c/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2 synced 2025-03-28 21:33:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,330 Commits 9 Branches 228 Tags
Commit Graph

93 Commits

Author SHA1 Message Date
Nick Wellnhofer
e91061eb9f hash: Fix false positive from -fanalyzer 2025-03-14 02:32:23 +01:00
Nick Wellnhofer
3d37ff84c3 globals: Also use global state struct if threads are disabled 2025-03-04 16:54:41 +01:00
Nick Wellnhofer
cd491ac07d dict: Handle ENOSYS from getentropy gracefully 
Also add some comments.

Should fix #854.
 2025-02-02 13:23:20 +01:00
Nick Wellnhofer
e1657f3f27 build: Use AC_CHECK_DECLS/check_symbol_exists for getentropy 
This assumes that getentropy is declared in sys/random.h.

Should fix issues on iOS. See #774.
 2024-07-22 17:03:27 +02:00
Nick Wellnhofer
728869809e error: Add helper functions to print errors and abort 2024-07-15 16:33:38 +02:00
Nick Wellnhofer
84a4f84c1c build: Don't check for required headers and functions 
Unless we are on Windows, the following POSIX headers are required.
They're part of the earliest POSIX specs and it doesn't make sense to
check for them.

- fcntl.h
- unistd.h
- sys/stat.h
- sys/time.h

On Windows, io.h, fcntl.h and sys/stat.h are always available.
 2024-06-22 18:41:00 +02:00
Nick Wellnhofer
e75e878e02 doc: Update and fix documentation 2024-05-20 14:23:39 +02:00
Nick Wellnhofer
595ee5bc1d dict: Include unistd.h for getentropy 2024-02-14 14:39:19 +01:00
Nick Wellnhofer
9c2c87b55d dict: Move local RNG state to global state 
Don't use TLS variables directly.
 2023-12-24 16:24:34 +01:00
Nick Wellnhofer
2e9e758d1e dict: Get random seed from system PRNG 2023-12-24 16:24:34 +01:00
makise-homura
c1e9f761e0 Avoid EDG -Woverflow warnings on truncating conversions by manually truncating operand 2023-11-22 05:34:56 +00:00
Nick Wellnhofer
272cb22313 dict: Fix '__thread' before 'static' 
When used with extern or static, __thread must appear immediately after
the other storage class specifier.

Fixes #621.
 2023-11-20 14:24:13 +01:00
Nick Wellnhofer
5859849454 parser: Fix combination of hash values 
This bug resulted in a stuck bit in hash values which can have a severe
performance impact.
 2023-11-04 23:50:02 +01:00
Nick Wellnhofer
a7b037952f doc: Minor fixes for apibuild.py 2023-11-04 19:32:48 +01:00
Nick Wellnhofer
7dfcea03c3 dict: Fix integer overflow in xmlDictAddString 
Short-lived regression.

Older versions didn't check for integer overflow, but limited name
length to INT_MAX / 2. Reintroduce this limit.

Found by OSS-Fuzz.
 2023-10-11 18:02:23 +02:00
Nick Wellnhofer
71aae4e98b dict: Compare strings with strncmp 
Using memcmp can result in OOB reads.

Short-lived regression found by OSS-Fuzz.
 2023-10-02 14:52:40 +02:00
Nick Wellnhofer
f0a703dac8 dict: Fix null-deref with empty subdict 
Short lived regression found by OSS-Fuzz.
 2023-09-30 17:05:47 +02:00
Nick Wellnhofer
61e29b6949 malloc-fail: Grow hash tables before making allocations 
Fix short-lived memory leak found by OSS-Fuzz.
 2023-09-30 17:02:46 +02:00
Nick Wellnhofer
19161bab15 dict: Internal API to look up hash values 2023-09-29 12:43:08 +02:00
Nick Wellnhofer
d147f5644e dict: Rewrite dictionary hash table code 
Rewrite the dictionary hash table to use open addressing with Robin Hood
probing. See previous commit.
 2023-09-29 12:41:37 +02:00
Nick Wellnhofer
1425d8f67b dict: Separate RNG code 2023-09-29 00:15:40 +02:00
Nick Wellnhofer
699299cae3 globals: Stop including globals.h 2023-09-20 22:07:40 +02:00
Nick Wellnhofer
05c283052d dict: Stop using uint32_t 
stdint.h is a C99 header.
 2023-09-04 16:07:40 +02:00
Nick Wellnhofer
f45abbd3e5 dict: Fix integer overflow of string lengths 
Fixes #546.
 2023-09-04 16:07:40 +02:00
Nick Wellnhofer
edc2dd48cb dict: Update hash function 
Update hash function from classic Jenkins OAAT (dict.c) and a variant of
DJB2 (hash.c) to "GoodOAAT" taken from the SMHasher repo. This hash
function passes all SMHasher tests.
 2023-09-04 16:07:23 +02:00
Nick Wellnhofer
c5989473b9 dict: Use thread-local storage for PRNG state 2023-09-01 14:52:11 +02:00
Nick Wellnhofer
57cfd221a6 dict: Use xoroshiro64** as PRNG 
Stop using rand_r. This enables hash randomization on all platforms.
 2023-09-01 14:52:04 +02:00
Nick Wellnhofer
6d7aaaa835 dict: Tune hash table growth 
Introduce load factor as main trigger and increase MAX_HASH_LEN. This
should make growth behavior more predictable.

