kmx git

Commit	Date	Message
92d7b0cd	2025-03-04T20:18:11	xpath: Rename valuePush and valuePop
03be993c	2025-03-04T18:42:35	Use memcpy to avoid pointer cast warnings
63dfcca6	2024-12-16T01:34:29	fuzz: Reduce initial array size
69b91da3	2025-02-13T19:45:41	Revert "xpath: Make contextSize and proximityPosition default to 1" This reverts commit afbc0a0405236de4ab8cbac94745e9885db0a198.
9c16a153	2025-02-13T18:41:33	Revert "include: Make most IS_* macros private" This reverts commit 84a6c82ff83d04963d6e1c5cd18ded68ea02d99f.
3a1526a5	2025-02-10T19:32:32	xpath: Don't raise OOM error on long names Short-lived regression.
5f1131dd	2025-01-17T19:54:04	xpath: Don't descend into OP_VALUE in debug dump For some reason, its "ch1" value is invalid.
ca819160	2025-01-03T20:50:08	include: Use intptr_t to cast between pointers and ints
84a6c82f	2024-12-19T20:59:10	include: Make most IS_* macros private Macros like IS_DIGIT or IS_LETTER severely pollute the C namespace.
b9feb816	2024-12-15T17:56:37	xpath: Check reallocations for overflow Factor out node set reallocation.
afbc0a04	2024-12-21T16:25:14	xpath: Make contextSize and proximityPosition default to 1 In the general case of processing a single node, these values should be set to 1.
e014cc57	2024-12-21T16:23:32	xpath: Remove non-standard xf:escape-uri function This undocumented function used an outdated namespace URI and is unlikely to be used these days.
bf5fcf6e	2024-12-21T16:03:46	xpath: Use separate static hash table for standard functions This avoids registering standard functions when creating an XPath context. Lookup of extension functions is a bit slower now, but ultimately, all function lookups should be moved to the compilation phase.
45914614	2024-11-05T12:05:14	xpath: Fix parsing of non-ASCII names Fix a long-standing issue where QNames starting with a non-ASCII character would be rejected. This became more visible after "streaming" XPath evaluation was disabled since the latter handled non-ASCII names correctly. Fixes #818.
c46b89e2	2024-09-13T21:06:36	xpath: Deprecate xmlXPathEvalExpr Also check the argument instead of crashing if there's no context.
03f1bdd2	2024-09-13T20:59:47	xpath: Make recursion check work with xmlXPathCompile The check for maximum recursion depth required a parser context with an xmlXPathContext which xmlXPathCompile didn't provide. All other code should already set up or require an xmlXPathContext.
5d36664f	2024-07-16T00:35:53	memory: Deprecate xmlGcMemSetup
be250b79	2024-07-15T20:04:08	xpath: Remove union swap optimization This would require locking to make it thread-safe.
a221cd78	2024-07-07T03:01:51	buf: Rework xmlBuf code Always use what the old implementation called the "IO" allocation scheme, allowing to move the content pointer past the initial allocation. This is inexpensive and allows efficient shrinking. Optimize xmlBufGrow, reusing shrunken memory as much as possible. Simplify xmlBufAdd. Make xmlBufBackToBuffer return an error on overflow. Make "size" exclude the terminating NULL byte. Always provide an initial size. Reintroduce static buffers. Remove xmlBufResize and several other functions.
6be79014	2024-07-15T14:18:26	Remove unused code
30ef7755	2024-07-02T04:02:16	parser: Don't use deprecated xmlCopyChar
598ee0d2	2024-06-26T01:18:55	error: Remove underscores from xmlRaiseError
217e9b7a	2024-06-08T12:27:45	clang-tidy: don't return in void functions Found with readability-redundant-control-flow Signed-off-by: Rosen Penev <rosenp@gmail.com>
f307237e	2024-06-15T23:53:04	schemas: Use private copy of global NaN and Inf Simplify symbol availability logic.
669bd349	2024-06-12T18:20:01	xpointer: Remove support for XPointer locations The latest spec for what it essentially an XPath extension seems to be this working draft from 2002: https://www.w3.org/TR/xptr-xpointer/ The xpointer() scheme is listed as "being reviewed" in the XPointer registry since at least 2006. libxml2 seems to be the only modern software that tries to implement this spec, but the code has many bugs and quality issues. If you configure --with-legacy, old symbols are retained for ABI compatibility.
e75e878e	2024-05-20T13:58:22	doc: Update and fix documentation
