1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-10-24 13:33:01 +03:00
Commit Graph

111 Commits

Author SHA1 Message Date
Nick Wellnhofer
adfbeb7e08 doc: Stop using *Ptr typedefs in documentation 2025-05-16 18:03:12 +02:00
Nick Wellnhofer
a40f36e7f2 include: Stop using *Ptr typedefs in public headers 2025-05-16 18:03:12 +02:00
Nick Wellnhofer
442c1903af doc: Fix some damage from automated conversions
Add some newlines, fix returns.
2025-05-11 20:29:25 +02:00
Nick Wellnhofer
9bbffec568 doc: Move brief to top, params to bottom of doc comments 2025-05-06 19:51:38 +02:00
Nick Wellnhofer
e549622bc5 doc: Convert documentation to Doxygen
Automated conversion based on a few regexes.
2025-05-01 23:23:42 +02:00
Nick Wellnhofer
69879da88f doc: Remove email addresses from documentation
Also remove authorship information from generated files, hash.c and
globals.c which were rewritten.
2025-05-01 23:23:42 +02:00
Nick Wellnhofer
61890e399d doc: Prepare for conversion to Doxygen
Fix many params in internal functions (not really necessary but Doxygen
warns about that in XML mode).

Fix formatting in a few corner cases that automatic conversion can't
handle.

Rearrange some DOC_DISABLE blocks.
2025-05-01 23:23:42 +02:00
Nick Wellnhofer
92d7b0cd90 xpath: Rename valuePush and valuePop 2025-03-05 12:24:38 +01:00
Nick Wellnhofer
9c16a153d8 Revert "include: Make most IS_* macros private"
This reverts commit 84a6c82ff8.
2025-02-13 20:20:17 +01:00
Nick Wellnhofer
84a6c82ff8 include: Make most IS_* macros private
Macros like IS_DIGIT or IS_LETTER severely pollute the C namespace.
2024-12-21 20:01:30 +01:00
Nick Wellnhofer
5d36664fc9 memory: Deprecate xmlGcMemSetup 2024-07-16 17:42:10 +02:00
Nick Wellnhofer
598ee0d2c6 error: Remove underscores from xmlRaiseError 2024-06-27 14:43:10 +02:00
Nick Wellnhofer
669bd34993 xpointer: Remove support for XPointer locations
The latest spec for what it essentially an XPath extension seems to be
this working draft from 2002:

    https://www.w3.org/TR/xptr-xpointer/

The xpointer() scheme is listed as "being reviewed" in the XPointer
registry since at least 2006. libxml2 seems to be the only modern
software that tries to implement this spec, but the code has many bugs
and quality issues.

If you configure --with-legacy, old symbols are retained for ABI
compatibility.
2024-06-12 18:20:01 +02:00
Nick Wellnhofer
29f4d69e2f xpath: Report malloc failure in xmlXPtrEvalXPtrPart 2024-01-10 16:02:33 +01:00
Nick Wellnhofer
954b898494 xpath: Improve error handling
Introduce xmlXPathSetErrorHandler allowing to set a structured error
handler for an XPath context.

Remove arguments from memory error handlers.

Use xmlRaiseMemoryError.

Remove TODO, STRANGE and CHECK_CTXT macros.

Remove remaining uses of xmlGenericError.
2023-12-21 02:46:27 +01:00
Nick Wellnhofer
e632d9f02e xpath: Report malloc failures
Fix many places where malloc failures aren't reported.

Rework XPath object cache to store free objects in a linked list to
avoid allocating an additional array. Remove some unneeded object pools.
2023-12-11 22:13:05 +01:00
Nick Wellnhofer
699299cae3 globals: Stop including globals.h 2023-09-20 22:07:40 +02:00
Nick Wellnhofer
4e1c13ebfd debug: Remove debugging code
This is barely useful these days and only clutters the code base.
2023-09-19 17:35:09 +02:00
Nick Wellnhofer
fa993130f9 xpath: Remove remaining references to valueFrame
Fixes #529.
2023-04-30 13:18:17 +02:00
Nick Wellnhofer
2cac626976 Don't use sizeof(xmlChar) or sizeof(char) 2022-09-01 03:35:19 +02:00
Nick Wellnhofer
ad338ca737 Remove explicit integer casts
Remove explicit integer casts as final operation

- in assignments
- when passing arguments
- when returning values

Remove casts

- to the same type
- from certain range-bound values

The main motivation is that these explicit casts don't change the result
of operations and only render UBSan's implicit-conversion checks
useless. Removing these casts allows UBSan to detect cases where
truncation or sign-changes occur unexpectedly.

