kmx git

Commit	Date	Message
fd85b566	2022-08-24T15:12:24	Mark more parser functions as deprecated No compiler warnings generated yet.
88637d42	2022-08-24T15:09:46	Improve cross-references in API docs Also cross-reference keywords followed by a period. This is still a hack but catches quite a few more keywords.
6cdaa192	2022-08-24T14:34:04	Rebuild documentation
b33be8a0	2022-08-24T14:29:50	Switch back to HTML output for API documentation
0e49f882	2022-08-24T05:25:37	Mark most SAX1 functions as deprecated No compiler warnings generated yet.
ce93ee90	2022-08-24T05:24:13	xmllint: Stop calling xmlSAXDefaultVersion This should already be handled by setting XML_PARSE_SAX1.
9a82b94a	2022-08-24T04:21:58	Introduce xmlNewSAXParserCtxt and htmlNewSAXParserCtxt Add API functions to create a parser context with a custom SAX handler without having to mess with ctxt->sax manually.
0a04db19	2022-08-24T14:06:00	Don't mess with parser options in htmlParseDocument Don't set ctxt->html. This member should already be initialized. Set ctxt->linenumbers in htmlCtxtUseOptions like the XML parser does.
d45263a2	2022-08-24T14:04:35	Remove useless call to htmlDefaultSAXHandlerInit This function is already called from xmlInitParser.
3513d76a	2022-08-24T02:18:50	Improve documentation of globals Document more global variables as deprecated. Some of the variables don't generate deprecation warnings yet, but they shouldn't be used in new code.
f703ed69	2022-08-24T01:29:49	Fix documentation parser Reset comment right after adding to the index.
bd6a4272	2022-08-24T00:17:51	Rebuild API documentation
4f3eb8a3	2022-08-24T00:15:10	Support comments for global variables in documentation This was never implemented.
288c951e	2022-08-24T00:12:59	Fix update call in apibuild.py There are still a few places where try/except is used for branching. This is a bad idea since it can hide errors like this one.
92bb889b	2022-08-24T00:03:44	Don't index anything in DOC_DISABLE sections Somewhat misleadingly, the DOC_DISABLE directive only disabled warnings. Now we really stop the documentation generator from indexing. This results in additional warnings for xmlThrDef* functions. This should be fixed by documenting or deprecating them.
75b5bc2b	2022-08-23T20:57:49	Deprecate some global variables Most of these should be completely unused.
484efeb6	2022-08-23T20:07:39	cmake: Disable version script on macOS Fixes #400
e519c6e1	2022-08-22T15:16:00	Fix testapi when building --without-sax1 Broken in commit c61e1273.
4b184240	2022-08-22T14:11:15	Remove htmlDefaultSAXHandler from non-SAX1 build This matches long-standing behavior of the XML counterpart.
80bd34c3	2022-08-22T14:06:37	Don't initialize SAX handler in htmlReadMemory The SAX handler is already initialized when creating the parser context.
37cedc0b	2022-08-22T14:04:07	Fix htmlReadMemory mixing up XML and HTML functions Also see fe6890e2.
920753c4	2022-08-22T13:46:50	Don't use default SAX handler to report unrelated errors
38f04779	2022-08-22T13:33:35	Fix HTML parser with threads and --without-legacy If the legacy functions are disabled, the default "V1" HTML SAX handler isn't initialized in threads other than the main thread. htmlInitParserCtxt would later use the empty V1 SAX handler, resulting in NULL documents. Change htmlInitParserCtxt to initialize the HTML SAX handler by calling xmlSAX2InitHtmlDefaultSAXHandler. This removes the ability to change the default handler but is more in line with the XML parser which initializes the SAX handler by calling xmlSAXVersion, ignoring the V1 default handler. Fixes #399.
c21e9cd5	2022-08-20T17:02:02	Use xmlStrlen in xmlNewStringInputStream xmlStrlen handles buffers larger than INT_MAX more gracefully.
5b2d07a7	2022-08-20T17:00:50	Use xmlStrlen in *CtxtReadDoc xmlStrlen handles buffers larger than INT_MAX more gracefully.
b1b65417	2022-08-20T15:15:04	Create stream with buffer in xmlNewStringInputStream Create an input stream with a buffer in xmlNewStringInputStream. Otherwise, switching encodings won't work. See #34.
4ad71c2d	2022-08-20T16:19:34	Fix xmlCtxtReadDoc with encoding xmlCtxtReadDoc used to create an input stream involving xmlNewStringInputStream. This would create a stream without an input buffer, causing problems with encodings (see #34). After commit aab584dc3, an error was returned even with UTF-8 encodings which happened to work before. Make xmlCtxtReadDoc call xmlCtxtReadMemory which doesn't suffer from these issues. Also fix htmlCtxtReadDoc. Fixes #397.
d54f829f	2022-08-19T11:28:49	Rebuild documentation
b071d74b	2022-08-18T22:17:35	Port build_glob.py to Python 3
b22b6deb	2022-08-18T21:58:07	Port genChRanges.py to Python 3
18d79460	2022-08-18T21:03:56	Port doc/examples/index.py to Python 3 - Make sure that examples.xml is generated deterministically - Sort includes by line number