8d215ac5	2024-05-14T15:55:18	xpath: Fix quadratic runtime accounting
63ce5f9a	2024-04-28T17:32:35	Make some globals const
20b0bd98	2024-04-09T18:00:13	fuzz: Account for quadratic runtime in xmlXPathTranslateFunction Avoid fuzzer timeouts caused by this known issue.
047ea3ec	2024-03-17T16:23:31	Revert "tree: Allocate XML namespace statically" This reverts commit 2840e33c5e4b51589a0b96e8102638eeaea6df72.
05adfbf8	2024-03-11T13:42:15	buf: Don't use default buffer size for small strings Detaching strings from a buffer with a default size of 4096 can waste a lot of memory.
2840e33c	2024-03-04T07:34:25	tree: Allocate XML namespace statically
2963a097	2024-02-05T15:35:54	xpath: Report malloc failure in xmlXPathTranslateFunction
37d474ff	2024-01-17T14:19:42	xpath: Fix return of empty node-set in xmlXPathNodeCollectAndTest Don't return NULL node-sets. Ultimately, we should make sure that obj->nodesetval is always non-NULL even for empty node-sets. See #663.
b8313b58	2023-12-26T21:59:08	xpath: Rewrite substring-before and substring-after Don't use buffers. Check malloc failures.
c8f1f4a2	2023-12-21T17:30:38	doc: Improve documentation of error handlers
531d06ad	2023-12-18T22:48:24	error: Stop printing some errors by default Unfortunately, it's long-standing behavior for libxml2 to print all reported errors to stderr by default. This default behavior is now partially disabled. If no error handler is set, only parser and validation errors are passed to a generic error handler or printed to stderr. Other errors are still available via xmlGetLastError and can be captured with a structured error handler.
954b8984	2023-12-18T19:39:38	xpath: Improve error handling Introduce xmlXPathSetErrorHandler allowing to set a structured error handler for an XPath context. Remove arguments from memory error handlers. Use xmlRaiseMemoryError. Remove TODO, STRANGE and CHECK_CTXT macros. Remove remaining uses of xmlGenericError.
6fdc20ba	2023-12-20T18:33:29	xpath: Don't free nodes of XSLT result value trees This feature hasn't been required for a long time and libxslt works around by manually setting 'boolval' to 0.
bcefef20	2023-12-20T14:40:27	malloc-fail: Report malloc failure in xmlXPathNumberFunction
6ae98ebc	2023-12-15T14:53:44	malloc-fail: Report malloc failure in xmlXPathTranslateFunction
8583b9f1	2023-12-12T15:00:44	malloc-fail: Fix null deref in xmlXPathTranslateFunction Short-lived regression.
e632d9f0	2023-12-10T16:56:16	xpath: Report malloc failures Fix many places where malloc failures aren't reported. Rework XPath object cache to store free objects in a linked list to avoid allocating an additional array. Remove some unneeded object pools.
8c084ebd	2023-09-21T22:57:33	doc: Make apibuild.py happy
9b5cce7a	2023-09-21T00:44:50	include: Remove more unnecessary includes
699299ca	2023-09-20T18:54:39	globals: Stop including globals.h
4e1c13eb	2023-09-18T14:45:10	debug: Remove debugging code This is barely useful these days and only clutters the code base.
6273df6c	2023-05-30T12:30:27	xpath: Ignore entity ref nodes when computing node hash XPath queries only work reliably if entities are substituted. Nevertheless, it's possible to query a document with entity reference nodes. xmllint even deletes entities when the `--dropdtd` option is passed, resulting in dangling pointers, so it's best to skip entity reference nodes to avoid a use-after-free. Fixes #550.
01723fc6	2023-05-08T23:12:33	xpath: Fix build without LIBXML_XPATH_ENABLED Move static function declaration into XPATH block. Also move comparison functions. Fixes #537.
b1319c90	2023-03-18T16:34:01	malloc-fail: Check for malloc failures when creating XPath strings Prevent null derefs. Found by OSS-Fuzz, see #344.
48379394	2023-03-13T17:11:27	malloc-fail: Stop using XPath stack frames There's too much code which assumes that if ctxt->value is non-null, a value can be successfully popped off the stack. This assumption can break with stack frames when malloc fails. Instead of trying to fix all call sites, remove the stack frame logic. It only offered very little protection against misbehaving extension functions. We already check the stack size after a function call which should be enough. Found by OSS-Fuzz.