Document some explicit casts as truncating and add a few missing ones.
2022-09-01 02:33:57 +02:00
Nick Wellnhofer
0f568c0b73 Consolidate private header files
Private functions were previously declared

- in header files in the root directory
- in public headers guarded with IN_LIBXML
- in libxml.h
- redundantly in source files that used them.

Consolidate all private header files in include/private.
2022-08-26 02:11:56 +02:00
Nick Wellnhofer
4612ce3031 Implement xpath1() XPointer scheme
See https://www.w3.org/2005/04/xpointer-schemes/
2022-04-21 04:26:52 +02:00
Nick Wellnhofer
670701075b Add configuration flag for XPointer locations support
Add a new configuration flag that controls whether the outdated support
for XPointer locations (ranges and points) is enabled.

    --with-xptr-locs          # Autotools
    LIBXML2_WITH_XPTR_LOCS    # CMake

The latest spec for what it essentially an XPath extension seems to be
this working draft from 2002:

    https://www.w3.org/TR/xptr-xpointer/

The xpointer() scheme is listed as "being reviewed" in the XPointer
registry since at least 2006. libxml2 seems to be the only modern
software that tries to implement this spec, but the code has many bugs
and quality issues.

The flag defaults to "off" and support for this extensions has to be
requested explicitly. The relevant API functions are deprecated.
2022-04-21 02:41:58 +02:00
Nick Wellnhofer
10291f838f Fix potential double-free in xmlXPtrStringRangeFunction
Fix double-free in an unlikely error condition. Thanks to Wentao Liang
for the report.

Fixes #341.
2022-03-05 18:27:16 +01:00
Nick Wellnhofer
4a8c71eb7c Remove DOCBparser
This code has been broken and deprecated since version 2.6.0, released
in 2003. Because of a bug in commit 961b535c, DOCBparser.c was never
compiled since 2012. I couldn't find a Debian package using any of its
symbols, so it seems safe to remove this module.
2022-03-04 22:56:21 +01:00
Nick Wellnhofer
346c3a930c Remove elfgcchack.h
The same optimization can be enabled with -fno-semantic-interposition
since GCC 5. clang has always used this option by default.
2022-02-20 21:49:04 +01:00
Nick Wellnhofer
5408c10c37 Don't normalize namespace URIs in XPointer xmlns() scheme
Namespace URIs should be compared without escaping or unescaping:

https://www.w3.org/TR/REC-xml-names/#NSNameComparison

Fixes #289.
2022-02-04 14:00:09 +01:00
David Kilzer
8f5ccada05 xmlAddChild() and xmlAddNextSibling() may not attach their second argument
Use the return value of xmlAddChild() and xmlAddNextSibling()
instead of the second argument directly.

Found by OSS-Fuzz.

Fixes #316
2022-01-25 16:30:48 +00:00
Nick Wellnhofer
f872aa1807 Fix handling of ctxt->base in xmlXPtrEvalXPtrPart
Also set ctxt->base when updating ctxt->cur. Always restore ctxt->cur
on error. Avoids integer truncation and wrong column numbers in
xmlXPathErr.

Stop hiding modification of ctxt members behind a macro.

Found with UBSan.
2022-01-25 01:16:00 +01:00
Nick Wellnhofer
a218ff0ec0 Fix null pointer deref in xmlXPtrRangeInsideFunction
Found by OSS-Fuzz.
2020-12-06 17:26:36 +01:00
Nick Wellnhofer
46837d47d5 Fix memory leaks in XPointer string-range function
Found by OSS-Fuzz.
2020-10-03 01:13:35 +02:00
Nick Wellnhofer
8b88503a27 Don't call xmlXPathInit directly
Call xmlInitParser which uses a lock to avoid race conditions.