5264fa11	2022-08-18T20:17:27	Fix warnings from apibuild.py
a7af2c99	2022-08-18T20:03:07	Fix order of exports in libxml2-api.xml The values passed to the `uniq` function are dictionary keys and should already be unique. On older Python versions, this would reshuffle the list after it had just been sorted.
f82b56c6	2022-08-18T19:51:33	Remove libxml2-refs.xml The cross-reference was only used by the old website.
b60cdf1f	2022-08-18T19:17:37	Remove Makefile rule to build testapi.c This file is under version control and should only be rebuilt on demand.
35297983	2022-08-17T14:52:31	Start with documentation for maintainers
ae383bdb	2022-08-17T13:16:19	Release v2.10.0
d20df9d8	2022-08-17T12:01:04	Cleanup files generated by test suite Fixes make distcheck.
4e494b9c	2022-08-17T12:00:40	Add uninstall target for examples Fixes make distcheck.
229fe8f1	2022-08-17T11:41:23	Rebuild documentation
24323d31	2022-08-17T11:39:55	Don't autogenerate doc/examples/Makefile.am
0fbfb4b5	2022-08-17T11:22:38	Make gentest.py work with Python 2
a09c8954	2022-08-15T12:19:25	Fix memory leak with invalid XSD xmlSchemaClearElemInfo can add new items to the "matcher" cache, so the cache must be cleared after calling this function, not before. This only seems to affect invalid XSDs. Fixes #390.
3c4e4bb7	2022-08-05T16:24:51	Fix build with older pkg-config versions The PKG_CHECK_VAR macro was introduced in pkg-config 0.28. Guard the invocation with m4_ifdef. Fixes #374.
e986d09c	2022-07-15T14:02:26	Skip incorrectly opened HTML comments Commit 4fd69f3e fixed handling of '<' characters not followed by an ASCII letter. But a '<!' sequence followed by invalid characters should be treated as bogus comment and skipped. Fixes #380.
6722d22c	2022-07-15T13:26:41	Reduce indentation in HTMLparser.c No functional change.
39745c92	2022-07-19T21:23:44	Improve documentation of tree manipulation API - Discourage use of node constructors without document. - Mention that xmlReconciliateNs is crucial when moving nodes from one document to another.
677a4264	2022-07-28T20:21:24	Make XPath depth check work with recursive invocations EXSLT functions like dyn:map or dyn:evaluate invoke xmlXPathRunEval recursively. Don't set depth to zero but keep and restore the original value to avoid stack overflows when abusing these functions.
a82ea25f	2022-07-28T21:35:17	Also reset nsNr in htmlCtxtReset
5930fe01	2022-07-18T20:59:45	Reset nsNr in xmlCtxtReset
eab0ce8f	2022-07-13T21:47:37	cmake: Install libxml.m4 on UNIX-like platforms Install libxml.m4 to follow GNU Autotools more closely
88012a38	2022-07-13T21:02:50	cmake: Use symbol versioning on UNIX-like platforms Use symbol versioning to follow GNU Autotools more closely
c9925454	2022-07-06T17:08:26	Use NAN/INFINITY if available to init XPath NaN/Inf
ca2c91f1	2022-06-28T19:24:14	Fix memory leak in xmlLoadEntityContent error path Free the input stream if pushing it fails. Found by OSS-Fuzz. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43743
ecba4cbd	2022-06-28T19:22:31	Avoid double-free if malloc fails in inputPush It's the caller's responsibility to free the input stream if this function fails.
3e7b4f37	2022-05-20T23:28:25	Avoid calling xmlSetTreeDoc Create text nodes with xmlNewDocText or set the document directly to avoid xmlSetTreeDoc being called when the node is inserted.
823bf161	2022-05-20T22:38:38	Simplify xmlFreeNode
a17a1f56	2022-05-18T02:17:31	Don't reset nsDef when changing node content nsDef is only used for element nodes.
24646525	2022-05-18T02:16:34	Fix unintended fall-through in xmlNodeAddContentLen
d8f05db8	2022-05-14T22:28:19	Fix Python tests on macOS
6ef16dee	2022-05-13T14:43:33	Reserve byte for NUL terminator and report errors consistently in xmlBuf and xmlBuffer This is a follow-up to commit 6c283d83. * buf.c: (xmlBufGrowInternal): - Call xmlBufMemoryError() when the buffer size would overflow. - Account for NUL terminator byte when using XML_MAX_TEXT_LENGTH. - Do not include NUL terminator byte when returning length. (xmlBufAdd): - Call xmlBufMemoryError() when the buffer size would overflow. * tree.c: (xmlBufferGrow): - Call xmlTreeErrMemory() when the buffer size would overflow. - Do not include NUL terminator byte when returning length. (xmlBufferResize): - Update error message in xmlTreeErrMemory() to be consistent with other similar messages. (xmlBufferAdd): - Call xmlTreeErrMemory() when the buffer size would overflow. (xmlBufferAddHead): - Add overflow checks similar to those in xmlBufferAdd().
4ce2abf6	2022-05-29T09:46:00	Fix missing NUL terminators in xmlBuf and xmlBuffer functions * buf.c: (xmlBufAddLen): - Change check for remaining space to account for the NUL terminator. When adding a length exactly equal to the number of unused bytes, a NUL terminator was not written. (xmlBufResize): - Set `buf->use` and NUL terminator when allocating a new buffer. * tree.c: (xmlBufferResize): - Set `buf->use` and NUL terminator when allocating a new buffer. (xmlBufferAddHead): - Set NUL terminator before returning early when shifting contents.
