xmlSchemaItemListAdd can reallocate the items array. Update local
variables after adding item in
- xmlSchemaIDCFillNodeTables
- xmlSchemaBubbleIDCNodeTables
Fixes#828.
Another regression related to reading from stdin.
Making a "-" filename read from stdin was deeply baked into the core
IO code but is inherently insecure. I really want to reenable this
dangerous feature as sparingly as possible.
Add a new hidden parser option to make xmllint work. This will likely
turn into a public option that must be opted in later.
Allow compressed stdin in xmlReadFile to support xmlstarlet and older
versions of xsltproc. So far, these are the only known command-line
tools that rely on "-" meaning stdin.
Allow drive letters in URI paths. Technically, these should be treated
as URI schemes, but this is not what users expect. This also makes sure
that paths with drive letters are resolved as filesystem paths and
unescaped, for example when used in libxslt's document() function.
Should fix#832.
Make sure to return NULL for node types except elements or text to match
the old behavior.
Note that CDATA sections are still treated like text nodes and will have
their content returned.
Fixes#838.
The patch fixes the following errors and warnings raised by the
compilation of the library with uClibc:
encoding.c: In function ‘xmlEncInputChunk’:
encoding.c:2209:32: warning: comparison between pointer and integer
2209 | else if (handler->iconv_in != NULL) {
| ^~
encoding.c: In function ‘xmlEncOutputChunk’:
encoding.c:2269:33: warning: comparison between pointer and integer
2269 | else if (handler->iconv_out != NULL) {
| ^~
encoding.c: In function ‘xmlCharEncCloseFunc’:
encoding.c:2681:29: warning: comparison between pointer and integer
2681 | if ((handler->iconv_out != NULL) || (handler->iconv_in != NULL)) {
| ^~
encoding.c:2681:60: warning: comparison between pointer and integer
2681 | if ((handler->iconv_out != NULL) || (handler->iconv_in != NULL)) {
| ^~
encoding.c:2683:32: warning: comparison between pointer and integer
2683 | if (handler->iconv_out != NULL) {
| ^~
encoding.c:2686:32: error: assignment to ‘iconv_t’ {aka ‘long int’} from ‘void *’ makes integer from pointer without a cast [-Wint-conversion]
2686 | handler->iconv_out = NULL;
| ^
encoding.c:2688:31: warning: comparison between pointer and integer
2688 | if (handler->iconv_in != NULL) {
| ^~
encoding.c:2691:31: error: assignment to ‘iconv_t’ {aka ‘long int’} from ‘void *’ makes integer from pointer without a cast [-Wint-conversion]
2691 | handler->iconv_in = NULL;
| ^
make[4]: *** [Makefile:1147: libxml2_la-encoding.lo] Error 1
Signed-off-by: Dario Binacchi <dario.binacchi@amarulasolutions.com>
Passing a NULL systemId results in snprintf("%s", NULL) which crashes on
some platforms. Regressed with commit 4ff2dccf.
Note that systemId should never be NULL during normal parsing. It can
only be NULL if API functions are called with a NULL systemId.
Should fix#825.
When building on Windows, we must link against `Bcrypt` to satisfy the
use of `BCryptGenRandom`. Add this to the link interface in CMake to
allow use of libxml2 as a static library.
Commit 7e14c05d removed unnecessary copying of uncompressed input
through zlib or xzlib. This broke input from non-regular files like
pipes which can't be reopened. Try to detect such files by checking
whether they're seekable and always pipe them through zlib or xzlib.
Also remove seemingly unnecessary calls to gzread and gzrewind to
support unseekable files.
Fixes https://gitlab.gnome.org/GNOME/libxslt/-/issues/124.
Fix a long-standing issue where QNames starting with a non-ASCII
character would be rejected. This became more visible after "streaming"
XPath evaluation was disabled since the latter handled non-ASCII names
correctly.
Fixes#818.
Downstream code like the nginx xslt module can change the document's DTD
pointers in a SAX callback. If an entity from a separate DTD is parsed
lazily, its content must not reference the current document.
Regressed with commit d025cfbb.
Fixes#815.
The check for maximum recursion depth required a parser context with an
xmlXPathContext which xmlXPathCompile didn't provide.
All other code should already set up or require an xmlXPathContext.
Some users set an entity's children manually in the getEntity SAX
callback to restrict entity expansion. This stopped working after
renaming the "checked" member of xmlEntity, making at least one
downstream project and its dependants susceptible to XXE attacks.
See #761.
