-
Show log
Commit
-
Hash : 68eadabd
Author :
Date : 2020-07-11T21:32:10
Fix exponential runtime in xmlFARecurseDeterminism In order to prevent visiting a state twice, states must be marked as visited for the whole duration of graph traversal because states might be reached by different paths. Otherwise state graphs like the following can lead to exponential runtime: ->O-->O-->O-->O-->O-> \ / \ / \ / \ / O O O O Reset the "visited" flag only after the graph was traversed. xmlFAComputesDeterminism still has massive performance problems when handling fuzzed input. By design, it has quadratic time complexity in the number of reachable states. Some issues might also stem from redundant epsilon transitions. With this fix, fuzzing regexes with a maximum length of 100 becomes feasible at least. Found with libFuzzer.
-
Files
- .gitattributes
- .gitignore
- .gitlab-ci.yml
- .travis.yml
- AUTHORS
- CMakeLists.txt
- CONTRIBUTING
- ChangeLog
- Copyright
- DOCBparser.c
- HTMLparser.c
- HTMLtree.c
- INSTALL.libxml2
- MAINTAINERS
- Makefile.am
- Makefile.tests
- Makefile.win
- NEWS
- README
- README.cvs-commits
- README.tests
- README.zOS
- SAX.c
- SAX2.c
- TODO
- TODO_SCHEMAS
- VxWorks/
- acinclude.m4
- autogen.sh
- bakefile/
- buf.c
- buf.h
- build_glob.py
- c14n.c
- catalog.c
- check-relaxng-test-suite.py
- check-relaxng-test-suite2.py
- check-xinclude-test-suite.py
- check-xml-test-suite.py
- check-xsddata-test-suite.py
- chvalid.c
- chvalid.def
- config.h.cmake.in
- configure.ac
- dbgen.pl
- dbgenattr.pl
- debugXML.c
- dict.c
- doc/
- elfgcchack.h
- enc.h
- encoding.c
- entities.c
- error.c
- example/
- fuzz/
- genChRanges.py
- genUnicode.py
- gentest.py
- global.data
- globals.c
- hash.c
- include/
- legacy.c
- libxml-2.0-uninstalled.pc.in
- libxml-2.0.pc.in
- libxml.3
- libxml.h
- libxml.m4
- libxml.spec.in
- libxml2-config.cmake.cmake.in
- libxml2-config.cmake.in
- libxml2.doap
- libxml2.syms
- list.c
- macos/
- nanoftp.c
- nanohttp.c
- optim/
- os400/
- parser.c
- parserInternals.c
- pattern.c
- python/
- regressions.py
- regressions.xml
- relaxng.c
- result/
- rngparser.c
- runsuite.c
- runtest.c
- runxmlconf.c
- save.h
- schematron.c
- test/
- testAutomata.c
- testC14N.c
- testHTML.c
- testModule.c
- testOOM.c
- testOOMlib.c
- testOOMlib.h
- testReader.c
- testRegexp.c
- testRelax.c
- testSAX.c
- testSchemas.c
- testThreads.c
- testURI.c
- testXPath.c
- testapi.c
- testchar.c
- testdict.c
- testdso.c
- testlimits.c
- testrecurse.c
- threads.c
- timsort.h
- tree.c
- trio.c
- trio.h
- triodef.h
- trionan.c
- trionan.h
- triop.h
- triostr.c
- triostr.h
- uri.c
- valid.c
- vms/
- win32/
- xinclude.c
- xlink.c
- xml2-config.1
- xml2-config.in
- xml2Conf.sh.in
- xmlIO.c
- xmlcatalog.c
- xmllint.c
- xmlmemory.c
- xmlmodule.c
- xmlreader.c
- xmlregexp.c
- xmlsave.c
- xmlschemas.c
- xmlschemastypes.c
- xmlstring.c
- xmlunicode.c
- xmlwriter.c
- xpath.c
- xpointer.c
- xstc/
- xzlib.c
- xzlib.h
-
Properties
-
README
-
XML toolkit from the GNOME project Full documentation is available on-line at http://xmlsoft.org/ This code is released under the MIT Licence see the Copyright file. To build on an Unixised setup: ./configure ; make ; make install if the ./configure file does not exist, run ./autogen.sh instead. To build on Windows: see instructions on win32/Readme.txt To assert build quality: on an Unixised setup: run make tests otherwise: There is 3 standalone tools runtest.c runsuite.c testapi.c, which should compile as part of the build or as any application would. Launch them from this directory to get results, runtest checks the proper functioning of libxml2 main APIs while testapi does a full coverage check. Report failures to the list. To report bugs, follow the instructions at: http://xmlsoft.org/bugs.html A mailing-list xml@gnome.org is available, to subscribe: http://mail.gnome.org/mailman/listinfo/xml The list archive is at: http://mail.gnome.org/archives/xml/ All technical answers asked privately will be automatically answered on the list and archived for public access unless privacy is explicitly required and justified. Daniel Veillard $Id$