kc3-lang/libxml2
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
22f9d730 | 2025-10-15 15:39:43 | io: Handle clashing error codes on AIX Regressed with 2c2578b6f. Fixes #999. | |
|
870c0363 | 2025-10-13 22:58:38 | fuzz: Make fuzzy encoding match more lenient This should account for possible iconv suffixes. | |
|
367a283b | 2025-10-07 01:05:03 | tree: Undeprecate several struct members | |
|
3a3faaa2 | 2025-09-30 18:05:32 | Document process to remove API functions in MAINTAINERS.md | |
|
2f62ebb3 | 2025-09-29 11:04:03 | io: Undeprecate xmlOutputBuffer members The public API is too buggy, so direct access to struct members is required by projects like libxslt. | |
|
d87d9477 | 2025-09-29 10:46:47 | Revert "globals: Don't export DllMain on Windows" This reverts commit bd2072f8d025e7a37d527b23b84698460c5798bf. Apparently, this change would require to recompile downstream code. | |
|
bd2072f8 | 2025-09-27 19:07:38 | globals: Don't export DllMain on Windows This shouldn't be done and lld 21 warns about it: https://github.com/msys2/MINGW-packages/issues/17820 https://github.com/msys2/MINGW-packages/issues/25716 Regressed with f05af837. | |
|
a30a2764 | 2025-09-26 16:29:10 | valid: Undeprecate xmlValidGetPotentialChildren Fixes #988. | |
 |
c537ccf0 | 2025-09-25 11:29:05 | Fixed compilation error on GCC versions prior to 4.5 The deprecated attribute started accepting an optional string argument in GCC version 4.5. Compiling libxml2 with GCC versions prior to that would cause compilation errors such as: ``` ./include/libxml/xmlmemory.h:134: error: wrong number of arguments specified for 'deprecated' attribute ``` Now the string argument is omitted for older versions of GCC. Signed-off-by: Lars Erik Wik <lars.erik.wik@northern.tech> | |
|
da45a190 | 2025-09-19 13:39:41 | parser: Fix attribute normalization and standalone check Regressed with e4cbc295. | |
|
dc307e31 | 2025-09-17 11:10:51 | meson: Fix install dir of man pages Regressed when reworking documentation in 2.15. Fixes #985. | |
|
48df82f6 | 2025-09-15 13:57:12 | Bump version to 2.16.0 | |
|
0bea77c8 | 2025-09-15 13:34:13 | Release v2.15.0 | |
|
b9943bca | 2025-09-10 18:04:57 | Remove legacy win32 build system | |
|
347147b5 | 2025-09-08 16:02:59 | Update NEWS | |
|
1763281c | 2025-09-08 15:29:23 | Remove LZMA support | |
|
063add1b | 2025-09-08 15:14:33 | parser: Always require XML_PARSE_UNZIP to enable decompression | |
|
8c107b69 | 2025-09-08 14:59:24 | Revert "dict: Rework reference counting" This reverts commit 18bbdb51175f309aef40fa5254af34e322be7783 due to lack of feedback. | |
|
13962f82 | 2025-08-25 12:29:55 | valid: Fix null deref in xmlValidateOneAttribute Short-lived regression from d53ba058. | |
|
e397651a | 2025-08-24 20:08:17 | cmake: Omit version number from cmake install dir Align with other build systems. Fixes #973. | |
|
d53ba058 | 2025-08-23 14:59:50 | valid: Don't add ids when validating entity content The id table shouldn't reference ids in entities. The id will be created when expanding the entity. Probably regressed with d025cfbb. Note that we still register ids in entities if entities are not replaced. This is required to make IDREF checks work. Fixes #974. | |
|
56199b5c | 2025-08-17 15:58:09 | catalog: Prepare to make SGML catalog support optional | |
|
e2fdef45 | 2025-08-17 15:54:04 | tests: Update testapi.c | |
|
591f19eb | 2025-08-17 14:35:08 | catalog: Deprecate low-level internal functions | |
 |
5bd6b44d | 2025-08-20 10:18:25 | Fix initGenericErrorDefaultFunc(NULL) Calling initGenericErrorDefaultFunc(NULL) currently yields to /usr/include/libxml2/libxml/xmlerror.h:23:45: error: invalid use of void expression 23 | xmlSetGenericErrorFunc(NULL, (h) ? *(h) : NULL) Indeed, even if h is nul, the compiler will try to give a type to *(h), which can't work. | |
 |
ca10c7d7 | 2025-07-24 18:10:25 | relaxng: Added xmlRelaxNGValidCtxtClearErrors to recover from errors during streaming validation This allows to perform XML element validation skipping errors without recreating a validation context. Tested it in runsuite.c in the rngTestStreaming() method. Also added xmlRegExecClearErrors(exec) as necessary. | |