bd6fa2c1	2023-03-09T22:33:19	malloc-fail: Fix memory leak in xmlXPathRegisterNs Found by OSS-Fuzz.
282b75f1	2023-02-28T12:14:33	malloc-fail: Fix memory leak in xmlXPathNameFunction Found with libFuzzer, see #344.
524654ed	2023-02-26T17:19:47	xpath: Fix harmless integer overflow in xmlXPathTranslateFunction
8608b71f	2023-02-26T15:17:15	Revert "xpath: Fix popping of values in xmlXPathPopNodeset" This reverts commit 47b0e0a620d1e0e657b858986e3ebde80d4645b4.
bc9f372c	2023-02-26T18:00:30	malloc-fail: Fix memory leak in xmlXPathDistinctSorted Found with libFuzzer, see #344.
6f9604f0	2023-02-26T16:09:50	malloc-fail: Fix memory leak in xmlXPathCacheNewNodeSet Found with libFuzzer, see #344.
44947afb	2023-02-26T14:41:35	malloc-fail: Fix null deref after xmlPointerListAddSize Found with libFuzzer, see #344.
70b21c9f	2023-02-26T14:33:16	malloc-fail: Fix null deref in xmlXPathCompiledEvalInternal Found with libFuzzer, see #344.
0f112d02	2023-02-24T18:00:03	malloc-fail: Fix use-after-free related to xmlXPathNodeSetFilter Found with libFuzzer, see #344.
a3e11b38	2023-02-25T16:05:24	malloc-fail: Fix memory leak in xmlXPathEqualNodeSetFloat Found with libFuzzer, see #344.
b51478dc	2023-02-24T16:21:17	Revert "malloc-fail: Avoid use-after-free after unsuccessful valuePush" This reverts commit 6a12be77c6a94c374ab7476087edcee2ba41d9b4. There's too much code reading ctxt->value directly and making the wrong assumptions.
47b0e0a6	2023-02-23T15:43:15	xpath: Fix popping of values in xmlXPathPopNodeset After 6a12be77, valuePop can fail even if ctxt->value is non-NULL. If it turns out that too much code relies on this assumption, a better fix is needed.
8d22e065	2023-02-15T14:41:11	malloc-fail: Fix memory leak after calling xmlXPathNodeSetMerge Destroy the first argument in xmlXPathNodeSetMerge if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.
d31a0e8e	2023-02-15T14:47:29	malloc-fail: Fix memory leak after calling xmlXPathWrapString Destroy the string in xmlXPathWrapString if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.
3dc64522	2023-02-15T14:30:40	malloc-fail: Fix memory leak in xmlXPathEqualValuesCommon Found with libFuzzer, see #344.
691f7eb4	2023-02-15T14:05:13	malloc-fail: Fix memory leak in xmlXPathCompareValues Found with libFuzzer, see #344.
ac746afd	2023-02-15T13:54:55	malloc-fail: Fix memory leak in xmlXPathTryStreamCompile Found with libFuzzer, see #344.
85bc313e	2023-02-15T13:49:28	malloc-fail: Fix memory leak after calling valuePush Destroy the object in valuePush if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.
f5e11749	2023-02-15T13:48:18	malloc-fail: Fix memory leak after calling xmlXPathWrapNodeSet Destroy the node set in xmlXPathWrapNodeSet if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.
15c9f435	2023-01-31T12:58:32	xpath: Only report the first error Don't overwrite the original error code. Besides, subsequent error reports are somewhat unreliable and not really useful.
6a12be77	2023-01-31T12:46:30	malloc-fail: Avoid use-after-free after unsuccessful valuePush In xpath.c there's a lot of code like: valuePush(ctxt, xmlCacheNewX()); ... valuePop(ctxt); If xmlCacheNewX fails, no value will be pushed on the stack. If there's no error check in between, valuePop will pop an unrelated value which can lead to use-after-free errors. Instead of trying to fix all call sites, we simply stop popping values if an error was signaled. This requires to change the CHECK_TYPE macro which is often used to determine whether a value can be safely popped. Found with libFuzzer, see #344.
7ec314ef	2023-01-30T15:59:55	malloc-fail: Add error checks in xmlXPathEqualValuesCommon Avoid null deref. Found with libFuzzer, see #344.
08695683	2023-01-30T15:52:00	malloc-fail: Add error check in xmlXPathEqualNodeSetFloat Avoid null deref. Found with libFuzzer, see #344.
621c222e	2023-01-30T15:48:11	malloc-fail: Fix error check in xmlXPathCompareValues Avoid null deref. Found with libFuzzer, see #344.
75534401	2023-01-30T15:40:23	malloc-fail: Record malloc failure in xmlXPathCompLiteral Avoid OOB array access. Found with libFuzzer, see #344.
0e4421e7	2023-01-30T15:05:58	malloc-fail: Check return value of xmlXPathNodeSetDupNs Avoid null deref if allocation fails. Found with libFuzzer, see #344.
