-
Show log
Commit
-
Hash : abbda93c
Author :
Date : 2017-09-11T01:14:16
Handle more invalid entity values in recovery mode In attribute content, don't emit entity references if there are problems with the entity value. Otherwise some illegal entity values like <!ENTITY a '&#x123456789;'> would later cause problems like integer overflow. Make xmlStringLenDecodeEntities return NULL on more error conditions including invalid char refs and errors from recursive calls. Remove some fragile error checks based on lastError that shouldn't be needed now. Clear the entity content in xmlParseAttValueComplex if an error was found. Found by OSS-Fuzz. Should fix bug 783052. Also see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3343
-
Files
- .gitignore
- .travis.yml
- AUTHORS
- ChangeLog
- Copyright
- DOCBparser.c
- HACKING
- HTMLparser.c
- HTMLtree.c
- INSTALL.libxml2
- MAINTAINERS
- Makefile.am
- Makefile.tests
- Makefile.win
- NEWS
- README
- README.cvs-commits
- README.tests
- README.zOS
- SAX.c
- SAX2.c
- TODO
- TODO_SCHEMAS
- VxWorks/
- acinclude.m4
- autogen.sh
- bakefile/
- buf.c
- buf.h
- build_glob.py
- c14n.c
- catalog.c
- check-relaxng-test-suite.py
- check-relaxng-test-suite2.py
- check-xinclude-test-suite.py
- check-xml-test-suite.py
- check-xsddata-test-suite.py
- chvalid.c
- chvalid.def
- configure.ac
- dbgen.pl
- dbgenattr.pl
- debugXML.c
- dict.c
- doc/
- elfgcchack.h
- enc.h
- encoding.c
- entities.c
- error.c
- example/
- genChRanges.py
- genUnicode.py
- gentest.py
- global.data
- globals.c
- hash.c
- include/
- legacy.c
- libxml-2.0-uninstalled.pc.in
- libxml-2.0.pc.in
- libxml.3
- libxml.h
- libxml.m4
- libxml.spec.in
- libxml2-config.cmake.in
- libxml2.doap
- libxml2.syms
- list.c
- macos/
- nanoftp.c
- nanohttp.c
- optim/
- os400/
- parser.c
- parserInternals.c
- pattern.c
- python/
- regressions.py
- regressions.xml
- relaxng.c
- result/
- rngparser.c
- runsuite.c
- runtest.c
- runxmlconf.c
- save.h
- schematron.c
- test/
- testAutomata.c
- testC14N.c
- testHTML.c
- testModule.c
- testOOM.c
- testOOMlib.c
- testOOMlib.h
- testReader.c
- testRegexp.c
- testRelax.c
- testSAX.c
- testSchemas.c
- testThreads.c
- testThreadsWin32.c
- testURI.c
- testXPath.c
- testapi.c
- testchar.c
- testdict.c
- testdso.c
- testlimits.c
- testrecurse.c
- threads.c
- timsort.h
- tree.c
- trio.c
- trio.h
- triodef.h
- trionan.c
- trionan.h
- triop.h
- triostr.c
- triostr.h
- uri.c
- valid.c
- vms/
- win32/
- xinclude.c
- xlink.c
- xml2-config.1
- xml2-config.in
- xml2Conf.sh.in
- xmlIO.c
- xmlcatalog.c
- xmllint.c
- xmlmemory.c
- xmlmodule.c
- xmlreader.c
- xmlregexp.c
- xmlsave.c
- xmlschemas.c
- xmlschemastypes.c
- xmlstring.c
- xmlunicode.c
- xmlwriter.c
- xpath.c
- xpointer.c
- xstc/
- xzlib.c
- xzlib.h
-
Properties
-
README
-
XML toolkit from the GNOME project Full documentation is available on-line at http://xmlsoft.org/ This code is released under the MIT Licence see the Copyright file. To build on an Unixised setup: ./configure ; make ; make install To build on Windows: see instructions on win32/Readme.txt To assert build quality: on an Unixised setup: run make tests otherwise: There is 3 standalone tools runtest.c runsuite.c testapi.c, which should compile as part of the build or as any application would. Launch them from this directory to get results, runtest checks the proper functionning of libxml2 main APIs while testapi does a full coverage check. Report failures to the list. To report bugs, follow the instructions at: http://xmlsoft.org/bugs.html A mailing-list xml@gnome.org is available, to subscribe: http://mail.gnome.org/mailman/listinfo/xml The list archive is at: http://mail.gnome.org/archives/xml/ All technical answers asked privately will be automatically answered on the list and archived for public access unless privacy is explicitly required and justified. Daniel Veillard $Id$