kmx git

Commit	Date	Message
2840e33c	2024-03-04T07:34:25	tree: Allocate XML namespace statically
84a71860	2024-02-26T15:14:28	xmlreader: Fix xmlTextReaderConstEncoding Regression from commit f1c1f5c6. Fixes #697.
7dc8600a	2024-02-20T12:32:17	SAX2: Report malloc failure in xmlCheckDefaultedAttributes
2e19d0ef	2024-01-26T11:39:51	SAX2: Make sure that OOM errors aren't overwritten
57c68759	2024-01-07T20:44:40	SAX2: Limit entity URI length to 2000 bytes Avoid quadratic behavior when loading entities with long URIs multiple times. This limitation could be dropped if we cached external entities.
02cc5c36	2024-01-05T04:17:14	parser: Add XML_PARSE_NO_XXE parser option
9912c369	2024-01-02T17:23:59	SAX2: Enforce size limit in xmlSAX2Text with XML_PARSE_HUGE
37c6618b	2023-12-30T02:50:34	parser: Rework parsing of attribute and entity values Don't use a separate function to handle "complex" attributes. Validate UTF-8 byte sequences without decoding. This should improve performance considerably when parsing multi-byte UTF-8 sequences. Use a string buffer to avoid unnecessary allocations and copying when expanding entities. Normalize attribute values in a single pass while expanding entities. Be more lenient in recovery mode. If no entity substitution was requested, validate entities without expanding. Fixes #596. Also fixes #655.
6a9a88a1	2023-12-26T03:13:05	parser: Move progressive flag into input struct
d944a415	2023-12-26T02:10:35	parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.
5f319304	2023-12-28T19:05:51	SAX2: Fix error code Today I learned that the TSCII character encoding [1] can blow up the size of text 12 times when converted to UTF-8: $ printf '\x82' \|iconv -f TSCII -t UTF-8 \|hexdump -C 00000000 e0 ae b8 e0 af 8d e0 ae b0 e0 af 80 0000000c [1] https://en.wikipedia.org/wiki/Tamil_Script_Code_for_Information_Interchange
955c177f	2023-12-23T00:58:36	parser: Stop using 'directory' struct member This was only used as a pointless fallback for URI resolution.
13043691	2023-12-20T00:33:34	parser: Rename xmlErrParser to xmlCtxtErr
54c70ed5	2023-12-18T19:31:29	parser: Improve error handling Introduce xmlCtxtSetErrorHandler allowing to set a structured error for a parser context. There already was the "serror" SAX handler but this always receives the parser context as argument. Start to use xmlRaiseMemoryError. Remove useless arguments from memory error functions. Rename xmlErrMemory to xmlCtxtErrMemory. Remove a few calls to xmlGenericError. Remove support for runtime entity debugging.
e58ea29f	2023-12-10T18:10:42	SAX2: Report malloc failures Fix many places where malloc failures aren't reported. Improve error handling when parsing entity declarations. Fixes #308.
7f00273c	2023-12-01T19:21:17	parser: Fix invalid free in xmlParseBalancedChunkMemoryRecover Set the dictionary for newDoc in xmlParseBalancedChunkMemoryRecover. This is a long-standing bug which was masked by - xmlParseBalancedChunkMemoryRecover changing the document of the root node. This is a really bad idea, resulting in a mismatch between ctxt->myDoc and ctxt->node->doc. - SAX2.c preferring ctxt->node->doc over ctxt->myDoc until commit a31e1b06. Fixes #641.
a31e1b06	2023-11-04T20:21:54	SAX2: Fix quadratic behavior in xmlSAX2AttributeNs The last missing piece to make parsing of attributes O(n).
e0dd330b	2023-09-29T00:18:44	parser: Use hash tables to avoid quadratic behavior Use a hash table to lookup namespaces by prefix. The hash table stores an index into the namespace table. Auxiliary data for namespaces is stored in a separate array along the main namespace table. Use a hash table to verify attribute uniqueness. The hash table stores an index into the attribute table. Reuse hash value from the dictionary to avoid computing them twice. See #346.
da274bfa	2023-09-21T01:29:40	build: Fix build when certain modules are disabled
9b5cce7a	2023-09-21T00:44:50	include: Remove more unnecessary includes
699299ca	2023-09-20T18:54:39	globals: Stop including globals.h
a77f9ab8	2023-09-20T16:57:22	globals: Don't include SAX2.h from globals.h
4e1c13eb	2023-09-18T14:45:10	debug: Remove debugging code This is barely useful these days and only clutters the code base.
cde44997	2023-08-27T16:35:23	SAX2: Allow multiple top-level elements When parsing with HTML_PARSE_NOIMPLIED, the result document can contain multiple top-level elements. Rework xmlSAX2StartElement to simply add the element as a child of ctxt->node or ctxt->myDoc. Don't invoke xmlAddSibling for non-element parents. The context node should always be an element node. Fixes #584.
f1c1f5c6	2023-08-16T19:43:02	parser: Revert change to doc->encoding Fixes #579.
cb717d7e	2023-08-09T16:52:02	parser: Update line number after coalescing text nodes This should make the line number of text nodes deterministic. Before, it depended on the callback sequence which depends on the size of chunks fed to the parser.
ec7be506	2023-08-08T15:19:46	parser: Rework encoding detection Introduce XML_INPUT_HAS_ENCODING flag for xmlParserInput which is set when xmlSwitchEncoding is called. The parser can use the flag to reliably detect whether an encoding was already set via user override, BOM or other auto-detection. In this case, the encoding declaration won't be used to switch the encoding. Before, an inscrutable mix of ctxt->charset, ctxt->input->encoding and ctxt->input->buf->encoder was used. Introduce private helper functions to switch encodings used by both the XML and HTML parser: - xmlDetectEncoding which skips over the BOM, allowing to remove the BOM checks from other encoding functions. - xmlSetDeclaredEncoding, replacing htmlCheckEncodingDirect, which warns about encoding mismatches. If users override the encoding, store the declared instead of the actual encoding in xmlDoc. In this case, the actual encoding is known and the raw value from the doc is more useful. Also use the input flags to store the ISO-8859-1 fallback state. Restrict the fallback to cases where no encoding was specified. (The fallback is only useful in recovery mode and these days broken UTF-8 is probably more likely than ISO-8859-1, so it might eventually be removed completely.) The 'charset' member of xmlParserCtxt is now unused. The 'encoding' member of xmlParserInput is now unused. The 'standalone' member of xmlParserInput is renamed to 'flags'. A new parser state XML_PARSER_XML_DECL is added for the push parser.