608c65bb	2023-01-18T15:15:41	xpath: number('-') should return NaN Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/81
c16fd705	2022-11-25T14:52:37	xpath: Make init function private
b6f1298a	2022-10-24T20:47:10	warnings: Remove set-but-unused variables Fixes compiler warnings with clang 15.
27c8ba60	2022-09-07T22:34:42	xpath: Lower XPath recursion limit on Windows
0d901258	2022-09-04T16:41:43	Fix Windows compiler warnings in python/types.c
6843fc72	2022-09-01T02:58:00	Remove or annotate char casts
2cac6269	2022-09-01T03:14:13	Don't use sizeof(xmlChar) or sizeof(char)
ad338ca7	2022-09-01T01:18:30	Remove explicit integer casts Remove explicit integer casts as final operation - in assignments - when passing arguments - when returning values Remove casts - to the same type - from certain range-bound values The main motivation is that these explicit casts don't change the result of operations and only render UBSan's implicit-conversion checks useless. Removing these casts allows UBSan to detect cases where truncation or sign-changes occur unexpectedly. Document some explicit casts as truncating and add a few missing ones.
8016c8ed	2022-08-26T15:12:21	Remove set-but-unused variable in xmlXPathScanName Fix clang warning.
0f568c0b	2022-08-26T01:22:33	Consolidate private header files Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.
677a4264	2022-07-28T20:21:24	Make XPath depth check work with recursive invocations EXSLT functions like dyn:map or dyn:evaluate invoke xmlXPathRunEval recursively. Don't set depth to zero but keep and restore the original value to avoid stack overflows when abusing these functions.
c9925454	2022-07-06T17:08:26	Use NAN/INFINITY if available to init XPath NaN/Inf
67070107	2022-04-20T23:17:14	Add configuration flag for XPointer locations support Add a new configuration flag that controls whether the outdated support for XPointer locations (ranges and points) is enabled. --with-xptr-locs # Autotools LIBXML2_WITH_XPTR_LOCS # CMake The latest spec for what it essentially an XPath extension seems to be this working draft from 2002: https://www.w3.org/TR/xptr-xpointer/ The xpointer() scheme is listed as "being reviewed" in the XPointer registry since at least 2006. libxml2 seems to be the only modern software that tries to implement this spec, but the code has many bugs and quality issues. The flag defaults to "off" and support for this extensions has to be requested explicitly. The relevant API functions are deprecated.
21561e83	2016-05-20T15:21:43	Mark more static data as `const` Similar to 8f5710379, mark more static data structures with `const` keyword. Also fix placement of `const` in encoding.c. Original patch by Sarah Wilkin.
0e9776b0	2022-04-03T17:09:50	Initialize XPath floating-point globals Should fix #138.
74263eff	2022-03-30T06:02:31	fix: xmlXPathParserContext could be double-delete in OOM case.
40483d0c	2022-03-06T13:55:48	Deprecate module init and cleanup functions These functions shouldn't be part of the public API. Most init functions are only thread-safe when called from xmlInitParser. Global variables should only be cleaned up by calling xmlCleanupParser.
57b81c20	2022-03-05T18:20:29	Normalize XPath strings in-place Simplify the code and fix a potential memory leak. Fixes #343.
4a8c71eb	2022-03-04T03:35:57	Remove DOCBparser This code has been broken and deprecated since version 2.6.0, released in 2003. Because of a bug in commit 961b535c, DOCBparser.c was never compiled since 2012. I couldn't find a Debian package using any of its symbols, so it seems safe to remove this module.
ebb17970	2022-03-04T02:31:59	Remove unneeded #includes
776d15d3	2022-03-02T00:29:17	Don't check for standard C89 headers Don't check for - ctype.h - errno.h - float.h - limits.h - math.h - signal.h - stdarg.h - stdlib.h - string.h - time.h Stop including non-standard headers - malloc.h - strings.h
346c3a93	2022-02-20T18:46:42	Remove elfgcchack.h The same optimization can be enabled with -fno-semantic-interposition since GCC 5. clang has always used this option by default.
67953a9f	2022-01-16T15:30:02	Fix memory leak in xmlXPathCompNodeTest Found by Coverity.