|
f92a7a50 | 2025-08-16 14:55:29 | ci: Fix MSVC test by setting CMake generator manually Visual Studio 2017 was removed from the Windows runners, but CMake still picked it up for some reason. | |
|
18bbdb51 | 2025-08-16 14:36:43 | dict: Rework reference counting Use C11 atomics if available. Otherwise, fall back to pthread mutex inlined in xmlDict struct or Win32 atomics. This should fix lock contention reported in #970. | |
|
24caea63 | 2025-08-12 13:18:46 | regexp: Avoid integer overflow and OOB array access Limit size of 2D arrays to XML_MAX_ITEMS (1e9) to avoid overflow of int indexes. Fixes #950. | |
|
c4b278ec | 2025-08-11 13:44:56 | valid: Undeprecate xmlAdd*Decl Fixes #969. | |
|
f1e1f13b | 2025-08-05 22:26:27 | tree: Guard against atype corruption Always remove ids if `id` member is set. Untested, but this should fix CVE-2025-7425 reported against libxslt: https://gitlab.gnome.org/GNOME/libxslt/-/issues/140 | |
|
152fbb60 | 2025-08-02 21:27:32 | parser: Make sure to stop parser before checking max errors Short-lived regression from 7a41b18c. | |
|
149c04c0 | 2025-08-02 14:59:02 | html: Escape < and > when serializing attributes This reverts the change in cdaf657f. Coincidentally, the HTML spec just changed to mandate the old escaping behavior: https://github.com/whatwg/html/issues/6235 Fixes #957. | |
|
3b96ec75 | 2025-08-02 14:12:17 | doc: Document deprecated default SAX handler globals | |
|
00314882 | 2025-08-01 15:30:33 | meson: Add -Wmissing-variable-declarations Originally clang-only, gcc supports this option since version 14. This catches errors like #961. | |
|
37bd4b28 | 2025-08-01 15:30:08 | globals: Include HTMLparser.h, fixing Windows build Regressed with c011e760 and 85bd58ef. Fixes #961. | |
|
43f7ff0a | 2025-08-01 15:27:11 | tests: Make global variables static | |
|
84369160 | 2025-07-27 12:55:11 | doc: Add another warning to XML_PARSE_DTDVALID While most parts of libxml2, including the parser, are still vulnerable to such attacks, it is unlikely that DTD validation will ever be fixed. | |
|
859899a8 | 2025-07-26 22:20:58 | doc: Document option handling of deprecated "SAX1" functions | |
|
ab4a7f30 | 2025-07-23 02:22:43 | doc: Document deprecated xmlBuffer members | |
|
af464de1 | 2025-07-23 02:20:13 | io: Deprecate xmlOutputBuffer members | |
|
6c018854 | 2025-07-23 02:15:40 | io: Deprecate xmlParserInputBuffer members | |
|
2cc77c3a | 2025-07-31 15:05:55 | fuzz: Stop using xmlParserInputBuffer | |
|
7deae0f8 | 2025-07-31 14:35:11 | python: Switch to *CreateIO functions Avoid using deprecated struct members. | |
|
d1c3391e | 2025-07-23 01:05:46 | tests: Silence testparser Regressed with bd9d5e39. | |
|
8689523a | 2025-07-22 23:57:03 | parser: Implement xmlCtxtGetInputWindow See #762. | |
|
469c847f | 2025-07-22 23:44:10 | parser: Split out xmlParserInputGetWindow | |
|
8aaa53d7 | 2025-07-22 22:38:50 | parser: Implement xmlCtxtGetInputPosition See #762. | |
|
144ed959 | 2025-07-22 22:38:05 | parser: Move xmlSaturatedAdd to private header | |
|
e3daef5c | 2025-07-22 22:31:02 | parser: Fix xmlSaturatedAddSizeT argument type This is only used for entity size accounting. The bug only affected platforms where sizeof(long) != sizeof(size_t) and was probably harmless. | |
|
a7fc9e1a | 2025-07-22 20:50:13 | parser: Add more parser context accessors The only thing remaining is access to parser input, see #762. | |
|
a2562b9d | 2025-07-22 12:15:37 | doc: Improve documentation of error levels | |
|
7a41b18c | 2025-07-22 01:08:38 | parser: Remove xmlHaltParser Always halt the parser on resource limit and entity loop errors and remove the remaining calls which seem unnecessary. | |
|
cdf4c6f1 | 2025-07-21 22:43:57 | doc: Mention XML_PARSE_NOERROR in more places | |
|
77700d3d | 2025-07-21 13:00:19 | doc: Mention tree API bugs in old versions | |
|
c5e7ff09 | 2025-07-21 12:26:36 | tree: More xmlNodeParseContent cleanup - Rename to xmlNodeParseAttValue - Rework argument types - Remove wrapper function | |