d38e73f9	2023-08-08T15:19:44	parser: Always create UTF-8 in xmlParseReference It seems that this code path could only be triggered after an encoding error in recovery mode. Creating char-ref nodes is unnecessary and typically unexpected.
b8961df6	2023-05-09T03:25:24	SAX: Always validate xml:ids The behavior shouldn't depend on mostly random configuration options.
235b15a5	2023-05-08T17:58:02	SAX: Always initialize SAX1 element handlers Follow-up to commit d0c3f01e. A parser context will be initialized to SAX version 2, but this can be overridden with XML_PARSE_SAX1 later, so we must initialize the SAX1 element handlers as well. Change the check in xmlDetectSAX2 to only look for XML_SAX2_MAGIC, so we don't switch to SAX1 if the SAX2 element handlers are NULL.
250faf3c	2023-04-20T12:35:21	parser: Fix regression in xmlParserNodeInfo accounting Commit 62150ed2 broke begin_pos and begin_line when extra node info was recorded. Fixes #523.
d7d0bc65	2023-03-31T16:47:48	SAX2: Ignore namespaces in HTML documents In commit 21ca8829, we started to ignore namespaces in HTML element names but we still called xmlSplitQName, effectively stripping the namespace prefix. This would cause elements like <o:p> being parsed as <p>. Now we leave the name untouched. Fixes #508.
cb4334b7	2023-02-14T18:10:14	malloc-fail: Fix memory leak in xmlSAX2StartElementNs Found with libFuzzer, see #344.
0c5f40b7	2023-01-22T13:27:41	malloc-fail: Fix null deref in xmlSAX2AttributeInternal Found with libFuzzer, see #344.
b3b53dcc	2023-01-22T11:28:46	malloc-fail: Fix null deref in xmlSAX2Text Found with libFuzzer, see #344.
463bbeec	2022-12-19T18:39:45	entities: Rework entity amplification checks This commit implements robust detection of entity amplification attacks, better known as the "billion laughs" attack. We now limit the size of the document after substitution of entities to 10 times the size before expansion. This guarantees linear behavior by definition. There already was a similar check before, but the accounting of "sizeentities" (size of external entities) and "sizeentcopy" (size of all copies created by entity references) wasn't accurate. We also need saturation arithmetic since we're historically limited to "unsigned long" which is 32-bit on many platforms. A maximum of 10 MB of substitutions is always allowed. This should make use cases like DITA work which have caused problems in the past. The old checks based on the number of entities were removed. This is accounted for by adding a fixed cost to each entity reference. Entity amplification checks are now enabled even if XML_PARSE_HUGE is set. This option is mainly used to allow larger text nodes. Most users were unaware that it also disabled entity expansion checks. Some of the limits might be adjusted later. If this change turns out to affect legitimate use cases, we can add a separate parser option to disable the checks. Fixes #294. Fixes #345.
cecd364d	2022-11-24T16:38:47	parser: Don't call *DefaultSAXHandlerInit from xmlInitParser Change the default handler definitions to match the result after calling the initialization functions. This makes sure that no thread-local variables are accessed when calling xmlInitParser.
68a6518c	2022-11-15T18:23:33	parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.
7ceaee94	2022-11-02T16:05:05	malloc-fail: Fix memory leak in xmlSAX2ExternalSubset Found with libFuzzer, see #344.
81621b1f	2022-09-02T18:38:33	Fix compiler warnings in SAX2.c
ad338ca7	2022-09-01T01:18:30	Remove explicit integer casts Remove explicit integer casts as final operation - in assignments - when passing arguments - when returning values Remove casts - to the same type - from certain range-bound values The main motivation is that these explicit casts don't change the result of operations and only render UBSan's implicit-conversion checks useless. Removing these casts allows UBSan to detect cases where truncation or sign-changes occur unexpectedly. Document some explicit casts as truncating and add a few missing ones.
aeb69fd3	2022-09-01T02:33:16	Fix overflow check in SAX2.c
0f568c0b	2022-08-26T01:22:33	Consolidate private header files Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.
0e49f882	2022-08-24T05:25:37	Mark most SAX1 functions as deprecated No compiler warnings generated yet.
4b184240	2022-08-22T14:11:15	Remove htmlDefaultSAXHandler from non-SAX1 build This matches long-standing behavior of the XML counterpart.
3e7b4f37	2022-05-20T23:28:25	Avoid calling xmlSetTreeDoc Create text nodes with xmlNewDocText or set the document directly to avoid xmlSetTreeDoc being called when the node is inserted.
40483d0c	2022-03-06T13:55:48	Deprecate module init and cleanup functions These functions shouldn't be part of the public API. Most init functions are only thread-safe when called from xmlInitParser. Global variables should only be cleaned up by calling xmlCleanupParser.
4a8c71eb	2022-03-04T03:35:57	Remove DOCBparser This code has been broken and deprecated since version 2.6.0, released in 2003. Because of a bug in commit 961b535c, DOCBparser.c was never compiled since 2012. I couldn't find a Debian package using any of its symbols, so it seems safe to remove this module.
c41bc10d	2022-02-22T19:57:12	Fix unused variable warnings with disabled features
346c3a93	2022-02-20T18:46:42	Remove elfgcchack.h The same optimization can be enabled with -fno-semantic-interposition since GCC 5. clang has always used this option by default.
e03590c9	2022-02-08T02:42:30	Don't add IDs containing unexpanded entity references When parsing without entity substitution, IDs or IDREFs containing unexpanded entity reference like "abc&x;def" could be created. We could try to expand these entities like in validation mode, but it seems safer to honor the request not to expand entities. We silently ignore such IDs for now.
d7cb33cf	2022-01-13T17:06:14	Rework validation context flags Use a bitmask instead of magic values to - keep track whether the validation context is part of a parser context - keep track whether xmlValidateDtdFinal was called This allows to add addtional flags later. Note that this deliberately changes the name of a public struct member, assuming that this was always private data never to be used by client code.
a647e430	2022-01-25T02:59:40	Fix casting of line numbers in SAX2.c The line member is an unsigned short. Avoids integer conversion warnings with UBSan. Also use USHRT_MAX instead of hard-coded constant.
92bce68c	2021-07-14T11:37:07	Fix memory leak in xmlSAX2AttributeDecl Found by Coverity. https://bugzilla.redhat.com/show_bug.cgi?id=1938806
