-
Show log
Commit
-
Hash : 8598060b
Author :
Date : 2021-05-13T14:55:12
Patch for security issue CVE-2021-3541 This is relapted to parameter entities expansion and following the line of the billion laugh attack. Somehow in that path the counting of parameters was missed and the normal algorithm based on entities "density" was useless.
-
Files
- .gitattributes
- .gitignore
- .gitlab-ci.yml
- .travis.yml
- AUTHORS
- CMakeLists.txt
- CONTRIBUTING
- ChangeLog
- Copyright
- DOCBparser.c
- HTMLparser.c
- HTMLtree.c
- INSTALL.libxml2
- MAINTAINERS
- Makefile.am
- Makefile.tests
- Makefile.win
- NEWS
- README
- README.cvs-commits
- README.tests
- README.zOS
- SAX.c
- SAX2.c
- TODO
- TODO_SCHEMAS
- VxWorks/
- acinclude.m4
- autogen.sh
- bakefile/
- buf.c
- buf.h
- build_glob.py
- c14n.c
- catalog.c
- check-relaxng-test-suite.py
- check-relaxng-test-suite2.py
- check-xinclude-test-suite.py
- check-xml-test-suite.py
- check-xsddata-test-suite.py
- chvalid.c
- chvalid.def
- config.h.cmake.in
- configure.ac
- dbgen.pl
- dbgenattr.pl
- debugXML.c
- dict.c
- doc/
- elfgcchack.h
- enc.h
- encoding.c
- entities.c
- error.c
- example/
- fuzz/
- genChRanges.py
- genUnicode.py
- gentest.py
- global.data
- globals.c
- hash.c
- include/
- legacy.c
- libxml-2.0-uninstalled.pc.in
- libxml-2.0.pc.in
- libxml.3
- libxml.h
- libxml.m4
- libxml.spec.in
- libxml2-config.cmake.cmake.in
- libxml2-config.cmake.in
- libxml2.doap
- libxml2.syms
- list.c
- macos/
- nanoftp.c
- nanohttp.c
- optim/
- os400/
- parser.c
- parserInternals.c
- pattern.c
- python/
- regressions.py
- regressions.xml
- relaxng.c
- result/
- rngparser.c
- runsuite.c
- runtest.c
- runxmlconf.c
- save.h
- schematron.c
- test/
- testAutomata.c
- testC14N.c
- testHTML.c
- testModule.c
- testOOM.c
- testOOMlib.c
- testOOMlib.h
- testReader.c
- testRegexp.c
- testRelax.c
- testSAX.c
- testSchemas.c
- testThreads.c
- testURI.c
- testXPath.c
- testapi.c
- testchar.c
- testdict.c
- testdso.c
- testlimits.c
- testrecurse.c
- threads.c
- timsort.h
- tree.c
- trio.c
- trio.h
- triodef.h
- trionan.c
- trionan.h
- triop.h
- triostr.c
- triostr.h
- uri.c
- valid.c
- vms/
- win32/
- xinclude.c
- xlink.c
- xml2-config.1
- xml2-config.in
- xml2Conf.sh.in
- xmlIO.c
- xmlcatalog.c
- xmllint.c
- xmlmemory.c
- xmlmodule.c
- xmlreader.c
- xmlregexp.c
- xmlsave.c
- xmlschemas.c
- xmlschemastypes.c
- xmlstring.c
- xmlunicode.c
- xmlwriter.c
- xpath.c
- xpointer.c
- xstc/
- xzlib.c
- xzlib.h
-
Properties
-
README
-
XML toolkit from the GNOME project Full documentation is available on-line at http://xmlsoft.org/ This code is released under the MIT Licence see the Copyright file. To build on an Unixised setup: ./configure ; make ; make install if the ./configure file does not exist, run ./autogen.sh instead. To build on Windows: see instructions on win32/Readme.txt To assert build quality: on an Unixised setup: run make tests otherwise: There is 3 standalone tools runtest.c runsuite.c testapi.c, which should compile as part of the build or as any application would. Launch them from this directory to get results, runtest checks the proper functioning of libxml2 main APIs while testapi does a full coverage check. Report failures to the list. To report bugs, follow the instructions at: http://xmlsoft.org/bugs.html A mailing-list xml@gnome.org is available, to subscribe: http://mail.gnome.org/mailman/listinfo/xml The list archive is at: http://mail.gnome.org/archives/xml/ All technical answers asked privately will be automatically answered on the list and archived for public access unless privacy is explicitly required and justified. Daniel Veillard $Id$