 |
408bd0e1 | 2025-07-24 11:09:29 | const up allowPCData similar to htmlScriptAttributes | |
|
0a4fe2f9 | 2025-07-20 18:52:06 | io: Fix argument type See c70d88f1 and #951. | |
|
e1174057 | 2025-07-20 13:05:25 | tree: Don't reference recursive entities in xmlNodeParseContent Improve protection against entity cycles when using tree API. | |
|
c70d88f1 | 2025-07-20 13:03:59 | io: Fix reading from pipes like stdin on Windows On Windows, lseek doesn't return an error on unseekable streams like pipes. Fixes #951. | |
 |
8f1cc915 | 2025-07-18 22:43:49 | CMake: Add selector to CMAKE_DL_LIBS transformation At the time of writing, on AIX, the CMAKE_DL_LIBS is set to "-lld", which presents the dependency for using dynamic loading on some old AIX versions. This ensures that resulting list of linker flags on AIX is also properly formatted (without adding additional "-l"). | |
|
a3d2c177 | 2025-07-17 16:01:11 | CMake: Fix dlopen check Systems can have dlopen symbol in various libraries. For example, on Haiku, dlopen is in 'root' library, which is linked by default. The CMAKE_DL_LIBS variable is automatically set by CMake and contains the name of the library or libraries that contain dynamic loading functionality. CMakePushCheckState checks for the symbol in isolation, so the required libraries variable can be modified. | |
|
4d69f91b | 2025-07-14 17:19:01 | valid: Make validation fail if warnings cause OOM error Make xmlErrValidWarning return -1 on malloc failures. | |
|
0c948334 | 2025-07-10 11:23:44 | html: Add newline to error message | |
|
bc0bb67b | 2025-07-10 11:20:22 | html: Don't abort on encoding errors Always enable recovery mode when parsing HTML, so we don't raise fatal errors. Regressed with 462bf0b7. Fixes #947. | |
|
3773bb3f | 2025-07-09 16:08:10 | tree: Make sure that SIZE_MAX is defined | |
|
6340f392 | 2025-07-05 17:08:00 | doc: Document HTML type aliases | |
|
bd9d5e39 | 2025-07-09 13:10:31 | parser: Fix handling of invalid char refs in recovery mode Revert to the old behavior which handles invalid char refs more gracefully. Probably regressed with 37c6618b (version 2.13.0). | |
|
6c796b37 | 2025-06-22 17:46:13 | doc: Misc fixes | |
|
c7a9ef1d | 2025-07-04 16:20:28 | doc: Document struct typedefs Unfortunately, Doxygen's TYPDEF_HIDES_STRUCT option is too broken. Document struct typedefs to make autolinks work. | |
|
71e1e8af | 2025-07-04 14:28:26 | schematron: Fix memory safety issues in xmlSchematronReportOutput Fix use-after-free (CVE-2025-49794) and type confusion (CVE-2025-49796) in xmlSchematronReportOutput. Fixes #931. Fixes #933. | |
|
24d7e159 | 2025-07-04 12:19:20 | schematron: Complete fix for CVE-2025-49795 - Fix memory leaks - Fix tests | |
 |
499bcb78 | 2025-06-21 12:11:30 | Schematron: Fix null pointer dereference leading to DoS (CVE-2025-49795) Fixes #932 | |
|
069bcda1 | 2025-06-20 23:05:00 | Fix potential buffer overflows of interactive shell CVE-2025-6170 Fixes #941 | |
|
c34742f3 | 2025-06-30 16:23:03 | tests: Fix build --without-output | |
|
9553695d | 2025-06-30 16:15:15 | relaxng: Make xmlRelaxNGDump depend on debug option | |
 |
9760a14f | 2025-06-30 13:47:33 | relaxng: In the simplification step also unlink notAllowed refs from choice This fixes false reports of non allowed content compared to notAllowed as tag within the choice tag. | |
|
56a767ed | 2025-06-28 02:35:14 | doc: Small fix | |
|
0d52684e | 2025-06-28 02:34:33 | parser: Don't set dict limit when setting options This is done in xmlCtxtInitializeLate. | |
|
1b737cc8 | 2025-06-27 19:52:54 | parser: Another fix to ]]> detection in push parser The original fix for issue #850 in commit 9efe1414 was incomplete. | |
|
70dc8ca0 | 2025-06-27 18:54:18 | xpath: Add extra info to some error messages Fixes #660. | |
 |