acb35667	2021-02-03T13:48:40	Fix quadratic runtime when parsing CDATA sections Use optimized concatenation for CDATA sections in addition to normal text. This also affects HTML script content. Found by OSS-Fuzz.
21ca8829	2020-07-25T17:57:29	Don't try to handle namespaces when building HTML documents Don't try to resolve namespace in xmlSAX2StartElement when parsing HTML documents. This useless operation could slow down the parser considerably. Found by OSS-Fuzz.
20c60886	2020-03-08T17:19:42	Fix typos Resolves #133.
eddfbc38	2020-01-22T22:03:45	Don't load external entity from xmlSAX2GetEntity Despite the comment, I can't see a reason why external entities must be loaded in the SAX handler. For external entities, the handler is typically first invoked via xmlParseReference which will later load the entity on its own if it wasn't loaded yet. The old code also lead to duplicated SAX events which makes it basically impossible to reuse xmlSAX2GetEntity for a custom SAX parser. See the change to the expected test output. Note that xmlSAX2GetEntity was loading the entity via xmlParseCtxtExternalEntity while xmlParseReference uses xmlParseExternalEntityPrivate. In the previous commit, the two functions were merged, trying to compensate for some slight differences between the two mostly identical implementations. But the more urgent reason for this change is that xmlParseReference has the facility to abort early when recursive entities are detected, avoiding what could practically amount to an infinite loop. If you want to backport this change, note that the previous three commits are required as well: f9ea1a24 Fix copying of entities in xmlParseReference 5c7e0a9a Copy some XMLReader option flags to parser context 1a3e584a Merge code paths loading external entities Found by OSS-Fuzz.
2a350ee9	2019-09-30T17:04:54	Large batch of typo fixes Closes #109.
6b49db2c	2019-01-07T17:14:21	Fix memory leak in xmlSAX2StartElement Introduced by a recent commit. Only happens if max depth is exceeded in SAX1 mode. Found by OSS-Fuzz.
1567b55b	2018-11-22T14:28:58	Set doc on element obtained from freeElems In commit 8c9daf79, a call to xmlFreeNode was added in xmlSAX2StartElementNs. If a node was obtained from the freeElems list, make sure to set the doc, otherwise xmlFreeNode wouldn't realize that the node name might be in the dictionary, causing an invalid free. Note that the issue fixed in commit 8c9daf79 requires commit 0ed6addb and this one to work properly. Found by OSS-Fuzz.
0ed6addb	2018-09-22T15:41:01	Unlink node before freeing it in xmlSAX2StartElement The node may have been added to the document already, so it must be unlinked first. Thanks to David Kilzer for spotting this.
8c9daf79	2018-09-12T13:42:27	Check return value of nodePush in xmlSAX2StartElement If the maximum depth is exceeded, nodePush halts the parser which results in freeing the input buffer since the previous commit. This invalidates the attribute pointers, so the error condition must be checked. Found by OSS-Fuzz.
d422b954	2017-10-09T13:37:42	Fix pointer/int cast warnings on 64-bit Windows On 64-bit Windows, `long` is 32 bits wide and can't hold a pointer. Switch to ptrdiff_t instead which should be the same size as a pointer on every somewhat sane platform without requiring C99 types like intptr_t. Fixes bug 788312. Thanks to J. Peter Mugaas for the report and initial patch.
83fb4119	2017-09-05T23:45:04	Fix memory leaks in SAX1 parser Found by OSS-Fuzz. I could only reproduce this with the (obsolete) SAX1 parser. One leak is caused by duplicate namespaced attribute names and can be reproduced in memory mode (testcase 4556417027538944): $ cat file <d xmlns:a="ns" a:x="v" xmlns:b="ns" b:x="v"/> $ xmllint --sax1 --memory file The other is caused by ATTLISTs with a normalized default for "xmlns" if they're processed after the entity recursion limit was hit (testcase 5580750034305024). $ cat file <!DOCTYPE d [ <!ENTITY a '<d>&a;'> <!ATTLIST d xmlns NMTOKEN 't'> ]> <d>&a; $ xmllint --sax1 --valid file Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2461
8bbe4508	2017-06-17T16:15:09	Spelling and grammar fixes Fixes bug 743172, bug 743489, bug 769632, bug 782400 and a few other misspellings.
07418011	2017-04-05T10:22:40	Do not leak the new CData node if adding fails For https://bugzilla.gnome.org/show_bug.cgi?id=780918
4472c3a5	2016-05-13T15:13:17	Fix some format string warnings with possible format string vulnerability For https://bugzilla.gnome.org/show_bug.cgi?id=761029 Decorate every method in libxml2 with the appropriate LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups following the reports.
a6ea72ad	2014-07-14T20:29:34	Fix processing in SAX2 in case of an allocation failure Related to https://bugzilla.gnome.org/show_bug.cgi?id=731360
3e0eec43	2014-06-13T14:45:20	Adding some missing NULL checks in SAX2 DOM building code and in the HTML parser
52010c63	2013-06-16T08:55:08	Compile out use of xmlValidateNCName() when not available. Fix compilation with minimum and valid.
77b5b464	2014-02-10T10:32:45	Legacy needs xmlSAX2StartElement() and xmlSAX2EndElement(). Fix compilation with minimum and legacy.
a885f13a	2013-08-03T22:16:02	Fix a possible NULL dereference https://bugzilla.gnome.org/show_bug.cgi?id=705400 In case of allocation error the pointer was dereferenced before the test for a failure
ab0e3504	2013-03-27T13:21:38	Activate detection of encoding in external subset https://bugzilla.gnome.org/show_bug.cgi?id=694228 the ctxt->encoding was percolated down when parsing the external subset leading to failures
cff2546f	2013-03-11T15:57:55	Cache presence of '<' in entities content slightly modify how ent->checked is used, and use the lowest bit to keep the information
a3f1e3e5	2013-03-11T13:57:53	Avoid extra processing on entities If an entity has already been checked for correctness no need to check it on every reference
6c91aa38	2012-10-25T15:33:59	Fix a regression in 2.9.0 breaking validation while streaming https://bugzilla.gnome.org/show_bug.cgi?id=684774 with help from Kjell Ahlstedt <kjell.ahlstedt@bredband.net>
7651606f	2012-09-11T14:02:08	Various cleanups to avoid compiler warnings
f8e3db04	2012-09-11T13:26:36	Big space and tab cleanup Remove all space before tabs and space and tabs at end of lines.