d70e548f	2022-06-15T17:25:03	Fix xmlCleanupThreads on Windows Fix #ifdef logic: - Also free TLS key in static build. - Always reset 'run_once' state.
65f8a620	2022-06-14T18:38:12	Fix reinitialization of library on Windows Reset the 'run_once' state in xmlCleanupThreads, so the global variables can be reinitialized later. While it's generally unsafe to call xmlCleanupParser and continue to use the library afterwards, this fix should avoid an outright crash if you do so on Windows. This should help with applications erroneously calling xmlCleanupParser. See #376.
a6df42e6	2022-05-28T08:08:29	Fix integer overflow in xmlBufferDump() * tree.c: (xmlBufferDump): - Cap the return value to INT_MAX.
c14cac8b	2022-05-25T18:13:07	xmlBufAvail() should return length without including a byte for NUL terminator * buf.c: (xmlBufAvail): - Return the number of bytes available in the buffer, but do not include a byte for the NUL terminator so that it is reserved. * encoding.c: (xmlCharEncFirstLineInput): (xmlCharEncInput): (xmlCharEncOutput): * xmlIO.c: (xmlOutputBufferWriteEscape): - Remove code that subtracts 1 from the return value of xmlBufAvail(). It was implemented inconsistently anyway.
fe9f76eb	2022-05-25T15:58:30	Remove unused xmlBuf functions Remove the following functions: - xmlBufAddHead() - xmlBufErase() - xmlBufInflate() - xmlBufWriteCHAR() - xmlBufWriteChar()
461ef8ac	2022-05-25T14:19:10	Fix double colon typos in xmlBufferResize() Introduced in commit 6c283d83e.
4bc3ebf3	2022-03-19T17:17:40	Fix ownership of xmlNodePtr & xmlAttrPtr fields in xmlSetTreeDoc() When changing `doc` on an xmlNodePtr or xmlAttrPtr, certain fields must either be a free-standing string, or they must be owned by `doc->dict`. The code to make this change was simply missing, so the crash happened when an xmlAttrPtr was being torn down after `doc` changed from non-NULL to NULL, but the `name` field was not copied. This is scenario 1 below. The xmlNodePtr->name and xmlNodePtr->content fields are also fixed at the same time. Note that xmlNodePtr->content is never added to the dictionary, so NULL is used instead of `newDict` to force a free-standing copy. This change covers all cases of dictionary changes: 1. Owned by old dictionary -> NULL new dictionary - Create free-standing copy of string. 2. Owned by old dictionary -> Non-NULL new dictionary - Get string from new dictionary pool. 3. Not owned by old dictionary -> Non-NULL new dictionary - No action necessary (already a free-standing string). 4. Not owned by old dictionary -> NULL new dictionary - No action necessary (already a free-standing string). * tree.c: (_copyStringForNewDictIfNeeded): Add. (xmlSetTreeDoc): - Update xmlNodePtr->name, xmlNodePtr->content and xmlAttrPtr->name when changing the document, if needed. Found by OSS-Fuzz Issue 45132.
0aa8652e	2022-05-20T14:54:49	Use xmlNewDocText in xmlXIncludeCopyRange Otherwise, the initial node of the copy could be a text node with a NULL document. This results in the NULL document being propagated to copies of other nodes, losing information about the dictionary in which node data is stored, and freeing a dict-allocated string. See discussion in !175.
351dbdfe	2022-05-20T14:53:33	Disable network in API tests Avoids hangs when trying to make network connections.
c50196c1	2022-04-10T20:02:47	Fix use-after-free bugs when calling xmlTextReaderClose() before xmlFreeTextReader() on post-validating parser When creating an xmlTextReaderPtr using xmlReaderForMemory(), there are two optional API functions that can be used: - xmlTextReaderClose() may be called prior to calling xmlFreeTextReader() to free parsing resources and close the xmlTextReaderPtr without freeing it. - xmlTextReaderCurrentDoc() may be called to return an xmlDocPtr that's owned by the caller, and must be free using xmlFreeDoc() after calling xmlFreeTextReader(). The use-after-free issues occur when calling xmlTextReaderClose() before xmlFreeTextReader(), with different issues occurring depending on whether xmlTextReaderCurrentDoc() is also called. * xmlreader.c: (xmlFreeTextReader): - Move code to xmlTextReaderClose(), remove duplicate code, and call xmlTextReaderClose() if it hasn't been called yet. (xmlTextReaderClose): - Move call to xmlFreeNode(reader->faketext) from xmlFreeTextReader() to fix a use-after-free bug when calling xmlTextReaderClose() before xmlFreeTextReader(), but not when using xmlTextReaderCurrentDoc(). The bug was introduced in 2002 by commit beb70bd39. In 2009 commit f4653dcd8 fixed the use-after-free that occurred every time xmlFreeTextReader() was called, but not the case where xmlTextReaderClose() was called first. - Move post-parsing validation code from xmlFreeTextReader() to fix a second use-after-free when calling xmlTextReaderClose() before xmlFreeTextReader(). This regressed in v2.9.10 with commit 57a3af56f.