92d7b0cd

2025-03-04T20:18:11

xpath: Rename valuePush and valuePop

03be993c

2025-03-04T18:42:35

Use memcpy to avoid pointer cast warnings

63dfcca6

2024-12-16T01:34:29

fuzz: Reduce initial array size

69b91da3

2025-02-13T19:45:41

Revert "xpath: Make contextSize and proximityPosition default to 1" This reverts commit afbc0a0405236de4ab8cbac94745e9885db0a198.

9c16a153

2025-02-13T18:41:33

Revert "include: Make most IS_* macros private" This reverts commit 84a6c82ff83d04963d6e1c5cd18ded68ea02d99f.

3a1526a5

2025-02-10T19:32:32

xpath: Don't raise OOM error on long names Short-lived regression.

5f1131dd

2025-01-17T19:54:04

xpath: Don't descend into OP_VALUE in debug dump For some reason, its "ch1" value is invalid.

ca819160

2025-01-03T20:50:08

include: Use intptr_t to cast between pointers and ints

84a6c82f

2024-12-19T20:59:10

include: Make most IS_* macros private Macros like IS_DIGIT or IS_LETTER severely pollute the C namespace.

b9feb816

2024-12-15T17:56:37

xpath: Check reallocations for overflow Factor out node set reallocation.

afbc0a04

2024-12-21T16:25:14

xpath: Make contextSize and proximityPosition default to 1 In the general case of processing a single node, these values should be set to 1.

e014cc57

2024-12-21T16:23:32

xpath: Remove non-standard xf:escape-uri function This undocumented function used an outdated namespace URI and is unlikely to be used these days.

bf5fcf6e

2024-12-21T16:03:46

xpath: Use separate static hash table for standard functions This avoids registering standard functions when creating an XPath context. Lookup of extension functions is a bit slower now, but ultimately, all function lookups should be moved to the compilation phase.

45914614

2024-11-05T12:05:14

xpath: Fix parsing of non-ASCII names Fix a long-standing issue where QNames starting with a non-ASCII character would be rejected. This became more visible after "streaming" XPath evaluation was disabled since the latter handled non-ASCII names correctly. Fixes #818.

c46b89e2

2024-09-13T21:06:36

xpath: Deprecate xmlXPathEvalExpr Also check the argument instead of crashing if there's no context.

03f1bdd2

2024-09-13T20:59:47

xpath: Make recursion check work with xmlXPathCompile The check for maximum recursion depth required a parser context with an xmlXPathContext which xmlXPathCompile didn't provide. All other code should already set up or require an xmlXPathContext.

5d36664f

2024-07-16T00:35:53

memory: Deprecate xmlGcMemSetup

be250b79

2024-07-15T20:04:08

xpath: Remove union swap optimization This would require locking to make it thread-safe.

a221cd78

2024-07-07T03:01:51

buf: Rework xmlBuf code Always use what the old implementation called the "IO" allocation scheme, allowing to move the content pointer past the initial allocation. This is inexpensive and allows efficient shrinking. Optimize xmlBufGrow, reusing shrunken memory as much as possible. Simplify xmlBufAdd. Make xmlBufBackToBuffer return an error on overflow. Make "size" exclude the terminating NULL byte. Always provide an initial size. Reintroduce static buffers. Remove xmlBufResize and several other functions.

6be79014

2024-07-15T14:18:26

Remove unused code

30ef7755

2024-07-02T04:02:16

parser: Don't use deprecated xmlCopyChar

598ee0d2

2024-06-26T01:18:55

error: Remove underscores from xmlRaiseError

217e9b7a

2024-06-08T12:27:45

clang-tidy: don't return in void functions Found with readability-redundant-control-flow Signed-off-by: Rosen Penev <rosenp@gmail.com>

f307237e

2024-06-15T23:53:04

schemas: Use private copy of global NaN and Inf Simplify symbol availability logic.

669bd349

2024-06-12T18:20:01

xpointer: Remove support for XPointer locations The latest spec for what it essentially an XPath extension seems to be this working draft from 2002: https://www.w3.org/TR/xptr-xpointer/ The xpointer() scheme is listed as "being reviewed" in the XPointer registry since at least 2006. libxml2 seems to be the only modern software that tries to implement this spec, but the code has many bugs and quality issues. If you configure --with-legacy, old symbols are retained for ABI compatibility.

e75e878e

2024-05-20T13:58:22

doc: Update and fix documentation

8d215ac5

2024-05-14T15:55:18

xpath: Fix quadratic runtime accounting

63ce5f9a

2024-04-28T17:32:35

Make some globals const

20b0bd98

2024-04-09T18:00:13

fuzz: Account for quadratic runtime in xmlXPathTranslateFunction Avoid fuzzer timeouts caused by this known issue.