968a03a2	2012-08-13T12:41:33	Add support for big line numbers in error reporting Fix the lack of line number as reported by Johan Corveleyn <jcorvel@gmail.com> * parser.c include/libxml/parser.h: add an XML_PARSE_BIG_LINES parser option not switch on by default, it's an opt-in * SAX2.c: if XML_PARSE_BIG_LINES is set store the long line numbers in the psvi field of text nodes * tree.c: expand xmlGetLineNo to extract those informations, also make sure we can't fail on recursive behaviour * error.c: in __xmlRaiseError, if a node is provided, call xmlGetLineNo() if we can't get a valid line number. * xmllint.c: switch on XML_PARSE_BIG_LINES in xmllint
740cb1a4	2012-07-18T16:05:37	Memory error within SAX2 reuse common framework There is no reason for that class of errors to not use the same handling allowing strctured error processing.
71a243d5	2012-01-17T19:25:08	xmlParseNodeInContext problems with an empty document When you call xmlParseNodeInContext on a fragment node with an empty document, the parser associates the first new node twice -- once with the document, and once with the fragment node. This fixes the issue by only associating the new node with the fragment node.
8ad4da5f	2012-05-08T11:01:12	HTML element position is not detected propperly The data in node_seq in xmlParserCtxt was not updated properly when parsing HTML. This patch fixes the accounting for both pull and push mode of HTML parsing.
1c989278	2012-01-26T19:43:06	Fix SAX2 builder in case of undefined attributes namespace To follow the early XML-1.0 REC, the new localname is "prefix:localname" and there is obviously now namespace.
77b77b13	2012-01-26T19:11:02	Fix SAX2 builder in case of undefined element namespaces Work as in XML-1.0 before namespaces, and use prefix:localname as the new element name (and no namespace of course) Also fix 3 cases in the regression tests where the prefix: was erroneously dropped in such case
aa54d37c	2010-09-09T18:17:47	Fix handling of XML-1.0 XML namespace declaration Usually 'xml' namespace for XML-1.0 declaration does not need to be carried but Mike Hommey raised the problem that the SVG XSD file fails to parse due to a mishandling. - SAX2.c: failure to create a namespace should not be interpreted as a memory allocation error - tree.c: document better xmlNewNs behaviour, and fix it in the case the 'xml' prefix is being used.
06c93b75	2010-03-15T16:08:44	Remove a few warnings
3c080d6d	2010-03-15T15:47:50	Don't give default HTML boolean attribute values in parser * HTMLparser.c: don't default value of HTML boolean attributes in the parser * SAX2.c: move this to SAX2 tree building backend * result/HTML/doc2.htm.sax result/HTML/doc3.htm.sax result/HTML/wired.html.sax: this changes a few HTML SAX regression tests
594e5dfb	2009-09-07T14:58:47	Chasing dead assignments reported by clang-scan * SAX2.c dict.c error.c hash.c nanohttp.c parser.c python/libxml.c relaxng.c runtest.c tree.c valid.c xinclude.c xmlregexp.c xmlsave.c xmlschemas.c xpath.c xpointer.c: mostly removing unneded affectations, but this led to a few real bugs and some part not yet understood (relaxng/interleave)
d44b9364	2009-09-07T12:15:08	A few more safety cleanup raised by scan * SAX2.c encoding.c parser.c xmlschemas.c: a few more safety checks * relaxng.c: remove an unused intitialization
74eaec14	2009-08-26T15:57:20	502960 provide namespace stack when parsing entity * parser.c: copy the entity stack * SAX2.c: fix the warning message for default entities
023d0bab	2009-07-29T11:34:50	Fix leak on SAX1, xmllint --sax1 option and debug * SAX2.c: don't leak in xmlCheckDefaultedAttributes for standalone checking * xmllint.c: fix xmllint --sax1 to actually use XML_PARSE_SAX1 * debugXML.c: don't raise an error if markup wasn't allocated from dictionary if document was parsed with option disabling it
669e88c0	2009-07-29T11:33:32	potential NULL dereference on non-glibc * SAX2.c (xmlCheckDefaultedAttributes): When xmlStrdup and/or xmlStrcat fails due to OOM avoid printing NULL via a printf-style "%s" format
97ff9b36	2009-01-18T21:43:30	preparing 0.7.3 release fix a typo in a name Daniel * configure.in doc/xml.html doc/: preparing 0.7.3 release include/libxml/parserInternals.h SAX2.c: fix a typo in a name Daniel svn path=/trunk/; revision=3814
1fb2e0df	2009-01-18T14:08:36	add a new define XML_MAX_TEXT_LENGHT limiting the maximum size of a single * include/libxml/parserInternals.h SAX2.c: add a new define XML_MAX_TEXT_LENGHT limiting the maximum size of a single text node, the defaultis 10MB and can be removed with the HUGE parsing option Daniel svn path=/trunk/; revision=3808
1dc9feb0	2008-11-17T15:59:21	fix for CVE-2008-4226, a memory overflow when building gigantic text * SAX2.c parser.c: fix for CVE-2008-4226, a memory overflow when building gigantic text nodes, and a bit of cleanup to better handled out of memory problem in that code. * tree.c: fix for CVE-2008-4225, lack of testing leads to a busy loop test assuming one have enough core memory. Daniel svn path=/trunk/; revision=3803
f4f4e485	2008-08-25T08:57:48	rework the patch to avoid some ABI issue with people allocating entities * include/libxml/entities.h entities.c SAX2.c parser.c: rework the patch to avoid some ABI issue with people allocating entities structure directly Daniel svn path=/trunk/; revision=3773
ae0765b6	2008-07-31T19:54:59	more progresses against the official regression tests small cleanup for * runxmlconf.c: more progresses against the official regression tests * runsuite.c: small cleanup for non-leak reports * include/libxml/tree.h: parsing flags and other properties are now added to the document node, this is generally useful and allow to make Name and NmToken validations based on the parser flags, more specifically the 5th edition of XML or not * HTMLparser.c tree.c: small side effects for the previous changes * parser.c SAX2.c valid.c: the bulk of teh changes are here, the parser and validation behaviour can be affected, parsing flags need to be copied, lot of changes. Also fixing various validation problems in the regression tests. Daniel svn path=/trunk/; revision=3762
45efd087	2008-07-07T13:52:52	fix line number on text nodes, problem raised by Ralf Junker Daniel * SAX2.c: fix line number on text nodes, problem raised by Ralf Junker Daniel svn path=/trunk/; revision=3751
b242b088	2008-02-08T09:56:31	applied patch from Florent Guilian to remove an useless mutex in the * dict.c: applied patch from Florent Guilian to remove an useless mutex in the xmlDict structure. older, not commited ... * SAX2.c: another leak reported by Ashwin * xinclude.c: fixed the behaviour when XIncluding a fragment of the current document, patch from Chris Ryan Daniel svn path=/trunk/; revision=3686