054e46b0	2022-05-14T08:48:01	Restore behavior of htmlDocContentDumpFormatOutput() Patch by J Pascoe of Apple. * HTMLtree.c: (htmlDocContentDumpFormatOutput): - Prior to commit b79ab6e6d92, xmlDoc.type was set to XML_HTML_DOCUMENT_NODE before dumping the HTML output, then restored before returning.
e08d8c37	2022-05-06T10:17:57	Add xptr_locs flag to win32/configure.js The xptr_locs flag was added in commit 67070107 but no flag was added to win32/configure.js, leading a compile error I had on windows where the @WITH_XPTR_LOCS@ macro was not replaced properly on windows.
c1632fbd	2022-05-06T10:58:58	fix typo in comment
e9270ef0	2022-05-06T10:44:03	fix Schematron spelling
6c283d83	2022-03-08T20:10:02	[CVE-2022-29824] Fix integer overflows in xmlBuf and xmlBuffer In several places, the code handling string buffers didn't check for integer overflow or used wrong types for buffer sizes. This could result in out-of-bounds writes or other memory errors when working on large, multi-gigabyte buffers. Thanks to Felix Wilhelm for the report.
433b3186	2022-04-27T12:39:12	Define LFS macros before including system headers xmlstring.h includes stdarg.h, so it must be included after defining macros like _FILE_OFFSET_BITS.
14517012	2022-04-23T19:19:33	Fix parsing of subtracted regex character classes Fixes #370.
d9e1198c	2022-04-23T18:42:35	Redirect examples test output to /dev/null Regressed in commit c61e1273.
d314046f	2022-04-23T17:41:44	Don't try to copy children of entity references This would result in an error, aborting the whole copy operation. Regressed in commit 7618a3b1. Fixes #371.
0c0f2a57	2022-04-21T07:51:23	Port genUnicode.py to Python 3
b31e07db	2022-04-22T20:14:05	testapi: remove leading slash from "/missing.xml" Fixes an error when running tests in a sandbox on Gentoo Linux. Bug: https://bugs.gentoo.org/839804
65b01647	2022-04-21T06:27:33	Build Autotools CI tests out of source tree (VPATH)
ad098030	2022-04-21T06:23:55	Add --with-minimum build to CI tests
c61e1273	2022-04-21T06:03:22	Fix warnings when testing --with-minimum build There's no simple way to make the doc/examples tests handle different configurations. But these tests aren't especially valuable, so remove the result file checks.
4612ce30	2022-04-21T03:52:52	Implement xpath1() XPointer scheme See https://www.w3.org/2005/04/xpointer-schemes/
67070107	2022-04-20T23:17:14	Add configuration flag for XPointer locations support Add a new configuration flag that controls whether the outdated support for XPointer locations (ranges and points) is enabled. --with-xptr-locs # Autotools LIBXML2_WITH_XPTR_LOCS # CMake The latest spec for what it essentially an XPath extension seems to be this working draft from 2002: https://www.w3.org/TR/xptr-xpointer/ The xpointer() scheme is listed as "being reviewed" in the XPointer registry since at least 2006. libxml2 seems to be the only modern software that tries to implement this spec, but the code has many bugs and quality issues. The flag defaults to "off" and support for this extensions has to be requested explicitly. The relevant API functions are deprecated.
9a0be0dc	2022-04-21T01:11:35	Regenerate api.xml and testapi.c
343fc142	2022-04-21T00:45:58	Port gentest.py to Python 3
02709d0f	2022-04-20T19:18:17	Remove remaining definitions of STDC_HEADERS Sync with Autotools build.
270eb712	2022-04-20T14:04:04	cmake: Run all tests when threads are disabled
18bcced9	2022-04-20T13:36:02	cmake: Fix build with thread support Move configure_file(config.h) below pthreads check. Fix regression caused by commit f5659a1.
dbc23ed3	2022-04-13T17:02:50	Also build CI tests with -Werror
7204dbb0	2022-04-13T16:51:49	Don't mix declarations and code in runtest.c
776b0028	2022-04-13T16:46:58	cmake: Disable FTP and legacy modules by default Sync with Autotools build.
e13c8081	2022-04-13T16:45:57	Run CI tests with FTP and legacy modules These modules are disabled by default. Enable them when testing.
cacf6555	2022-04-13T16:43:15	Fix compiler warnings in Python code Add more deprecated functions to avoid compiler warnings when building the Python bindings.
f5659a12	2022-04-13T14:30:54	cmake: Fix build without thread support Only check for pthread.h if threads are enabled. Fixes #367.
44e9118c	2022-04-08T12:33:17	Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() * HTMLparser.c: (htmlSkipBlankChars): * parser.c: (xmlSkipBlankChars): - Cap the return value at INT_MAX. - The commit range that OSS-Fuzz listed for the fix didn't make any changes to xmlSkipBlankChars(), so it seems like this issue may still exist. Found by OSS-Fuzz Issue 44803.