Raise size limit to INT_MAX. This avoids quadratic behavior with larger
tables.
 2023-09-01 14:51:55 +02:00
Nick Wellnhofer
7f3f3f115f dict: Raise MAX_DICT_HASH limit 
This fixes quadratic behavior with large dictionaries.

Also rework testdict.c to support tests with larger dictionaries.
 2023-05-03 19:40:57 +02:00
Nick Wellnhofer
547edbf1cb [CVE-2023-29469] Hashing of empty dict strings isn't deterministic 
When hashing empty strings which aren't null-terminated,
xmlDictComputeFastKey could produce inconsistent results. This could
lead to various logic or memory errors, including double frees.

For consistency the seed is also taken into account, but this shouldn't
have an impact on security.

Found by OSS-Fuzz.

Fixes #510.
 2023-04-11 14:29:59 +02:00
Nick Wellnhofer
8c2e508b5e gitlab-ci: Enable all "integer" sanitizers 2023-03-12 14:45:14 +01:00
Nick Wellnhofer
65d381f32c threads: Allocate mutexes statically 2022-11-25 15:12:56 +01:00
Nick Wellnhofer
9ef80ff1a9 memory: Remove xmlDictInitialized 
Call xmlInitParser when creating dicts instead.
 2022-11-25 15:02:04 +01:00
Nick Wellnhofer
ed053c50cf dict: Make init/cleanup functions private 2022-11-25 15:02:04 +01:00
Nick Wellnhofer
b6f1298ae7 warnings: Remove set-but-unused variables 
Fixes compiler warnings with clang 15.
 2022-10-25 19:34:38 +02:00
Nick Wellnhofer
ad338ca737 Remove explicit integer casts 
Remove explicit integer casts as final operation

- in assignments
- when passing arguments
- when returning values

Remove casts

- to the same type
- from certain range-bound values

The main motivation is that these explicit casts don't change the result
of operations and only render UBSan's implicit-conversion checks
useless. Removing these casts allows UBSan to detect cases where
truncation or sign-changes occur unexpectedly.

Document some explicit casts as truncating and add a few missing ones.
 2022-09-01 02:33:57 +02:00
Nick Wellnhofer
0f568c0b73 Consolidate private header files 
Private functions were previously declared

- in header files in the root directory
- in public headers guarded with IN_LIBXML
- in libxml.h
- redundantly in source files that used them.

Consolidate all private header files in include/private.
 2022-08-26 02:11:56 +02:00
Nick Wellnhofer
3241c47c1f Use non-recursive mutex in dict.c 
The mutex is never locked recursively.
 2022-03-06 16:01:51 +01:00
Nick Wellnhofer
40483d0ce2 Deprecate module init and cleanup functions 
These functions shouldn't be part of the public API. Most init
functions are only thread-safe when called from xmlInitParser. Global
variables should only be cleaned up by calling xmlCleanupParser.
 2022-03-06 15:59:43 +01:00
Nick Wellnhofer
72119afe00 Don't check for standard C89 library functions 
Don't check for

- fprintf
- localtime
- printf
- rand
- sprintf
- srand
- sscanf
- strftime
- time
- vfprintf
- vsprintf

If the C99 functions snprintf and vsnprintf are missing, Trio is
enabled.
 2022-03-02 01:14:08 +01:00
Nick Wellnhofer
776d15d383 Don't check for standard C89 headers 
Don't check for

- ctype.h
- errno.h
- float.h
- limits.h
- math.h
- signal.h
- stdarg.h
- stdlib.h
- string.h
- time.h

Stop including non-standard headers

- malloc.h
- strings.h
 2022-03-02 00:43:54 +01:00
Nick Wellnhofer
346c3a930c Remove elfgcchack.h 
The same optimization can be enabled with -fno-semantic-interposition
since GCC 5. clang has always used this option by default.
 2022-02-20 21:49:04 +01:00
Nick Wellnhofer
20c60886e4 Fix typos 
Resolves #133.
 2020-03-08 17:41:53 +01:00
Ranier Vilela
3c8a3e9922 Use random seed in xmlDictComputeFastKey 
xmlDictComputeFastKey is only used for small tables, so this shouldn't
be a security problem.
 2019-11-11 14:10:28 +01:00
Nick Wellnhofer
b88ae6d2e1 Avoid ignored attribute warnings under GCC 
GCC doesn't support the unsigned-integer-overflow sanitizer.
 2019-10-14 15:40:32 +02:00
Jared Yanovich
2a350ee9b4 Large batch of typo fixes 
Closes #109.
 2019-09-30 18:04:38 +02:00
Nick Wellnhofer
44e7a0d5f7 Annotate functions with __attribute__((no_sanitize)) 2019-05-20 13:38:22 +02:00
Nick Wellnhofer
fa3166c227 Disable hash randomization when fuzzing 
Use the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION macro proposed by
libFuzzer.
 2019-04-12 12:06:34 +02:00
J. Peter Mugaas
d2c329a9a4 Fix -Wimplicit-fallthrough warnings 
Add "falls through" comments to quench implicit-fallthrough warnings
which are enabled by -Wextra under GCC 7.
 2017-10-21 13:49:31 +02:00
Nick Wellnhofer
6472dfe337 Fix a couple of warnings in dict.c and threads.c 
Only visible on Windows.
 2017-10-09 16:52:15 +02:00