2840e33c

2024-03-04T07:34:25

tree: Allocate XML namespace statically

84a71860

2024-02-26T15:14:28

xmlreader: Fix xmlTextReaderConstEncoding Regression from commit f1c1f5c6. Fixes #697.

7dc8600a

2024-02-20T12:32:17

SAX2: Report malloc failure in xmlCheckDefaultedAttributes

2e19d0ef

2024-01-26T11:39:51

SAX2: Make sure that OOM errors aren't overwritten

57c68759

2024-01-07T20:44:40

SAX2: Limit entity URI length to 2000 bytes Avoid quadratic behavior when loading entities with long URIs multiple times. This limitation could be dropped if we cached external entities.

02cc5c36

2024-01-05T04:17:14

parser: Add XML_PARSE_NO_XXE parser option

9912c369

2024-01-02T17:23:59

SAX2: Enforce size limit in xmlSAX2Text with XML_PARSE_HUGE

37c6618b

2023-12-30T02:50:34

parser: Rework parsing of attribute and entity values Don't use a separate function to handle "complex" attributes. Validate UTF-8 byte sequences without decoding. This should improve performance considerably when parsing multi-byte UTF-8 sequences. Use a string buffer to avoid unnecessary allocations and copying when expanding entities. Normalize attribute values in a single pass while expanding entities. Be more lenient in recovery mode. If no entity substitution was requested, validate entities without expanding. Fixes #596. Also fixes #655.

6a9a88a1

2023-12-26T03:13:05

parser: Move progressive flag into input struct

d944a415

2023-12-26T02:10:35

parser: Fix in-parameter-entity and in-external-dtd checks Use in ctxt->input->entity instead of ctxt->inputNr to determine whether we are inside a parameter entity. Stop using ctxt->external to check whether we're in an external DTD. This is signaled by ctxt->inSubset == 2.

5f319304

2023-12-28T19:05:51

SAX2: Fix error code Today I learned that the TSCII character encoding [1] can blow up the size of text 12 times when converted to UTF-8: $ printf '\x82' |iconv -f TSCII -t UTF-8 |hexdump -C 00000000 e0 ae b8 e0 af 8d e0 ae b0 e0 af 80 0000000c [1] https://en.wikipedia.org/wiki/Tamil_Script_Code_for_Information_Interchange

955c177f

2023-12-23T00:58:36

parser: Stop using 'directory' struct member This was only used as a pointless fallback for URI resolution.

13043691

2023-12-20T00:33:34

parser: Rename xmlErrParser to xmlCtxtErr

54c70ed5

2023-12-18T19:31:29

parser: Improve error handling Introduce xmlCtxtSetErrorHandler allowing to set a structured error for a parser context. There already was the "serror" SAX handler but this always receives the parser context as argument. Start to use xmlRaiseMemoryError. Remove useless arguments from memory error functions. Rename xmlErrMemory to xmlCtxtErrMemory. Remove a few calls to xmlGenericError. Remove support for runtime entity debugging.

e58ea29f

2023-12-10T18:10:42

SAX2: Report malloc failures Fix many places where malloc failures aren't reported. Improve error handling when parsing entity declarations. Fixes #308.

7f00273c

2023-12-01T19:21:17

parser: Fix invalid free in xmlParseBalancedChunkMemoryRecover Set the dictionary for newDoc in xmlParseBalancedChunkMemoryRecover. This is a long-standing bug which was masked by - xmlParseBalancedChunkMemoryRecover changing the document of the root node. This is a really bad idea, resulting in a mismatch between ctxt->myDoc and ctxt->node->doc. - SAX2.c preferring ctxt->node->doc over ctxt->myDoc until commit a31e1b06. Fixes #641.

a31e1b06

2023-11-04T20:21:54

SAX2: Fix quadratic behavior in xmlSAX2AttributeNs The last missing piece to make parsing of attributes O(n).

e0dd330b

2023-09-29T00:18:44

parser: Use hash tables to avoid quadratic behavior Use a hash table to lookup namespaces by prefix. The hash table stores an index into the namespace table. Auxiliary data for namespaces is stored in a separate array along the main namespace table. Use a hash table to verify attribute uniqueness. The hash table stores an index into the attribute table. Reuse hash value from the dictionary to avoid computing them twice. See #346.

da274bfa

2023-09-21T01:29:40

build: Fix build when certain modules are disabled

9b5cce7a

2023-09-21T00:44:50

include: Remove more unnecessary includes

699299ca

2023-09-20T18:54:39

globals: Stop including globals.h

a77f9ab8

2023-09-20T16:57:22

globals: Don't include SAX2.h from globals.h

4e1c13eb

2023-09-18T14:45:10

debug: Remove debugging code This is barely useful these days and only clutters the code base.

cde44997

2023-08-27T16:35:23

SAX2: Allow multiple top-level elements When parsing with HTML_PARSE_NOIMPLIED, the result document can contain multiple top-level elements. Rework xmlSAX2StartElement to simply add the element as a child of ctxt->node or ctxt->myDoc. Don't invoke xmlAddSibling for non-element parents. The context node should always be an element node. Fixes #584.

f1c1f5c6

2023-08-16T19:43:02

parser: Revert change to doc->encoding Fixes #579.

cb717d7e

2023-08-09T16:52:02

parser: Update line number after coalescing text nodes This should make the line number of text nodes deterministic. Before, it depended on the callback sequence which depends on the size of chunks fed to the parser.

ec7be506

2023-08-08T15:19:46

parser: Rework encoding detection Introduce XML_INPUT_HAS_ENCODING flag for xmlParserInput which is set when xmlSwitchEncoding is called. The parser can use the flag to reliably detect whether an encoding was already set via user override, BOM or other auto-detection. In this case, the encoding declaration won't be used to switch the encoding. Before, an inscrutable mix of ctxt->charset, ctxt->input->encoding and ctxt->input->buf->encoder was used. Introduce private helper functions to switch encodings used by both the XML and HTML parser: - xmlDetectEncoding which skips over the BOM, allowing to remove the BOM checks from other encoding functions. - xmlSetDeclaredEncoding, replacing htmlCheckEncodingDirect, which warns about encoding mismatches. If users override the encoding, store the declared instead of the actual encoding in xmlDoc. In this case, the actual encoding is known and the raw value from the doc is more useful. Also use the input flags to store the ISO-8859-1 fallback state. Restrict the fallback to cases where no encoding was specified. (The fallback is only useful in recovery mode and these days broken UTF-8 is probably more likely than ISO-8859-1, so it might eventually be removed completely.) The 'charset' member of xmlParserCtxt is now unused. The 'encoding' member of xmlParserInput is now unused. The 'standalone' member of xmlParserInput is renamed to 'flags'. A new parser state XML_PARSER_XML_DECL is added for the push parser.

d38e73f9

2023-08-08T15:19:44

parser: Always create UTF-8 in xmlParseReference It seems that this code path could only be triggered after an encoding error in recovery mode. Creating char-ref nodes is unnecessary and typically unexpected.

b8961df6

2023-05-09T03:25:24

SAX: Always validate xml:ids The behavior shouldn't depend on mostly random configuration options.