fd85b566

2022-08-24T15:12:24

Mark more parser functions as deprecated No compiler warnings generated yet.

88637d42

2022-08-24T15:09:46

Improve cross-references in API docs Also cross-reference keywords followed by a period. This is still a hack but catches quite a few more keywords.

6cdaa192

2022-08-24T14:34:04

Rebuild documentation

b33be8a0

2022-08-24T14:29:50

Switch back to HTML output for API documentation

0e49f882

2022-08-24T05:25:37

Mark most SAX1 functions as deprecated No compiler warnings generated yet.

ce93ee90

2022-08-24T05:24:13

xmllint: Stop calling xmlSAXDefaultVersion This should already be handled by setting XML_PARSE_SAX1.

9a82b94a

2022-08-24T04:21:58

Introduce xmlNewSAXParserCtxt and htmlNewSAXParserCtxt Add API functions to create a parser context with a custom SAX handler without having to mess with ctxt->sax manually.

0a04db19

2022-08-24T14:06:00

Don't mess with parser options in htmlParseDocument Don't set ctxt->html. This member should already be initialized. Set ctxt->linenumbers in htmlCtxtUseOptions like the XML parser does.

d45263a2

2022-08-24T14:04:35

Remove useless call to htmlDefaultSAXHandlerInit This function is already called from xmlInitParser.

3513d76a

2022-08-24T02:18:50

Improve documentation of globals Document more global variables as deprecated. Some of the variables don't generate deprecation warnings yet, but they shouldn't be used in new code.

f703ed69

2022-08-24T01:29:49

Fix documentation parser Reset comment right after adding to the index.

bd6a4272

2022-08-24T00:17:51

Rebuild API documentation

4f3eb8a3

2022-08-24T00:15:10

Support comments for global variables in documentation This was never implemented.

288c951e

2022-08-24T00:12:59

Fix update call in apibuild.py There are still a few places where try/except is used for branching. This is a bad idea since it can hide errors like this one.

92bb889b

2022-08-24T00:03:44

Don't index anything in DOC_DISABLE sections Somewhat misleadingly, the DOC_DISABLE directive only disabled warnings. Now we really stop the documentation generator from indexing. This results in additional warnings for xmlThrDef* functions. This should be fixed by documenting or deprecating them.

75b5bc2b

2022-08-23T20:57:49

Deprecate some global variables Most of these should be completely unused.

484efeb6

2022-08-23T20:07:39

cmake: Disable version script on macOS Fixes #400

e519c6e1

2022-08-22T15:16:00

Fix testapi when building --without-sax1 Broken in commit c61e1273.

4b184240

2022-08-22T14:11:15

Remove htmlDefaultSAXHandler from non-SAX1 build This matches long-standing behavior of the XML counterpart.

80bd34c3

2022-08-22T14:06:37

Don't initialize SAX handler in htmlReadMemory The SAX handler is already initialized when creating the parser context.

37cedc0b

2022-08-22T14:04:07

Fix htmlReadMemory mixing up XML and HTML functions Also see fe6890e2.

920753c4

2022-08-22T13:46:50

Don't use default SAX handler to report unrelated errors

38f04779

2022-08-22T13:33:35

Fix HTML parser with threads and --without-legacy If the legacy functions are disabled, the default "V1" HTML SAX handler isn't initialized in threads other than the main thread. htmlInitParserCtxt would later use the empty V1 SAX handler, resulting in NULL documents. Change htmlInitParserCtxt to initialize the HTML SAX handler by calling xmlSAX2InitHtmlDefaultSAXHandler. This removes the ability to change the default handler but is more in line with the XML parser which initializes the SAX handler by calling xmlSAXVersion, ignoring the V1 default handler. Fixes #399.

c21e9cd5

2022-08-20T17:02:02

Use xmlStrlen in xmlNewStringInputStream xmlStrlen handles buffers larger than INT_MAX more gracefully.

5b2d07a7

2022-08-20T17:00:50

Use xmlStrlen in *CtxtReadDoc xmlStrlen handles buffers larger than INT_MAX more gracefully.

b1b65417

2022-08-20T15:15:04

Create stream with buffer in xmlNewStringInputStream Create an input stream with a buffer in xmlNewStringInputStream. Otherwise, switching encodings won't work. See #34.

4ad71c2d

2022-08-20T16:19:34

Fix xmlCtxtReadDoc with encoding xmlCtxtReadDoc used to create an input stream involving xmlNewStringInputStream. This would create a stream without an input buffer, causing problems with encodings (see #34). After commit aab584dc3, an error was returned even with UTF-8 encodings which happened to work before. Make xmlCtxtReadDoc call xmlCtxtReadMemory which doesn't suffer from these issues. Also fix htmlCtxtReadDoc. Fixes #397.

d54f829f

2022-08-19T11:28:49

Rebuild documentation

b071d74b

2022-08-18T22:17:35

Port build_glob.py to Python 3

b22b6deb

2022-08-18T21:58:07

Port genChRanges.py to Python 3

18d79460

2022-08-18T21:03:56

Port doc/examples/index.py to Python 3 - Make sure that examples.xml is generated deterministically - Sort includes by line number

5264fa11

2022-08-18T20:17:27

Fix warnings from apibuild.py

a7af2c99

2022-08-18T20:03:07

Fix order of exports in libxml2-api.xml The values passed to the `uniq` function are dictionary keys and should already be unique. On older Python versions, this would reshuffle the list after it had just been sorted.

f82b56c6

2022-08-18T19:51:33

Remove libxml2-refs.xml The cross-reference was only used by the old website.

b60cdf1f

2022-08-18T19:17:37

Remove Makefile rule to build testapi.c This file is under version control and should only be rebuilt on demand.