047ea3ec

2024-03-17T16:23:31

Revert "tree: Allocate XML namespace statically" This reverts commit 2840e33c5e4b51589a0b96e8102638eeaea6df72.

05adfbf8

2024-03-11T13:42:15

buf: Don't use default buffer size for small strings Detaching strings from a buffer with a default size of 4096 can waste a lot of memory.

2840e33c

2024-03-04T07:34:25

tree: Allocate XML namespace statically

2963a097

2024-02-05T15:35:54

xpath: Report malloc failure in xmlXPathTranslateFunction

37d474ff

2024-01-17T14:19:42

xpath: Fix return of empty node-set in xmlXPathNodeCollectAndTest Don't return NULL node-sets. Ultimately, we should make sure that obj->nodesetval is always non-NULL even for empty node-sets. See #663.

b8313b58

2023-12-26T21:59:08

xpath: Rewrite substring-before and substring-after Don't use buffers. Check malloc failures.

c8f1f4a2

2023-12-21T17:30:38

doc: Improve documentation of error handlers

531d06ad

2023-12-18T22:48:24

error: Stop printing some errors by default Unfortunately, it's long-standing behavior for libxml2 to print all reported errors to stderr by default. This default behavior is now partially disabled. If no error handler is set, only parser and validation errors are passed to a generic error handler or printed to stderr. Other errors are still available via xmlGetLastError and can be captured with a structured error handler.

954b8984

2023-12-18T19:39:38

xpath: Improve error handling Introduce xmlXPathSetErrorHandler allowing to set a structured error handler for an XPath context. Remove arguments from memory error handlers. Use xmlRaiseMemoryError. Remove TODO, STRANGE and CHECK_CTXT macros. Remove remaining uses of xmlGenericError.

6fdc20ba

2023-12-20T18:33:29

xpath: Don't free nodes of XSLT result value trees This feature hasn't been required for a long time and libxslt works around by manually setting 'boolval' to 0.

bcefef20

2023-12-20T14:40:27

malloc-fail: Report malloc failure in xmlXPathNumberFunction

6ae98ebc

2023-12-15T14:53:44

malloc-fail: Report malloc failure in xmlXPathTranslateFunction

8583b9f1

2023-12-12T15:00:44

malloc-fail: Fix null deref in xmlXPathTranslateFunction Short-lived regression.

e632d9f0

2023-12-10T16:56:16

xpath: Report malloc failures Fix many places where malloc failures aren't reported. Rework XPath object cache to store free objects in a linked list to avoid allocating an additional array. Remove some unneeded object pools.

8c084ebd

2023-09-21T22:57:33

doc: Make apibuild.py happy

9b5cce7a

2023-09-21T00:44:50

include: Remove more unnecessary includes

699299ca

2023-09-20T18:54:39

globals: Stop including globals.h

4e1c13eb

2023-09-18T14:45:10

debug: Remove debugging code This is barely useful these days and only clutters the code base.

6273df6c

2023-05-30T12:30:27

xpath: Ignore entity ref nodes when computing node hash XPath queries only work reliably if entities are substituted. Nevertheless, it's possible to query a document with entity reference nodes. xmllint even deletes entities when the `--dropdtd` option is passed, resulting in dangling pointers, so it's best to skip entity reference nodes to avoid a use-after-free. Fixes #550.

01723fc6

2023-05-08T23:12:33

xpath: Fix build without LIBXML_XPATH_ENABLED Move static function declaration into XPATH block. Also move comparison functions. Fixes #537.

b1319c90

2023-03-18T16:34:01

malloc-fail: Check for malloc failures when creating XPath strings Prevent null derefs. Found by OSS-Fuzz, see #344.

48379394

2023-03-13T17:11:27

malloc-fail: Stop using XPath stack frames There's too much code which assumes that if ctxt->value is non-null, a value can be successfully popped off the stack. This assumption can break with stack frames when malloc fails. Instead of trying to fix all call sites, remove the stack frame logic. It only offered very little protection against misbehaving extension functions. We already check the stack size after a function call which should be enough. Found by OSS-Fuzz.

bd6fa2c1

2023-03-09T22:33:19

malloc-fail: Fix memory leak in xmlXPathRegisterNs Found by OSS-Fuzz.

282b75f1

2023-02-28T12:14:33

malloc-fail: Fix memory leak in xmlXPathNameFunction Found with libFuzzer, see #344.

