lib/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2026-01-26 21:41:34 +03:00
Code Activity
7,234 Commits 24 Branches 238 Tags
25ae533b3e9be084e5eaa9089bd0c79104fdd06c
Commit Graph

138 Commits

Author SHA1 Message Date
Nick Wellnhofer
bc43786822 fuzz: Improve HTML fuzzer 
Verify that pull and push parser produce the same result.

Fixes #849.
 2025-02-02 11:15:45 +01:00
Nick Wellnhofer
d2fb68ed24 fuzz: Make large chunk size more likely 
This now detects issues like 3eced32e in about 30 seconds.
 2025-01-31 19:02:33 +01:00
Nick Wellnhofer
40e423d6c2 fuzz: Improve fuzzing of push parser 
Also serialize the result of push-parsing and compare whether pull and
push parser produce the same result (differential fuzzing).

We lose the ability to inject IO errors when serializing for now, but
this isn't too important.

Use variable chunk size for push parser.

Fixes #849.
 2025-01-31 15:50:00 +01:00
Nick Wellnhofer
6904d4c225 fuzz: Fix OSS-Fuzz build of lint fuzzer 2025-01-25 13:55:23 +01:00
Nick Wellnhofer
9b1028c906 fuzz: Fix comments 2025-01-23 20:37:37 +01:00
Nick Wellnhofer
e95c4b07ae fuzz: Also test xmllint --repeat option 2025-01-23 20:30:40 +01:00
Nick Wellnhofer
bfe6af2eed fuzz: Remove hacks to build lint fuzzer 
Don't include source file directly.
 2025-01-17 20:06:45 +01:00
Nick Wellnhofer
255fd5f3f1 xmllint: Store error stream in global state 2025-01-17 20:06:45 +01:00
Nick Wellnhofer
72f84dd739 fuzz: Inject IO failures into serialization code 2024-12-17 22:21:34 +01:00
Nick Wellnhofer
8139ad2f77 fuzz: Fix IO error check in reader fuzzer 2024-12-13 12:39:34 +01:00
Nick Wellnhofer
3b38f19b40 fuzz: Silence more OOM errors 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
9f652e57c1 fuzz: Inject IO failures 
We use the same counter for injecting malloc and IO failures. This
mostly renames several functions and variables.
 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
754843abda fuzz: Remove xmlFuzzEntityLoader 
Unused after commit de0c7791.
 2024-11-26 14:30:54 +01:00
Nick Wellnhofer
de0c779116 fuzz: Switch to xmlCtxtValidateDocument 
This allows to check malloc failure reports during post-validation.
 2024-11-19 00:03:37 +01:00
Nick Wellnhofer
bf3619c328 fuzz: Don't unlink DTD when replacing nodes 
OP_XML_REPLACE_NODE needs the same check as OP_XML_UNLINK_NODE.
 2024-10-10 12:14:47 +02:00
Nick Wellnhofer
0c56eb8215 tree: Restore return value of xmlNodeListGetString with NULL list 
When passing a NULL list to xmlNodeListGetString or
xmlNodeListGetRawString, return NULL instead of "" to match the old
behavior.