35297983

2022-08-17T14:52:31

Start with documentation for maintainers

ae383bdb

2022-08-17T13:16:19

Release v2.10.0

d20df9d8

2022-08-17T12:01:04

Cleanup files generated by test suite Fixes make distcheck.

4e494b9c

2022-08-17T12:00:40

Add uninstall target for examples Fixes make distcheck.

229fe8f1

2022-08-17T11:41:23

Rebuild documentation

24323d31

2022-08-17T11:39:55

Don't autogenerate doc/examples/Makefile.am

0fbfb4b5

2022-08-17T11:22:38

Make gentest.py work with Python 2

a09c8954

2022-08-15T12:19:25

Fix memory leak with invalid XSD xmlSchemaClearElemInfo can add new items to the "matcher" cache, so the cache must be cleared after calling this function, not before. This only seems to affect invalid XSDs. Fixes #390.

3c4e4bb7

2022-08-05T16:24:51

Fix build with older pkg-config versions The PKG_CHECK_VAR macro was introduced in pkg-config 0.28. Guard the invocation with m4_ifdef. Fixes #374.

e986d09c

2022-07-15T14:02:26

Skip incorrectly opened HTML comments Commit 4fd69f3e fixed handling of '<' characters not followed by an ASCII letter. But a '<!' sequence followed by invalid characters should be treated as bogus comment and skipped. Fixes #380.

6722d22c

2022-07-15T13:26:41

Reduce indentation in HTMLparser.c No functional change.

39745c92

2022-07-19T21:23:44

Improve documentation of tree manipulation API - Discourage use of node constructors without document. - Mention that xmlReconciliateNs is crucial when moving nodes from one document to another.

677a4264

2022-07-28T20:21:24

Make XPath depth check work with recursive invocations EXSLT functions like dyn:map or dyn:evaluate invoke xmlXPathRunEval recursively. Don't set depth to zero but keep and restore the original value to avoid stack overflows when abusing these functions.

a82ea25f

2022-07-28T21:35:17

Also reset nsNr in htmlCtxtReset

5930fe01

2022-07-18T20:59:45

Reset nsNr in xmlCtxtReset

eab0ce8f

2022-07-13T21:47:37

cmake: Install libxml.m4 on UNIX-like platforms Install libxml.m4 to follow GNU Autotools more closely

88012a38

2022-07-13T21:02:50

cmake: Use symbol versioning on UNIX-like platforms Use symbol versioning to follow GNU Autotools more closely

c9925454

2022-07-06T17:08:26

Use NAN/INFINITY if available to init XPath NaN/Inf

ca2c91f1

2022-06-28T19:24:14

Fix memory leak in xmlLoadEntityContent error path Free the input stream if pushing it fails. Found by OSS-Fuzz. https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43743

ecba4cbd

2022-06-28T19:22:31

Avoid double-free if malloc fails in inputPush It's the caller's responsibility to free the input stream if this function fails.

3e7b4f37

2022-05-20T23:28:25

Avoid calling xmlSetTreeDoc Create text nodes with xmlNewDocText or set the document directly to avoid xmlSetTreeDoc being called when the node is inserted.

823bf161

2022-05-20T22:38:38

Simplify xmlFreeNode

a17a1f56

2022-05-18T02:17:31

Don't reset nsDef when changing node content nsDef is only used for element nodes.

24646525

2022-05-18T02:16:34

Fix unintended fall-through in xmlNodeAddContentLen

d8f05db8

2022-05-14T22:28:19

Fix Python tests on macOS

6ef16dee

2022-05-13T14:43:33

Reserve byte for NUL terminator and report errors consistently in xmlBuf and xmlBuffer This is a follow-up to commit 6c283d83. * buf.c: (xmlBufGrowInternal): - Call xmlBufMemoryError() when the buffer size would overflow. - Account for NUL terminator byte when using XML_MAX_TEXT_LENGTH. - Do not include NUL terminator byte when returning length. (xmlBufAdd): - Call xmlBufMemoryError() when the buffer size would overflow. * tree.c: (xmlBufferGrow): - Call xmlTreeErrMemory() when the buffer size would overflow. - Do not include NUL terminator byte when returning length. (xmlBufferResize): - Update error message in xmlTreeErrMemory() to be consistent with other similar messages. (xmlBufferAdd): - Call xmlTreeErrMemory() when the buffer size would overflow. (xmlBufferAddHead): - Add overflow checks similar to those in xmlBufferAdd().