524654ed

2023-02-26T17:19:47

xpath: Fix harmless integer overflow in xmlXPathTranslateFunction

8608b71f

2023-02-26T15:17:15

Revert "xpath: Fix popping of values in xmlXPathPopNodeset" This reverts commit 47b0e0a620d1e0e657b858986e3ebde80d4645b4.

bc9f372c

2023-02-26T18:00:30

malloc-fail: Fix memory leak in xmlXPathDistinctSorted Found with libFuzzer, see #344.

6f9604f0

2023-02-26T16:09:50

malloc-fail: Fix memory leak in xmlXPathCacheNewNodeSet Found with libFuzzer, see #344.

44947afb

2023-02-26T14:41:35

malloc-fail: Fix null deref after xmlPointerListAddSize Found with libFuzzer, see #344.

70b21c9f

2023-02-26T14:33:16

malloc-fail: Fix null deref in xmlXPathCompiledEvalInternal Found with libFuzzer, see #344.

0f112d02

2023-02-24T18:00:03

malloc-fail: Fix use-after-free related to xmlXPathNodeSetFilter Found with libFuzzer, see #344.

a3e11b38

2023-02-25T16:05:24

malloc-fail: Fix memory leak in xmlXPathEqualNodeSetFloat Found with libFuzzer, see #344.

b51478dc

2023-02-24T16:21:17

Revert "malloc-fail: Avoid use-after-free after unsuccessful valuePush" This reverts commit 6a12be77c6a94c374ab7476087edcee2ba41d9b4. There's too much code reading ctxt->value directly and making the wrong assumptions.

47b0e0a6

2023-02-23T15:43:15

xpath: Fix popping of values in xmlXPathPopNodeset After 6a12be77, valuePop can fail even if ctxt->value is non-NULL. If it turns out that too much code relies on this assumption, a better fix is needed.

8d22e065

2023-02-15T14:41:11

malloc-fail: Fix memory leak after calling xmlXPathNodeSetMerge Destroy the first argument in xmlXPathNodeSetMerge if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.

d31a0e8e

2023-02-15T14:47:29

malloc-fail: Fix memory leak after calling xmlXPathWrapString Destroy the string in xmlXPathWrapString if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.

3dc64522

2023-02-15T14:30:40

malloc-fail: Fix memory leak in xmlXPathEqualValuesCommon Found with libFuzzer, see #344.

691f7eb4

2023-02-15T14:05:13

malloc-fail: Fix memory leak in xmlXPathCompareValues Found with libFuzzer, see #344.

ac746afd

2023-02-15T13:54:55

malloc-fail: Fix memory leak in xmlXPathTryStreamCompile Found with libFuzzer, see #344.

85bc313e

2023-02-15T13:49:28

malloc-fail: Fix memory leak after calling valuePush Destroy the object in valuePush if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.

f5e11749

2023-02-15T13:48:18

malloc-fail: Fix memory leak after calling xmlXPathWrapNodeSet Destroy the node set in xmlXPathWrapNodeSet if the function fails. This is somewhat dangerous but matches the expectations of users. Found with libFuzzer, see #344.

15c9f435

2023-01-31T12:58:32

xpath: Only report the first error Don't overwrite the original error code. Besides, subsequent error reports are somewhat unreliable and not really useful.

6a12be77

2023-01-31T12:46:30

malloc-fail: Avoid use-after-free after unsuccessful valuePush In xpath.c there's a lot of code like: valuePush(ctxt, xmlCacheNewX()); ... valuePop(ctxt); If xmlCacheNewX fails, no value will be pushed on the stack. If there's no error check in between, valuePop will pop an unrelated value which can lead to use-after-free errors. Instead of trying to fix all call sites, we simply stop popping values if an error was signaled. This requires to change the CHECK_TYPE macro which is often used to determine whether a value can be safely popped. Found with libFuzzer, see #344.

7ec314ef

2023-01-30T15:59:55

malloc-fail: Add error checks in xmlXPathEqualValuesCommon Avoid null deref. Found with libFuzzer, see #344.

08695683

2023-01-30T15:52:00

malloc-fail: Add error check in xmlXPathEqualNodeSetFloat Avoid null deref. Found with libFuzzer, see #344.

621c222e

2023-01-30T15:48:11

malloc-fail: Fix error check in xmlXPathCompareValues Avoid null deref. Found with libFuzzer, see #344.