Fixes #783.
 2024-08-12 21:38:50 +02:00
Nick Wellnhofer
eb66d03ef7 io: Deprecate a few functions 2024-07-16 17:42:10 +02:00
Nick Wellnhofer
8af55c8d20 parser: Rename new input API functions 
These weren't made public yet.
 2024-07-11 01:33:29 +02:00
Nick Wellnhofer
ae6e2ee7ec fuzz: Adjust reader fuzzer 2024-07-10 22:26:11 +02:00
Nick Wellnhofer
8c4cc0be35 fuzz: Improve debug output of reader fuzzer 2024-07-09 14:25:16 +02:00
Nick Wellnhofer
de3221b179 fuzz: Adjust for xmlNodeParseContent changes 
xmlStringGetNodeList returns NULL again for empty strings.
 2024-07-06 15:33:06 +02:00
Rosen Penev
5d542feff1 libxml: define ATTRIBUTE_UNUSED for clang 
Silences warnings under Clang on Windows.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2024-06-20 15:24:15 -07:00
Nick Wellnhofer
208f27f964 include: Don't define ATTRIBUTE_UNUSED in public header 
Stop polluting namespace with unprefixed names.
 2024-06-15 19:13:08 +02:00
Nick Wellnhofer
df40f64edf fuzz: Avoid accessing internal struct members 
Switch to xmlNewIOInputStream.
 2024-06-13 18:01:23 +02:00
Nick Wellnhofer
5238404325 parser: Pass resource type to resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
f96dca9c0e xmllint: Switch to resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
780e432a5c fuzz: Move to per-context error handler 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
116d8c0166 fuzz: Move to per-context resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
b7f30bae7b fuzz: Fix aarch64 build on OSS-Fuzz 2024-05-28 22:52:30 +02:00
Nick Wellnhofer
caa8bb3848 fuzz: Move back to xmlSetExternalEntityLoader 
xmlParserInputBufferCreateFilenameDefault can't report malloc failures.
 2024-05-19 19:39:22 +02:00
Nick Wellnhofer
51b5d1e378 fuzz: Don't enable zlib and liblzma with MSan 
We'd need our own instrumented builds of these libraries.
 2024-05-15 16:21:11 +02:00
Nick Wellnhofer
f895af0989 fuzz: Remove OSS-Fuzz timeout option 
Custom timeouts aren't fully supported on OSS-Fuzz.
 2024-05-14 16:08:37 +02:00
Nick Wellnhofer
b117a912b6 fuzz: Enable xmllint fuzzer on OSS-Fuzz 2024-05-13 13:42:43 +02:00
Nick Wellnhofer
b3cb41be8b fuzz: Add xmllint fuzzer 2024-05-13 12:50:08 +02:00
Nick Wellnhofer
5bfaab77f6 fuzz: Fix reader fuzzer 2024-05-07 17:11:18 +02:00
Nick Wellnhofer
d644a23e8f fuzz: Improve xml.dict 
- Add standalone declaration
- Add doctype declaration
- Expand ATTLIST matrix in xml.dict
 2024-05-06 00:32:08 +02:00
Nick Wellnhofer
68e440eec4 fuzz: Use all test directories for XML seed corpus 
It's probably better to add as many files as possible to the seed corpus
even if they're less specific to a fuzzer.
 2024-04-24 22:52:06 +02:00
Nick Wellnhofer
0977d7a3af fuzz: Build with compression support on OSS-Fuzz 2024-04-23 22:39:53 +02:00
Nick Wellnhofer
510c7988e0 fuzz: Remove reader pass from XML fuzzers 
The reader API is fuzzed separately now.
 2024-04-23 18:43:12 +02:00
Nick Wellnhofer
6641a7e824 fuzz: Enable reader fuzzer on OSS-Fuzz 2024-04-23 18:36:15 +02:00
Nick Wellnhofer
b62ccf7f10 fuzz: Add fuzzer for XML reader API 2024-04-22 12:44:12 +02:00
Nick Wellnhofer
971ce40409 fuzz: Also set fuzzAllocFailed if a real allocation fails 
Avoid false positives in real OOM situations.
 2024-04-14 19:40:22 +02:00
Nick Wellnhofer
1f18d37798 fuzz: Add a few more comments 2024-04-09 13:04:50 +02:00
Nick Wellnhofer
fe3cbf897e fuzz: Check node type before xmlDocSetRootElement 2024-03-29 15:29:53 +01:00
Nick Wellnhofer
ea0ee36546 tree: Align xmlAddChild with other node insertion functions 
Make xmlAddChild unlink the child before insertion. Originally, linked
children would most likely cause tree corruption. The first fix
disallowed linked nodes, but there are cases where insertion of such
nodes could succeed.

Don't abort if the node is already a child of parent. In this case,
the node will be moved to the end of the child list.
 2024-03-29 12:57:20 +01:00
Nick Wellnhofer
bfb02fbca9 fuzz: Fix xmlSetProp in API fuzzer 
Finding the old attribute node is a bit more involved.
 2024-03-28 11:30:05 +01:00
Nick Wellnhofer
887ad90a1a fuzz: Restrict input size of API fuzzer 2024-03-26 14:23:51 +01:00
Nick Wellnhofer
6c5248e2a9 fuzz: Restrict number of copies in API fuzzer 
Avoid timeouts with large inputs.
 2024-03-26 14:21:47 +01:00
Nick Wellnhofer
52efb20a18 fuzz: Enable float-divide-by-zero on OSS-Fuzz 
This was recently disabled globally:

    https://github.com/google/oss-fuzz/pull/11567
 2024-03-24 13:43:25 +01:00
Nick Wellnhofer
d8741b8196 fuzz: Fix namespaces after xmlDOMWrapRemoveNode 2024-03-22 14:55:22 +01:00