235b15a5

2023-05-08T17:58:02

SAX: Always initialize SAX1 element handlers Follow-up to commit d0c3f01e. A parser context will be initialized to SAX version 2, but this can be overridden with XML_PARSE_SAX1 later, so we must initialize the SAX1 element handlers as well. Change the check in xmlDetectSAX2 to only look for XML_SAX2_MAGIC, so we don't switch to SAX1 if the SAX2 element handlers are NULL.

250faf3c

2023-04-20T12:35:21

parser: Fix regression in xmlParserNodeInfo accounting Commit 62150ed2 broke begin_pos and begin_line when extra node info was recorded. Fixes #523.

d7d0bc65

2023-03-31T16:47:48

SAX2: Ignore namespaces in HTML documents In commit 21ca8829, we started to ignore namespaces in HTML element names but we still called xmlSplitQName, effectively stripping the namespace prefix. This would cause elements like <o:p> being parsed as <p>. Now we leave the name untouched. Fixes #508.

cb4334b7

2023-02-14T18:10:14

malloc-fail: Fix memory leak in xmlSAX2StartElementNs Found with libFuzzer, see #344.

0c5f40b7

2023-01-22T13:27:41

malloc-fail: Fix null deref in xmlSAX2AttributeInternal Found with libFuzzer, see #344.

b3b53dcc

2023-01-22T11:28:46

malloc-fail: Fix null deref in xmlSAX2Text Found with libFuzzer, see #344.

463bbeec

2022-12-19T18:39:45

entities: Rework entity amplification checks This commit implements robust detection of entity amplification attacks, better known as the "billion laughs" attack. We now limit the size of the document after substitution of entities to 10 times the size before expansion. This guarantees linear behavior by definition. There already was a similar check before, but the accounting of "sizeentities" (size of external entities) and "sizeentcopy" (size of all copies created by entity references) wasn't accurate. We also need saturation arithmetic since we're historically limited to "unsigned long" which is 32-bit on many platforms. A maximum of 10 MB of substitutions is always allowed. This should make use cases like DITA work which have caused problems in the past. The old checks based on the number of entities were removed. This is accounted for by adding a fixed cost to each entity reference. Entity amplification checks are now enabled even if XML_PARSE_HUGE is set. This option is mainly used to allow larger text nodes. Most users were unaware that it also disabled entity expansion checks. Some of the limits might be adjusted later. If this change turns out to affect legitimate use cases, we can add a separate parser option to disable the checks. Fixes #294. Fixes #345.

cecd364d

2022-11-24T16:38:47

parser: Don't call *DefaultSAXHandlerInit from xmlInitParser Change the default handler definitions to match the result after calling the initialization functions. This makes sure that no thread-local variables are accessed when calling xmlInitParser.

68a6518c

2022-11-15T18:23:33

parser: Rewrite push parser boundary checks Remove inaccurate xmlParseCheckTransition check. Remove non-incremental xmlParseGetLasts check. Add functions that check for several boundary constructs more accurately, keeping track of progress in ctxt->checkIndex. Fixes #439.

7ceaee94

2022-11-02T16:05:05

malloc-fail: Fix memory leak in xmlSAX2ExternalSubset Found with libFuzzer, see #344.

81621b1f

2022-09-02T18:38:33

Fix compiler warnings in SAX2.c

ad338ca7

2022-09-01T01:18:30

Remove explicit integer casts Remove explicit integer casts as final operation - in assignments - when passing arguments - when returning values Remove casts - to the same type - from certain range-bound values The main motivation is that these explicit casts don't change the result of operations and only render UBSan's implicit-conversion checks useless. Removing these casts allows UBSan to detect cases where truncation or sign-changes occur unexpectedly. Document some explicit casts as truncating and add a few missing ones.

aeb69fd3

2022-09-01T02:33:16

Fix overflow check in SAX2.c

0f568c0b

2022-08-26T01:22:33

Consolidate private header files Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.

0e49f882

2022-08-24T05:25:37

Mark most SAX1 functions as deprecated No compiler warnings generated yet.

4b184240

2022-08-22T14:11:15

Remove htmlDefaultSAXHandler from non-SAX1 build This matches long-standing behavior of the XML counterpart.

3e7b4f37

2022-05-20T23:28:25

Avoid calling xmlSetTreeDoc Create text nodes with xmlNewDocText or set the document directly to avoid xmlSetTreeDoc being called when the node is inserted.

40483d0c

2022-03-06T13:55:48

Deprecate module init and cleanup functions These functions shouldn't be part of the public API. Most init functions are only thread-safe when called from xmlInitParser. Global variables should only be cleaned up by calling xmlCleanupParser.

4a8c71eb

2022-03-04T03:35:57

Remove DOCBparser This code has been broken and deprecated since version 2.6.0, released in 2003. Because of a bug in commit 961b535c, DOCBparser.c was never compiled since 2012. I couldn't find a Debian package using any of its symbols, so it seems safe to remove this module.

c41bc10d

2022-02-22T19:57:12

Fix unused variable warnings with disabled features

346c3a93

2022-02-20T18:46:42

Remove elfgcchack.h The same optimization can be enabled with -fno-semantic-interposition since GCC 5. clang has always used this option by default.

e03590c9

2022-02-08T02:42:30

Don't add IDs containing unexpanded entity references When parsing without entity substitution, IDs or IDREFs containing unexpanded entity reference like "abc&x;def" could be created. We could try to expand these entities like in validation mode, but it seems safer to honor the request not to expand entities. We silently ignore such IDs for now.

d7cb33cf

2022-01-13T17:06:14

Rework validation context flags Use a bitmask instead of magic values to - keep track whether the validation context is part of a parser context - keep track whether xmlValidateDtdFinal was called This allows to add addtional flags later. Note that this deliberately changes the name of a public struct member, assuming that this was always private data never to be used by client code.

a647e430

2022-01-25T02:59:40

Fix casting of line numbers in SAX2.c The line member is an unsigned short. Avoids integer conversion warnings with UBSan. Also use USHRT_MAX instead of hard-coded constant.

92bce68c

2021-07-14T11:37:07

Fix memory leak in xmlSAX2AttributeDecl Found by Coverity. https://bugzilla.redhat.com/show_bug.cgi?id=1938806

acb35667

2021-02-03T13:48:40

Fix quadratic runtime when parsing CDATA sections Use optimized concatenation for CDATA sections in addition to normal text. This also affects HTML script content. Found by OSS-Fuzz.

