c/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2 synced 2025-03-28 21:33:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,275 Commits 9 Branches 228 Tags
Commit Graph

337 Commits

Author SHA1 Message Date
Nick Wellnhofer
63dfcca670 fuzz: Reduce initial array size 2025-02-20 12:22:12 +01:00
Nick Wellnhofer
8c8753ad52 [CVE-2025-24928] Fix stack-buffer-overflow in xmlSnprintfElements 
Fixes #847.
 2025-02-18 15:07:51 +01:00
Zak Ridouh
b466e70ae5
Fix early return in vstateVPush in valid.c 
While looking over the code in the fallback method for `vstateVPush` in
valid.c when `LIBXML_REGEXP_ENABLED` is not defined, I noticed that
there is an ungated `return(-1)` after attempting to allocate memory.

I believe this should be inside a check, for if the malloc fails.
 2025-02-05 14:11:04 -08:00
Nick Wellnhofer
71c37a565d malloc-fail: Fix memory leak in xmlValidateElementContent 2024-12-30 11:42:40 +01:00
Nick Wellnhofer
cd220b93d8 valid: Remove duplicate error messages when streaming 2024-12-28 11:55:24 +01:00
Nick Wellnhofer
bd2a16489f valid: Fix build --without-regexps 2024-12-28 11:55:24 +01:00
Nick Wellnhofer
2e3a91a766 doc: Fix documentation 2024-12-26 21:05:39 +01:00
Nick Wellnhofer
0d4a17af49 valid: Fix and check return value of nodeVPush 2024-12-21 19:41:44 +01:00
Nick Wellnhofer
178b11219c valid: Check reallocations for overflow 2024-12-21 19:37:38 +01:00
Nick Wellnhofer
5204c872bb valid: Reset context before validating 
Reset last error and "stopped" flag. Otherwise new errors could be
ignored.
 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
4d1f35b0a9 valid: Deprecate more internal functions 2024-11-19 00:03:37 +01:00
Nick Wellnhofer
5a51f08517 valid: Implement xmlCtxtValidateDocument 
This allows to use the error handler or resource loader of a parser
context.
 2024-11-19 00:03:37 +01:00
Nick Wellnhofer
1e1731a43d valid: Add NULL check in xmlCtxtValidateDtd 2024-11-17 13:20:06 +01:00
Nick Wellnhofer
7f8c436c75 parser: Implement xmlCtxtParseDtd and xmlCtxtValidateDtd 
This allows to use the context's error handler, options and other
settings.

Fixes #808.
 2024-11-15 16:30:52 +01:00
Nick Wellnhofer
0c56eb8215 tree: Restore return value of xmlNodeListGetString with NULL list 
When passing a NULL list to xmlNodeListGetString or
xmlNodeListGetRawString, return NULL instead of "" to match the old
behavior.

Fixes #783.
 2024-08-12 21:38:50 +02:00
Nick Wellnhofer
6be79014d7 Remove unused code 2024-07-15 16:33:38 +02:00
Nick Wellnhofer
842a044831 valid: Restore ID lookup 
Revert a change from d025cfbb and don't overwrite ID table entries, so
that the first attribute will be returned if there are duplicate IDs.

This requires two other changes:

- Attributes in entity content are never added to the ID table. This
  seems reasonable.

- Remove the optimization to skip ID lookup when copying and the target
  document has an empty ID table. This also seems more correct since the
  document could have ID declarations nevertheless or we could be
  copying xml:ids into the document for the first time.

Fixes #757.
 2024-07-03 11:46:06 +02:00
Rosen Penev
2def7b4b28 clang-tidy: move assignments out of if 
Found with bugprone-assignment-in-if-condition

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2024-06-20 21:11:44 -07:00
Rosen Penev
217e9b7af2 clang-tidy: don't return in void functions 
Found with readability-redundant-control-flow

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2024-06-20 20:37:34 +00:00
Nick Wellnhofer
1b6403583b schemas: Stop using xmlValidateNotationUse 
Simplify symbol availability logic.
 2024-06-16 18:47:12 +02:00
Nick Wellnhofer
b0fc67aa22 build: Remove --with-tree configuration option 
This option would allow for a smaller, but mostly useless minimal build.
But it complicates the symbol availability logic in an insane way and
requires specialized tools like our custom C parser in doc/apibuild.py.