ac5fcb0e | 2025-06-25 15:24:24 | relaxng: ensure thread safe global initialization Relying on a plain integer flag, with no synchronization primitives does not give thread-safe initialization. All reads & writes of the xmlSchemaTypesInitialized flag need to be protected by a mutex to ensure suitable memory barriers & thus correct ordering wrt any speculative execution. A separate internal initializer tied to xmlParserInit is used to create the mutex used for synchronization, similarly to how catalog.c works. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> | |
|
80798c40 | 2025-06-25 15:24:24 | xmlschemastypes: ensure thread safe global initialization Relying on a plain integer flag, with no synchronization primitives does not give thread-safe initialization. All reads & writes of the xmlSchemaTypesInitialized flag need to be protected by a mutex to ensure suitable memory barriers & thus correct ordering wrt any speculative execution. A separate internal initializer tied to xmlParserInit is used to create the mutex used for synchronization, similarly to how catalog.c works. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> | |
|
63f98ee8 | 2025-06-25 14:27:37 | tests: Skip functions taking va_lists in testapi.c See !325. | |
|
d4355722 | 2025-06-25 13:45:32 | xmllint: Print document even in case of XInclude errors Keep printing the document while still reporting XInclude errors to match the old behavior. | |
|
413cdfb3 | 2025-06-25 12:37:37 | html: Fix push parsing of doctype decls Don't set state to "content" as we might still be in "misc" or "prolog". | |
|
ad0f5d27 | 2025-06-24 13:02:13 | tree: Fix xmlGetNodePath - Fix quadratic behavior - Don't truncate names Fixes #715. | |
|
22246f21 | 2025-06-23 22:49:28 | schemas: Fix compilation with pre-C99 MSVC Regressed with f307237e. Fixes #944. | |
|
7cfa3a26 | 2025-06-22 22:52:47 | reader: Remove unused member xinclude_name | |
|
6c5b5552 | 2025-06-22 22:49:58 | debug: Remove obsolete handling of special case The "nbktext" code was removed. | |
|
24628f25 | 2025-06-22 22:18:36 | valid: Don't store attribute defaults in dictionary In general, we should only use dicts for names and not values. | |
|
600742f0 | 2025-06-22 20:18:40 | valid: Unconst local variable in xmlValidateElement | |
|
7c913850 | 2025-06-22 20:12:48 | parser: Remove unnecessary dict checks when freeing strings The following strings are never allocated from a dict: - xmlParserCtxt.version - xmlParserCtxt.encoding - xmlParserCtxt.extSubURI - xmlParserCtxt.extSubSystem - xmlDoc.version - xmlDoc.encoding - xmlDoc.URL - xmlDTD.ExternalID - xmlDTD.SystemID - xmlID.value Also make the struct members point to non-const chars to avoid casts when freeing. | |
|
607708b3 | 2025-06-22 19:18:20 | valid: Don't store ID values in document's dictionary ID values are unique. There's some potential for them to be reused as references, but storing them in the dictionary can make the dictionary grow in proportion to the document. Users like lxml replace the `ids` hash table to avoid this. It seems like a good idea to stop using the dictionary for ID values. | |
|
ea91a507 | 2025-06-22 16:45:49 | doc: Generate documentation with Doxygen 1.14 The 1.14.0 release fixes a serious bug with autolinks. Note that the downstream tests now run on Ubuntu with libxml2 and libxslt built on Arch. This seems to work but could break at a later point. Fixes #929. | |
|
3652fc28 | 2025-06-22 17:09:42 | doc: Fix installation with newer Doxygen Newer versions don't generate PNG files anymore. Simply use *.* as wildcard. | |
|
404aedbd | 2025-06-22 15:46:09 | doc: Improve xmllint documentation | |
|
dd2b4091 | 2025-06-18 13:55:37 | xmllint: Add --strict-namespace option Use xmlCtxtGetStatus() after parsing. If status indicates a namespace error while the --strict-namespace option is enabled, xmllint will exit with XMLLINT_ERR_RDFILE error Fixes #698 | |
|
bf26cf9d | 2025-06-20 21:24:44 | xmllint: Replace boolean application options with single flag member Take all of the boolean application options and create a bitmask for each of them. Then use just a single unsigned member to keep track off all of them (regardless of precompile directives) | |
|
be812e1e | 2025-06-20 19:34:12 | xmllint: Rename options -> parseOptions Make it more obvious the options are related to XML parsing |