4ce2abf6

2022-05-29T09:46:00

Fix missing NUL terminators in xmlBuf and xmlBuffer functions * buf.c: (xmlBufAddLen): - Change check for remaining space to account for the NUL terminator. When adding a length exactly equal to the number of unused bytes, a NUL terminator was not written. (xmlBufResize): - Set `buf->use` and NUL terminator when allocating a new buffer. * tree.c: (xmlBufferResize): - Set `buf->use` and NUL terminator when allocating a new buffer. (xmlBufferAddHead): - Set NUL terminator before returning early when shifting contents.

d70e548f

2022-06-15T17:25:03

Fix xmlCleanupThreads on Windows Fix #ifdef logic: - Also free TLS key in static build. - Always reset 'run_once' state.

65f8a620

2022-06-14T18:38:12

Fix reinitialization of library on Windows Reset the 'run_once' state in xmlCleanupThreads, so the global variables can be reinitialized later. While it's generally unsafe to call xmlCleanupParser and continue to use the library afterwards, this fix should avoid an outright crash if you do so on Windows. This should help with applications erroneously calling xmlCleanupParser. See #376.

a6df42e6

2022-05-28T08:08:29

Fix integer overflow in xmlBufferDump() * tree.c: (xmlBufferDump): - Cap the return value to INT_MAX.

c14cac8b

2022-05-25T18:13:07

xmlBufAvail() should return length without including a byte for NUL terminator * buf.c: (xmlBufAvail): - Return the number of bytes available in the buffer, but do not include a byte for the NUL terminator so that it is reserved. * encoding.c: (xmlCharEncFirstLineInput): (xmlCharEncInput): (xmlCharEncOutput): * xmlIO.c: (xmlOutputBufferWriteEscape): - Remove code that subtracts 1 from the return value of xmlBufAvail(). It was implemented inconsistently anyway.

fe9f76eb

2022-05-25T15:58:30

Remove unused xmlBuf functions Remove the following functions: - xmlBufAddHead() - xmlBufErase() - xmlBufInflate() - xmlBufWriteCHAR() - xmlBufWriteChar()

461ef8ac

2022-05-25T14:19:10

Fix double colon typos in xmlBufferResize() Introduced in commit 6c283d83e.

4bc3ebf3

2022-03-19T17:17:40

Fix ownership of xmlNodePtr & xmlAttrPtr fields in xmlSetTreeDoc() When changing `doc` on an xmlNodePtr or xmlAttrPtr, certain fields must either be a free-standing string, or they must be owned by `doc->dict`. The code to make this change was simply missing, so the crash happened when an xmlAttrPtr was being torn down after `doc` changed from non-NULL to NULL, but the `name` field was not copied. This is scenario 1 below. The xmlNodePtr->name and xmlNodePtr->content fields are also fixed at the same time. Note that xmlNodePtr->content is never added to the dictionary, so NULL is used instead of `newDict` to force a free-standing copy. This change covers all cases of dictionary changes: 1. Owned by old dictionary -> NULL new dictionary - Create free-standing copy of string. 2. Owned by old dictionary -> Non-NULL new dictionary - Get string from new dictionary pool. 3. Not owned by old dictionary -> Non-NULL new dictionary - No action necessary (already a free-standing string). 4. Not owned by old dictionary -> NULL new dictionary - No action necessary (already a free-standing string). * tree.c: (_copyStringForNewDictIfNeeded): Add. (xmlSetTreeDoc): - Update xmlNodePtr->name, xmlNodePtr->content and xmlAttrPtr->name when changing the document, if needed. Found by OSS-Fuzz Issue 45132.

0aa8652e

2022-05-20T14:54:49

Use xmlNewDocText in xmlXIncludeCopyRange Otherwise, the initial node of the copy could be a text node with a NULL document. This results in the NULL document being propagated to copies of other nodes, losing information about the dictionary in which node data is stored, and freeing a dict-allocated string. See discussion in !175.

351dbdfe

2022-05-20T14:53:33

Disable network in API tests Avoids hangs when trying to make network connections.

c50196c1

2022-04-10T20:02:47

Fix use-after-free bugs when calling xmlTextReaderClose() before xmlFreeTextReader() on post-validating parser When creating an xmlTextReaderPtr using xmlReaderForMemory(), there are two optional API functions that can be used: - xmlTextReaderClose() may be called prior to calling xmlFreeTextReader() to free parsing resources and close the xmlTextReaderPtr without freeing it. - xmlTextReaderCurrentDoc() may be called to return an xmlDocPtr that's owned by the caller, and must be free using xmlFreeDoc() after calling xmlFreeTextReader(). The use-after-free issues occur when calling xmlTextReaderClose() before xmlFreeTextReader(), with different issues occurring depending on whether xmlTextReaderCurrentDoc() is also called. * xmlreader.c: (xmlFreeTextReader): - Move code to xmlTextReaderClose(), remove duplicate code, and call xmlTextReaderClose() if it hasn't been called yet. (xmlTextReaderClose): - Move call to xmlFreeNode(reader->faketext) from xmlFreeTextReader() to fix a use-after-free bug when calling xmlTextReaderClose() before xmlFreeTextReader(), but not when using xmlTextReaderCurrentDoc(). The bug was introduced in 2002 by commit beb70bd39. In 2009 commit f4653dcd8 fixed the use-after-free that occurred every time xmlFreeTextReader() was called, but not the case where xmlTextReaderClose() was called first. - Move post-parsing validation code from xmlFreeTextReader() to fix a second use-after-free when calling xmlTextReaderClose() before xmlFreeTextReader(). This regressed in v2.9.10 with commit 57a3af56f.