See #717.
 2024-06-16 18:47:12 +02:00
Nick Wellnhofer
11cd18d879 valid: Check return value of xmlValidBuildAContentModel 
Fixes return code in case of malloc failure.
 2024-05-31 13:31:09 +02:00
Nick Wellnhofer
e75e878e02 doc: Update and fix documentation 2024-05-20 14:23:39 +02:00
Nick Wellnhofer
0651ad667c valid: Report malloc failure after xmlRegExecPushString 2024-05-13 13:08:14 +02:00
Nick Wellnhofer
9bce9dbb19 valid: Report malloc failure in xmlValidateOneElement 2024-03-26 14:30:57 +01:00
Nick Wellnhofer
577e2516d0 valid: Check for NULL node->name in xmlSnprintfElements 
Unfortunately, we can have NULL element names if xmlSetTreeDoc fails.
 2024-03-19 17:06:07 +01:00
Nick Wellnhofer
dc2a03d482 valid: Deprecate internal validation functions 2024-03-16 15:20:08 +01:00
Nick Wellnhofer
291a9d0f81 valid: Set document on dummmy element declaration 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
9033a27068 malloc-fail: Stop using xmlSplitQName2 
This function doesn't report malloc failures.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
b38f8eae07 malloc-fail: Report in xmlAddAttributeDecl 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
3061b56a1e valid: Check for NULL text content in xmlValidateOneElement 
Shouldn't occur in parsed documents but you can create text nodes with
NULL content through the API.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
af3d80b9a0 valid: Check for elem->name in xmlIsID 
elem->name can be NULL is xmlNodeSetDoc failed.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
1233805dcb valid: Fix some return codes after errors 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
04c691f7ea valid: Eliminate xmlCtxtGetDtdElementDesc 
Improves malloca failure reporting without parser context.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
ab345338a4 valid: Report malloc failure in legacy DTD serialization 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
264b283c27 valid: Fix hash removal in xmlRemoveRef 
Don't create a NULL entry.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
802ad903f8 valid: Don't report errors with null context 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
f797cdabf5 valid: Remove id before updating attribute type 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
a3e11e3de1 valid: Fix id handling in xmlValidateDtd 
Free id table before and after validation.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
c4e0db6a9e valid: Reset attribute in xmlFreeID 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
bbbd7f7786 valid: Rework checks in xmlValidateOneElement 
Don't check element for extra members and missing content.

Consolidate checks for unexpected elements.
 2024-03-15 19:47:08 +01:00
Nick Wellnhofer
b23175d1d8 valid: Check element type in xmlIsID 
Also rearrange code for readability.
 2024-03-15 19:47:07 +01:00
Nick Wellnhofer
0ddd63dbab valid: Change error code to XML_ERR_ARGUMENT 2024-03-15 19:47:07 +01:00
Nick Wellnhofer
d0d6174e81 valid: Rework xmlAddID 2024-03-15 19:47:07 +01:00
Nick Wellnhofer
9835ec2b97 valid: Fix xmlAddIDSafe in "streaming" mode 
Make sure that IDs and attributes never reference each other in
streaming (XML reader) mode, even when attributes are copied from an
entity.

Also update lineno.

Fixes a short-lived use-after-free.
 2024-02-13 12:05:21 +01:00
Nick Wellnhofer
2807df9a4a valid: Fix another use-after-free in xmlAddIDSafe 
Short-lived regression.
 2024-02-06 12:07:19 +01:00
Nick Wellnhofer
70da4c089c valid: Fix use-after-free in xmlAddIDSafe 
Short-lived regression.
 2024-02-04 14:33:19 +01:00
Nick Wellnhofer
cf8751942b valid: Deprecate old DTD serialization API 2024-02-04 14:33:19 +01:00
Nick Wellnhofer
fbe10a466f save: Move DTD serialization code to xmlsave.c 2024-02-04 14:33:19 +01:00
Nick Wellnhofer
661ef93694 valid: Fix some error codes 2024-01-02 19:48:23 +01:00