75534401

2023-01-30T15:40:23

malloc-fail: Record malloc failure in xmlXPathCompLiteral Avoid OOB array access. Found with libFuzzer, see #344.

0e4421e7

2023-01-30T15:05:58

malloc-fail: Check return value of xmlXPathNodeSetDupNs Avoid null deref if allocation fails. Found with libFuzzer, see #344.

608c65bb

2023-01-18T15:15:41

xpath: number('-') should return NaN Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/81

c16fd705

2022-11-25T14:52:37

xpath: Make init function private

b6f1298a

2022-10-24T20:47:10

warnings: Remove set-but-unused variables Fixes compiler warnings with clang 15.

27c8ba60

2022-09-07T22:34:42

xpath: Lower XPath recursion limit on Windows

0d901258

2022-09-04T16:41:43

Fix Windows compiler warnings in python/types.c

6843fc72

2022-09-01T02:58:00

Remove or annotate char casts

2cac6269

2022-09-01T03:14:13

Don't use sizeof(xmlChar) or sizeof(char)

ad338ca7

2022-09-01T01:18:30

Remove explicit integer casts Remove explicit integer casts as final operation - in assignments - when passing arguments - when returning values Remove casts - to the same type - from certain range-bound values The main motivation is that these explicit casts don't change the result of operations and only render UBSan's implicit-conversion checks useless. Removing these casts allows UBSan to detect cases where truncation or sign-changes occur unexpectedly. Document some explicit casts as truncating and add a few missing ones.

8016c8ed

2022-08-26T15:12:21

Remove set-but-unused variable in xmlXPathScanName Fix clang warning.

0f568c0b

2022-08-26T01:22:33

Consolidate private header files Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.

677a4264

2022-07-28T20:21:24

Make XPath depth check work with recursive invocations EXSLT functions like dyn:map or dyn:evaluate invoke xmlXPathRunEval recursively. Don't set depth to zero but keep and restore the original value to avoid stack overflows when abusing these functions.

c9925454

2022-07-06T17:08:26

Use NAN/INFINITY if available to init XPath NaN/Inf

67070107

2022-04-20T23:17:14

Add configuration flag for XPointer locations support Add a new configuration flag that controls whether the outdated support for XPointer locations (ranges and points) is enabled. --with-xptr-locs # Autotools LIBXML2_WITH_XPTR_LOCS # CMake The latest spec for what it essentially an XPath extension seems to be this working draft from 2002: https://www.w3.org/TR/xptr-xpointer/ The xpointer() scheme is listed as "being reviewed" in the XPointer registry since at least 2006. libxml2 seems to be the only modern software that tries to implement this spec, but the code has many bugs and quality issues. The flag defaults to "off" and support for this extensions has to be requested explicitly. The relevant API functions are deprecated.

21561e83

2016-05-20T15:21:43

Mark more static data as `const` Similar to 8f5710379, mark more static data structures with `const` keyword. Also fix placement of `const` in encoding.c. Original patch by Sarah Wilkin.

0e9776b0

2022-04-03T17:09:50

Initialize XPath floating-point globals Should fix #138.

74263eff

2022-03-30T06:02:31

fix: xmlXPathParserContext could be double-delete in OOM case.

40483d0c

2022-03-06T13:55:48

Deprecate module init and cleanup functions These functions shouldn't be part of the public API. Most init functions are only thread-safe when called from xmlInitParser. Global variables should only be cleaned up by calling xmlCleanupParser.

57b81c20

2022-03-05T18:20:29

Normalize XPath strings in-place Simplify the code and fix a potential memory leak. Fixes #343.

4a8c71eb

2022-03-04T03:35:57

Remove DOCBparser This code has been broken and deprecated since version 2.6.0, released in 2003. Because of a bug in commit 961b535c, DOCBparser.c was never compiled since 2012. I couldn't find a Debian package using any of its symbols, so it seems safe to remove this module.

ebb17970

2022-03-04T02:31:59

Remove unneeded #includes

776d15d3

2022-03-02T00:29:17

Don't check for standard C89 headers Don't check for - ctype.h - errno.h - float.h - limits.h - math.h - signal.h - stdarg.h - stdlib.h - string.h - time.h Stop including non-standard headers - malloc.h - strings.h

346c3a93

2022-02-20T18:46:42

Remove elfgcchack.h The same optimization can be enabled with -fno-semantic-interposition since GCC 5. clang has always used this option by default.

67953a9f

2022-01-16T15:30:02

Fix memory leak in xmlXPathCompNodeTest Found by Coverity.

kc3-lang/libxml2/xpath.c

xpath.c

Log