21ca8829

2020-07-25T17:57:29

Don't try to handle namespaces when building HTML documents Don't try to resolve namespace in xmlSAX2StartElement when parsing HTML documents. This useless operation could slow down the parser considerably. Found by OSS-Fuzz.

20c60886

2020-03-08T17:19:42

Fix typos Resolves #133.

eddfbc38

2020-01-22T22:03:45

Don't load external entity from xmlSAX2GetEntity Despite the comment, I can't see a reason why external entities must be loaded in the SAX handler. For external entities, the handler is typically first invoked via xmlParseReference which will later load the entity on its own if it wasn't loaded yet. The old code also lead to duplicated SAX events which makes it basically impossible to reuse xmlSAX2GetEntity for a custom SAX parser. See the change to the expected test output. Note that xmlSAX2GetEntity was loading the entity via xmlParseCtxtExternalEntity while xmlParseReference uses xmlParseExternalEntityPrivate. In the previous commit, the two functions were merged, trying to compensate for some slight differences between the two mostly identical implementations. But the more urgent reason for this change is that xmlParseReference has the facility to abort early when recursive entities are detected, avoiding what could practically amount to an infinite loop. If you want to backport this change, note that the previous three commits are required as well: f9ea1a24 Fix copying of entities in xmlParseReference 5c7e0a9a Copy some XMLReader option flags to parser context 1a3e584a Merge code paths loading external entities Found by OSS-Fuzz.

2a350ee9

2019-09-30T17:04:54

Large batch of typo fixes Closes #109.

6b49db2c

2019-01-07T17:14:21

Fix memory leak in xmlSAX2StartElement Introduced by a recent commit. Only happens if max depth is exceeded in SAX1 mode. Found by OSS-Fuzz.

1567b55b

2018-11-22T14:28:58

Set doc on element obtained from freeElems In commit 8c9daf79, a call to xmlFreeNode was added in xmlSAX2StartElementNs. If a node was obtained from the freeElems list, make sure to set the doc, otherwise xmlFreeNode wouldn't realize that the node name might be in the dictionary, causing an invalid free. Note that the issue fixed in commit 8c9daf79 requires commit 0ed6addb and this one to work properly. Found by OSS-Fuzz.

0ed6addb

2018-09-22T15:41:01

Unlink node before freeing it in xmlSAX2StartElement The node may have been added to the document already, so it must be unlinked first. Thanks to David Kilzer for spotting this.

8c9daf79

2018-09-12T13:42:27

Check return value of nodePush in xmlSAX2StartElement If the maximum depth is exceeded, nodePush halts the parser which results in freeing the input buffer since the previous commit. This invalidates the attribute pointers, so the error condition must be checked. Found by OSS-Fuzz.

d422b954

2017-10-09T13:37:42

Fix pointer/int cast warnings on 64-bit Windows On 64-bit Windows, `long` is 32 bits wide and can't hold a pointer. Switch to ptrdiff_t instead which should be the same size as a pointer on every somewhat sane platform without requiring C99 types like intptr_t. Fixes bug 788312. Thanks to J. Peter Mugaas for the report and initial patch.

83fb4119

2017-09-05T23:45:04

Fix memory leaks in SAX1 parser Found by OSS-Fuzz. I could only reproduce this with the (obsolete) SAX1 parser. One leak is caused by duplicate namespaced attribute names and can be reproduced in memory mode (testcase 4556417027538944): $ cat file <d xmlns:a="ns" a:x="v" xmlns:b="ns" b:x="v"/> $ xmllint --sax1 --memory file The other is caused by ATTLISTs with a normalized default for "xmlns" if they're processed after the entity recursion limit was hit (testcase 5580750034305024). $ cat file <!DOCTYPE d [ <!ENTITY a '<d>&a;'> <!ATTLIST d xmlns NMTOKEN 't'> ]> <d>&a; $ xmllint --sax1 --valid file Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2461

8bbe4508

2017-06-17T16:15:09

Spelling and grammar fixes Fixes bug 743172, bug 743489, bug 769632, bug 782400 and a few other misspellings.

07418011

2017-04-05T10:22:40

Do not leak the new CData node if adding fails For https://bugzilla.gnome.org/show_bug.cgi?id=780918

4472c3a5

2016-05-13T15:13:17

Fix some format string warnings with possible format string vulnerability For https://bugzilla.gnome.org/show_bug.cgi?id=761029 Decorate every method in libxml2 with the appropriate LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups following the reports.

a6ea72ad

2014-07-14T20:29:34

Fix processing in SAX2 in case of an allocation failure Related to https://bugzilla.gnome.org/show_bug.cgi?id=731360

3e0eec43

2014-06-13T14:45:20

Adding some missing NULL checks in SAX2 DOM building code and in the HTML parser

52010c63

2013-06-16T08:55:08

Compile out use of xmlValidateNCName() when not available. Fix compilation with minimum and valid.

77b5b464

2014-02-10T10:32:45

Legacy needs xmlSAX2StartElement() and xmlSAX2EndElement(). Fix compilation with minimum and legacy.

a885f13a

2013-08-03T22:16:02

Fix a possible NULL dereference https://bugzilla.gnome.org/show_bug.cgi?id=705400 In case of allocation error the pointer was dereferenced before the test for a failure

ab0e3504

2013-03-27T13:21:38

Activate detection of encoding in external subset https://bugzilla.gnome.org/show_bug.cgi?id=694228 the ctxt->encoding was percolated down when parsing the external subset leading to failures

cff2546f

2013-03-11T15:57:55

Cache presence of '<' in entities content slightly modify how ent->checked is used, and use the lowest bit to keep the information

a3f1e3e5

2013-03-11T13:57:53

Avoid extra processing on entities If an entity has already been checked for correctness no need to check it on every reference

6c91aa38

2012-10-25T15:33:59

Fix a regression in 2.9.0 breaking validation while streaming https://bugzilla.gnome.org/show_bug.cgi?id=684774 with help from Kjell Ahlstedt <kjell.ahlstedt@bredband.net>

7651606f

2012-09-11T14:02:08

Various cleanups to avoid compiler warnings

f8e3db04

2012-09-11T13:26:36

Big space and tab cleanup Remove all space before tabs and space and tabs at end of lines.