Fixes #184.
2020-09-18 19:15:27 +02:00
Nick Wellnhofer
20c60886e4 Fix typos
Resolves #133.
2020-03-08 17:41:53 +01:00
Jared Yanovich
2a350ee9b4 Large batch of typo fixes
Closes #109.
2019-09-30 18:04:38 +02:00
Nick Wellnhofer
b9bdb9dbfd Check for integer overflow in xmlXPtrEvalChildSeq
Found with libFuzzer and UBSan.
2019-03-29 13:03:17 +01:00
Nick Wellnhofer
b21895717d Fix -Wenum-compare warnings
Also fixes a serious bug in xmlXPtrNewRangeNodePoint.
2017-11-27 13:42:30 +01:00
Stéphane Michaut
454e397eb7 Porting libxml2 on zOS encoding of code
First set of patches for zOS
- entities.c parser.c tree.c xmlschemas.c xmlschemastypes.c xpath.c xpointer.c:
  ask conversion of code to ISO Latin 1 to avoid having the compiler assume
  EBCDIC codepoint for characters.
- xmlmodule.c: make sure we have support for modules
- xmlIO.c: zOS path names are special avoid dsome of the expectstions from
  Unix/Windows
2017-08-28 14:30:43 +02:00
Nick Wellnhofer
bd1571cdc5 Fix memory leaks in XPointer error paths
Found with libFuzzer and ASan.
2017-05-27 15:59:18 +02:00
Nick Wellnhofer
e905f08123 Fix more NULL pointer derefs in xpointer.c
Found with afl-fuzz.
2016-10-12 14:00:03 +02:00
Nick Wellnhofer
c1d1f71211 Disallow namespace nodes in XPointer ranges
Namespace nodes must be copied to avoid use-after-free errors.
But they don't necessarily have a physical representation in a
document, so simply disallow them in XPointer ranges.

Found with afl-fuzz.

Fixes CVE-2016-4658.
2016-10-12 13:12:18 +02:00
Nick Wellnhofer
3f8a91036d Disallow namespace nodes in XPointer points 2016-10-12 13:12:18 +02:00
Nick Wellnhofer
9ab01a277d Fix XPointer paths beginning with range-to
The old code would invoke the broken xmlXPtrRangeToFunction. range-to
isn't really a function but a special kind of location step. Remove
this function and always handle range-to in the XPath code.

The old xmlXPtrRangeToFunction could also be abused to trigger a
use-after-free error with the potential for remote code execution.

Found with afl-fuzz.

Fixes CVE-2016-5131.
2016-10-12 13:12:18 +02:00
David Kilzer
4472c3a5a5 Fix some format string warnings with possible format string vulnerability
For https://bugzilla.gnome.org/show_bug.cgi?id=761029

Decorate every method in libxml2 with the appropriate
LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups
following the reports.
2016-05-23 15:01:07 +08:00
Gaurav Gupta
f5496a1ef4 xpointer : fixing Null Pointers
For https://bugzilla.gnome.org/show_bug.cgi?id=738053
At many places in xpointer.c
Null check is missing which is dereferenced at later places.
2014-10-07 17:09:35 +08:00
Gaurav Gupta
a61929e8ca Remove Unnecessary Null check in xpointer.c
For https://bugzilla.gnome.org/show_bug.cgi?id=738052

superfluous check
2014-10-07 12:28:34 +08:00
Daniel Veillard
f8e3db0445 Big space and tab cleanup
Remove all space before tabs and space and tabs at end of lines.
2012-09-11 13:26:36 +08:00
Daniel Veillard
3e62adbe39 Adding various checks on node type though the API
Specifially checking against namespace nodes before accessing node
pointers
2012-08-09 14:24:02 +08:00
Jüri Aedla
d8e1faeaa9 Fix an off by one pointer access
getting out of the range of memory allocated for xpointer decoding
2012-05-07 15:06:56 +08:00
Daniel Veillard
f5048b3e71 Hardening of XPath evaluation
Add a mechanism of frame for XPath evaluation when entering a function
or a scoped evaluation, also fix a potential problem in predicate
evaluation.
2011-08-19 11:07:51 +08:00