found with libFuzzer, see #344.

e129c1d1

2022-11-02T16:02:39

malloc-fail: Fix infinite loop in xmlSkipBlankChars Found with libFuzzer, see #344.

dd50cfeb

2022-11-02T15:58:31

malloc-fail: Fix memory leak in xmlNewDocNodeEatName Found with libFuzzer, see #344.

fa361de0

2022-11-02T15:53:52

malloc-fail: Fix memory leak in xmlNewPropInternal Also fixes a memory leak if called with a non-element node. Found with libFuzzer, see #344.

865e142c

2022-11-02T15:46:11

malloc-fail: Fix memory leak in xmlCreatePushParserCtxt Found with libFuzzer, see #344.

a22bd982

2022-11-02T15:44:42

malloc-fail: Fix memory leak in xmlStaticCopyNodeList Found with libFuzzer, see #344.

abb5a93f

2022-11-02T10:53:24

schemas: Fix infinite loop in xmlSchemaCheckElemSubstGroup Types like xmlSchemaTypeAnyTypeDef have a base type pointing to itself, resulting in an infinite loop. Fixes #430.

9aba613b

2022-10-31T17:09:54

fuzz: Add new XInclude test directory to corpus

b456e3bb

2022-10-30T20:28:20

xinclude: Always allow XPtr expressions in external documents

f14529ba

2022-10-30T12:32:14

xinclude: Fix more memory leaks in xmlXIncludeLoadDoc

eef0a739

2022-10-30T12:21:20

xinclude: Implement "streaming" mode When using xmlreader, XPointer expressions in XIncludes simply cannot work. Expressions can reference nodes which weren't parsed yet or which were already deleted. After fixing nested XIncludes, we reference includes which were parsed previously. When streaming, these nodes could have been deleted, leading to use-after-free errors. Disallow XPointer expressions and truncate the include table in streaming mode.

7e078cc1

2022-10-30T12:03:51

xinclude: Clean up xmlXIncludeDoProcess Only scan new includes in the second pass. Always reset the "replace" flag. This only matters if xmlXIncludeDoProcess is called multiple times on the same document which currently only happens when called from xmlreader.

075cee9e

2022-10-29T15:38:16

xinclude: Fix memory leak when fuzzing This only affects the fuzzing build mode.

b59ff587

2022-10-28T20:08:02

xinclude: Fix memory leak in xmlXIncludeLoadDoc Regressed in a recent commit.

66f781cf

2022-10-24T14:56:26

gitlab-ci: Upgrade image to Ubuntu 22.10, reenable MSan MSan and 64-bit stat was broken on Ubuntu 22.04 (glibc >= 2.33, LLVM <= 14), see https://github.com/llvm/llvm-project/commit/1f82d0f7

80e43d1b

2022-10-24T01:08:25

gitlab-ci: Reenable LeakSanitizer Let's hope it works on the asan runners.

d767c6be

2022-10-23T23:26:31

gitlab-ci: Fix llvm-symbolizer Newer versions of llvm-symbolizer require libxml2 themselves. Running a test program with LD_LIBRARY_PATH set to .libs makes llvm-symbolizer pick up the tested development version of libxml2 which breaks completely if the build is instrumented with ASan. Add a wrapper script that invokes llvm-symbolizer with an empty LD_LIBRARY_PATH.

128c0261

2022-10-25T19:23:07

warnings: Fix -Wstrict-prototypes warning

b6f1298a

2022-10-24T20:47:10

warnings: Remove set-but-unused variables Fixes compiler warnings with clang 15.

bffc67d1

2022-10-24T20:24:17

threads: Remove check for pthread_equal GCC 12 fixed -Waddress warnings for inline functions, resulting in warnings when comparing pthread_equal with NULL. Simply remove the check and assume that pthread_equal is available if all the other functions are. This code is only enabled on Linux anyway.

20e2fb4c

2022-10-23T17:52:29

xinclude: Avoid creation of subcontexts Don't create subcontext in xmlXIncludeRecurseDoc. Save and restore 'doc' and 'incTab' instead. Make xmlXIncludeLoadFallback call xmlXIncludeCopyNode which seems safer than xmlXIncludeDoProcess since the latter may modify the document. This should also be more performant since we need to copy the whole fallback subtree anyway. Also make sure to avoid replacements in fallback elements in xmlXIncludeDoProcess.

010b682f

2022-10-23T16:02:48

xinclude: Rework XInclude cache Use a single cache stored in the "root" context, avoiding cache misses in some scenarios. Separate the cache from the "include" table. Rework recursion check.

3b68aa47

2022-10-23T16:54:22

xinclude: Remove unused 'doc' argument from xmlXIncludeDoProcess

0b09f132

2022-10-23T14:59:31

xinclude: Remove unused member 'url' from xmlXIncludeCtxt

966f5ebd

2022-10-23T14:14:39

xinclude: Remove inefficient refcounting scheme xinclude.c used to implement a refcounting mechanism for documents which could result in documents being freed too early and reloaded. We really should keep parsed and processed documents around for as long as possible to avoid reprocessing.

kc3-lang/libxml2

Log