968a03a2

2012-08-13T12:41:33

Add support for big line numbers in error reporting Fix the lack of line number as reported by Johan Corveleyn <jcorvel@gmail.com> * parser.c include/libxml/parser.h: add an XML_PARSE_BIG_LINES parser option not switch on by default, it's an opt-in * SAX2.c: if XML_PARSE_BIG_LINES is set store the long line numbers in the psvi field of text nodes * tree.c: expand xmlGetLineNo to extract those informations, also make sure we can't fail on recursive behaviour * error.c: in __xmlRaiseError, if a node is provided, call xmlGetLineNo() if we can't get a valid line number. * xmllint.c: switch on XML_PARSE_BIG_LINES in xmllint

740cb1a4

2012-07-18T16:05:37

Memory error within SAX2 reuse common framework There is no reason for that class of errors to not use the same handling allowing strctured error processing.

71a243d5

2012-01-17T19:25:08

xmlParseNodeInContext problems with an empty document When you call xmlParseNodeInContext on a fragment node with an empty document, the parser associates the first new node twice -- once with the document, and once with the fragment node. This fixes the issue by only associating the new node with the fragment node.

8ad4da5f

2012-05-08T11:01:12

HTML element position is not detected propperly The data in node_seq in xmlParserCtxt was not updated properly when parsing HTML. This patch fixes the accounting for both pull and push mode of HTML parsing.

1c989278

2012-01-26T19:43:06

Fix SAX2 builder in case of undefined attributes namespace To follow the early XML-1.0 REC, the new localname is "prefix:localname" and there is obviously now namespace.

77b77b13

2012-01-26T19:11:02

Fix SAX2 builder in case of undefined element namespaces Work as in XML-1.0 before namespaces, and use prefix:localname as the new element name (and no namespace of course) Also fix 3 cases in the regression tests where the prefix: was erroneously dropped in such case

aa54d37c

2010-09-09T18:17:47

Fix handling of XML-1.0 XML namespace declaration Usually 'xml' namespace for XML-1.0 declaration does not need to be carried but Mike Hommey raised the problem that the SVG XSD file fails to parse due to a mishandling. - SAX2.c: failure to create a namespace should not be interpreted as a memory allocation error - tree.c: document better xmlNewNs behaviour, and fix it in the case the 'xml' prefix is being used.

06c93b75

2010-03-15T16:08:44

Remove a few warnings

3c080d6d

2010-03-15T15:47:50

Don't give default HTML boolean attribute values in parser * HTMLparser.c: don't default value of HTML boolean attributes in the parser * SAX2.c: move this to SAX2 tree building backend * result/HTML/doc2.htm.sax result/HTML/doc3.htm.sax result/HTML/wired.html.sax: this changes a few HTML SAX regression tests

594e5dfb

2009-09-07T14:58:47

Chasing dead assignments reported by clang-scan * SAX2.c dict.c error.c hash.c nanohttp.c parser.c python/libxml.c relaxng.c runtest.c tree.c valid.c xinclude.c xmlregexp.c xmlsave.c xmlschemas.c xpath.c xpointer.c: mostly removing unneded affectations, but this led to a few real bugs and some part not yet understood (relaxng/interleave)

d44b9364

2009-09-07T12:15:08

A few more safety cleanup raised by scan * SAX2.c encoding.c parser.c xmlschemas.c: a few more safety checks * relaxng.c: remove an unused intitialization

74eaec14

2009-08-26T15:57:20

502960 provide namespace stack when parsing entity * parser.c: copy the entity stack * SAX2.c: fix the warning message for default entities

023d0bab

2009-07-29T11:34:50

Fix leak on SAX1, xmllint --sax1 option and debug * SAX2.c: don't leak in xmlCheckDefaultedAttributes for standalone checking * xmllint.c: fix xmllint --sax1 to actually use XML_PARSE_SAX1 * debugXML.c: don't raise an error if markup wasn't allocated from dictionary if document was parsed with option disabling it

669e88c0

2009-07-29T11:33:32

potential NULL dereference on non-glibc * SAX2.c (xmlCheckDefaultedAttributes): When xmlStrdup and/or xmlStrcat fails due to OOM avoid printing NULL via a printf-style "%s" format

97ff9b36

2009-01-18T21:43:30

preparing 0.7.3 release fix a typo in a name Daniel * configure.in doc/xml.html doc/*: preparing 0.7.3 release * include/libxml/parserInternals.h SAX2.c: fix a typo in a name Daniel svn path=/trunk/; revision=3814

1fb2e0df

2009-01-18T14:08:36

add a new define XML_MAX_TEXT_LENGHT limiting the maximum size of a single * include/libxml/parserInternals.h SAX2.c: add a new define XML_MAX_TEXT_LENGHT limiting the maximum size of a single text node, the defaultis 10MB and can be removed with the HUGE parsing option Daniel svn path=/trunk/; revision=3808

1dc9feb0

2008-11-17T15:59:21

fix for CVE-2008-4226, a memory overflow when building gigantic text * SAX2.c parser.c: fix for CVE-2008-4226, a memory overflow when building gigantic text nodes, and a bit of cleanup to better handled out of memory problem in that code. * tree.c: fix for CVE-2008-4225, lack of testing leads to a busy loop test assuming one have enough core memory. Daniel svn path=/trunk/; revision=3803

f4f4e485

2008-08-25T08:57:48

rework the patch to avoid some ABI issue with people allocating entities * include/libxml/entities.h entities.c SAX2.c parser.c: rework the patch to avoid some ABI issue with people allocating entities structure directly Daniel svn path=/trunk/; revision=3773

ae0765b6

2008-07-31T19:54:59

more progresses against the official regression tests small cleanup for * runxmlconf.c: more progresses against the official regression tests * runsuite.c: small cleanup for non-leak reports * include/libxml/tree.h: parsing flags and other properties are now added to the document node, this is generally useful and allow to make Name and NmToken validations based on the parser flags, more specifically the 5th edition of XML or not * HTMLparser.c tree.c: small side effects for the previous changes * parser.c SAX2.c valid.c: the bulk of teh changes are here, the parser and validation behaviour can be affected, parsing flags need to be copied, lot of changes. Also fixing various validation problems in the regression tests. Daniel svn path=/trunk/; revision=3762

45efd087

2008-07-07T13:52:52

fix line number on text nodes, problem raised by Ralf Junker Daniel * SAX2.c: fix line number on text nodes, problem raised by Ralf Junker Daniel svn path=/trunk/; revision=3751

b242b088

2008-02-08T09:56:31

applied patch from Florent Guilian to remove an useless mutex in the * dict.c: applied patch from Florent Guilian to remove an useless mutex in the xmlDict structure. older, not commited ... * SAX2.c: another leak reported by Ashwin * xinclude.c: fixed the behaviour when XIncluding a fragment of the current document, patch from Chris Ryan Daniel svn path=/trunk/; revision=3686

kc3-lang/libxml2/SAX2.c

SAX2.c

Log