054e46b0

2022-05-14T08:48:01

Restore behavior of htmlDocContentDumpFormatOutput() Patch by J Pascoe of Apple. * HTMLtree.c: (htmlDocContentDumpFormatOutput): - Prior to commit b79ab6e6d92, xmlDoc.type was set to XML_HTML_DOCUMENT_NODE before dumping the HTML output, then restored before returning.

e08d8c37

2022-05-06T10:17:57

Add xptr_locs flag to win32/configure.js The xptr_locs flag was added in commit 67070107 but no flag was added to win32/configure.js, leading a compile error I had on windows where the @WITH_XPTR_LOCS@ macro was not replaced properly on windows.

c1632fbd

2022-05-06T10:58:58

fix typo in comment

e9270ef0

2022-05-06T10:44:03

fix Schematron spelling

6c283d83

2022-03-08T20:10:02

[CVE-2022-29824] Fix integer overflows in xmlBuf and xmlBuffer In several places, the code handling string buffers didn't check for integer overflow or used wrong types for buffer sizes. This could result in out-of-bounds writes or other memory errors when working on large, multi-gigabyte buffers. Thanks to Felix Wilhelm for the report.

433b3186

2022-04-27T12:39:12

Define LFS macros before including system headers xmlstring.h includes stdarg.h, so it must be included after defining macros like _FILE_OFFSET_BITS.

14517012

2022-04-23T19:19:33

Fix parsing of subtracted regex character classes Fixes #370.

d9e1198c

2022-04-23T18:42:35

Redirect examples test output to /dev/null Regressed in commit c61e1273.

d314046f

2022-04-23T17:41:44

Don't try to copy children of entity references This would result in an error, aborting the whole copy operation. Regressed in commit 7618a3b1. Fixes #371.

0c0f2a57

2022-04-21T07:51:23

Port genUnicode.py to Python 3

b31e07db

2022-04-22T20:14:05

testapi: remove leading slash from "/missing.xml" Fixes an error when running tests in a sandbox on Gentoo Linux. Bug: https://bugs.gentoo.org/839804

65b01647

2022-04-21T06:27:33

Build Autotools CI tests out of source tree (VPATH)

ad098030

2022-04-21T06:23:55

Add --with-minimum build to CI tests

c61e1273

2022-04-21T06:03:22

Fix warnings when testing --with-minimum build There's no simple way to make the doc/examples tests handle different configurations. But these tests aren't especially valuable, so remove the result file checks.

4612ce30

2022-04-21T03:52:52

Implement xpath1() XPointer scheme See https://www.w3.org/2005/04/xpointer-schemes/

67070107

2022-04-20T23:17:14

Add configuration flag for XPointer locations support Add a new configuration flag that controls whether the outdated support for XPointer locations (ranges and points) is enabled. --with-xptr-locs # Autotools LIBXML2_WITH_XPTR_LOCS # CMake The latest spec for what it essentially an XPath extension seems to be this working draft from 2002: https://www.w3.org/TR/xptr-xpointer/ The xpointer() scheme is listed as "being reviewed" in the XPointer registry since at least 2006. libxml2 seems to be the only modern software that tries to implement this spec, but the code has many bugs and quality issues. The flag defaults to "off" and support for this extensions has to be requested explicitly. The relevant API functions are deprecated.

9a0be0dc

2022-04-21T01:11:35

Regenerate api.xml and testapi.c

343fc142

2022-04-21T00:45:58

Port gentest.py to Python 3

02709d0f

2022-04-20T19:18:17

Remove remaining definitions of STDC_HEADERS Sync with Autotools build.

270eb712

2022-04-20T14:04:04

cmake: Run all tests when threads are disabled

18bcced9

2022-04-20T13:36:02

cmake: Fix build with thread support Move configure_file(config.h) below pthreads check. Fix regression caused by commit f5659a1.

dbc23ed3

2022-04-13T17:02:50

Also build CI tests with -Werror

7204dbb0

2022-04-13T16:51:49

Don't mix declarations and code in runtest.c

776b0028

2022-04-13T16:46:58

cmake: Disable FTP and legacy modules by default Sync with Autotools build.

e13c8081

2022-04-13T16:45:57

Run CI tests with FTP and legacy modules These modules are disabled by default. Enable them when testing.

cacf6555

2022-04-13T16:43:15

Fix compiler warnings in Python code Add more deprecated functions to avoid compiler warnings when building the Python bindings.

f5659a12

2022-04-13T14:30:54

cmake: Fix build without thread support Only check for pthread.h if threads are enabled. Fixes #367.

44e9118c

2022-04-08T12:33:17

Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars() * HTMLparser.c: (htmlSkipBlankChars): * parser.c: (xmlSkipBlankChars): - Cap the return value at INT_MAX. - The commit range that OSS-Fuzz listed for the fix didn't make any changes to xmlSkipBlankChars(), so it seems like this issue may still exist. Found by OSS-Fuzz Issue 44803.

kc3-lang/libxml2

Log