XIncludes involve XPath processing which can still lead to timeouts when
fuzzing. This will probably take a while to fix. The rest of the XML
parsing code should hopefully run without timeouts now. OSS-Fuzz only
shows a single timeout test case, so separate the XInclude from the core
XML fuzzer.
With very few exceptions, utilities and test programs don't require any
external libraries.
- xmllint and xmlcatalog need libreadline
- runtest and testThreads need pthreads
Brown paper bag release, some recently added sources were missing from
the 2.9.11 tarball:
- configure.ac: bump version
- fuzz/Makefile.am: add fuzz.h and seed/regexp to EXTRA_DIST
OSS-Fuzz has been fuzzing the HTML parser with inputs up to 1 MB for
several hundred hours without hitting the 20s timeout. It seems that
most timeouts resulting from accidentally quadratic behavior in the
HTML parser have been fixed. Start to gradually reduce the timeout to
find new performance issues.
- Shorten timeouts
- Align options from Makefile and options files
- Add section headers to Makefile
- Skip invalid UTF-8 in regexp fuzzer
- Update regexp.dict
- Generate HTML seed corpus in correct format
- XML fuzzer
Currently tests the pull parser, push parser and reader, as well as
serialization. Supports splitting fuzz data into multiple documents
for things like external DTDs or entities. The seed corpus is built
from parts of the test suite.
- Regexp fuzzer
Seed corpus was statically generated from test suite.
- URI fuzzer
Tests parsing and most other functions from uri.c.
