1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-10-26 00:37:43 +03:00
Commit Graph

37 Commits

Author SHA1 Message Date
Nick Wellnhofer
845bd99f8b string: Fix UTF-8 validation in xmlGetUTF8Char 2023-09-29 00:15:40 +02:00
Nick Wellnhofer
c7260a47f1 malloc-fail: Don't call xmlErrMemory in xmlstring.c
Functions like xmlStrdup are called in the error handling code
(__xmlRaiseError) which can cause problems like use-after-free or
infinite loops when invoked recursively.

Calling xmlErrMemory without a context argument isn't helpful anyway.

Found with libFuzzer, see #344.
2023-01-24 11:47:33 +01:00
Nick Wellnhofer
dd3569eaa5 Remove XMLDECL macro from .c files 2022-12-08 02:43:17 +01:00
Nick Wellnhofer
6843fc726f Remove or annotate char casts 2022-09-01 04:31:30 +02:00
Nick Wellnhofer
2cac626976 Don't use sizeof(xmlChar) or sizeof(char) 2022-09-01 03:35:19 +02:00
Nick Wellnhofer
0f568c0b73 Consolidate private header files
Private functions were previously declared

- in header files in the root directory
- in public headers guarded with IN_LIBXML
- in libxml.h
- redundantly in source files that used them.

Consolidate all private header files in include/private.
2022-08-26 02:11:56 +02:00
Mike Dalessio
48ed5a74bd Update xmlStrlen() to use POSIX / ISO C strlen()
This should be faster on a wide range of platforms.

Closes #212
2022-02-26 16:20:32 +00:00
Nick Wellnhofer
346c3a930c Remove elfgcchack.h
The same optimization can be enabled with -fno-semantic-interposition
since GCC 5. clang has always used this option by default.
2022-02-20 21:49:04 +01:00
Nick Wellnhofer
6010a5369f Avoid potential integer overflow in xmlstring.c
For historical reasons, the string API operates with int indices which
can overflow, especially on 64-bit systems. libxml2 always made the
tacit assumption that strings will be never larger than INT_MAX bytes.
It should be considered a bug if any part of the code can produce
larger strings, whether they are externally visible or not.

Likewise, API users are expected not to supply strings larger than
INT_MAX bytes. This requirement isn't documented. But even if it was,
we must handle larger strings passed in by accident without causing
memory errors.

- xmlStrndup, xmlCharStrndup, xmlUTF8Strndup
  Avoid integer overflow if len == INT_MAX.

- xmlStrlen, xmlUTF8Strsize, xmlUTF8Strloc
  Avoid integer overflow by using size_t for index. If an input string
  larger than INT_MAX bytes is detected, these functions now return 0
  instead of a wrong and possibly negative value.

- xmlCheckUTF8
  Avoid integer overflow by limiting index range.

- xmlStrncat, xmlStrncatNew, xmlEscapeFormatString
  Avoid integer overflow. Return NULL instead of producing strings
  larger than INT_MAX bytes.
2022-01-28 16:27:12 +01:00
Nick Wellnhofer
6f95273e44 Fix integer conversion warnings in xmlstring.c
Use an int to avoid an integer conversion warning with UBSan when
left-shifting a char.
2022-01-25 01:53:43 +01:00
Nick Wellnhofer
9de7b94d4f Use strcmp when fuzzing
This should improve data-flow-guided fuzzing.
2020-08-08 20:37:30 +02:00
Nick Wellnhofer
5a0ae66d72 Documentation fixes
Fixes bug 347465, bug 599433, bug 624550, bug 698253.
2017-06-18 17:58:38 +02:00
Nick Wellnhofer
8bbe4508ef Spelling and grammar fixes
Fixes bug 743172, bug 743489, bug 769632, bug 782400 and a few other
misspellings.
2017-06-17 16:34:23 +02:00
David Kilzer
502f6a6d08 More format string warnings with possible format string vulnerability
For https://bugzilla.gnome.org/show_bug.cgi?id=761029

adds a new xmlEscapeFormatString() function to escape composed format
strings
2016-05-23 15:01:08 +08:00
David Kilzer
4472c3a5a5 Fix some format string warnings with possible format string vulnerability
For https://bugzilla.gnome.org/show_bug.cgi?id=761029

Decorate every method in libxml2 with the appropriate
LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups
following the reports.
2016-05-23 15:01:07 +08:00
Pranjal Jumde
8fbbf5513d Bug 763071: heap-buffer-overflow in xmlStrncat <https://bugzilla.gnome.org/show_bug.cgi?id=763071>
* xmlstring.c:
(xmlStrncat): Return NULL if xmlStrlen returns a negative length.
(xmlStrncatNew): Ditto.
2016-05-22 09:33:57 +08:00
Nick Wellnhofer
96a5c17ee1 Fix OOB read with invalid UTF-8 in xmlUTF8Strsize
With certain invalid UTF-8, xmlUTF8Strsize can read up to 6 bytes
beyond the end of the string and return the wrong size.

This means that in xmlUTF8Strndup and similar code, some content behind
the string is copied. But since the terminating \0 is copied as well,
this probably can't be exploited to leak sensitive information.

Found by afl-fuzz and ASan.
2016-04-23 18:44:27 +02:00
Daniel Veillard
f8e3db0445 Big space and tab cleanup
Remove all space before tabs and space and tabs at end of lines.
2012-09-11 13:26:36 +08:00
Daniel Veillard
fcf2457d20 Both args of xmlStrcasestr are const
* include/libxml/xmlstring.h xmlstring.c: fix the constness of the
  second arg of xmlStrcasestr()
2009-08-12 23:02:08 +02:00
Daniel Veillard
d95ecf0b8d Fixed xmlStrEqual() doc, Daniel 2005-12-22 14:58:32 +00:00
Kasimier T. Buchcik
5bb0c08d2f Fixed a segfault during text concatenation when validating a node tree:
* xmlschemas.c xmlstring.c: Fixed a segfault during
  text concatenation when validating a node tree:
  xmlStrncat was called with a @len of -1; but unlike
  xmlStrncatNew, it does not calculate the length
  automatically in such a case (reported by Judy Hay
  on the mailing list).
  Updated the descriptions of the involved string
  functions to note this.
2005-12-20 10:48:33 +00:00
Daniel Veillard
6a0baa0cd8 fixed a number of warnings shown by HP-UX compiler and reported by Rick
* HTMLparser.c configure.in parserInternals.c runsuite.c runtest.c
  testapi.c xmlschemas.c xmlschemastypes.c xmlstring.c: fixed a number
  of warnings shown by HP-UX compiler and reported by Rick Jones
Daniel
2005-12-10 11:11:12 +00:00
Daniel Veillard
ffa3c74933 applied a patch from Marcus Boerger to fix problems with calling
* error.c globals.c parser.c runtest.c testHTML.c testSAX.c
  threads.c valid.c xmllint.c xmlreader.c xmlschemas.c xmlstring.c
  xmlwriter.c include/libxml/parser.h include/libxml/relaxng.h
  include/libxml/valid.h include/libxml/xmlIO.h
  include/libxml/xmlerror.h include/libxml/xmlexports.h
  include/libxml/xmlschemas.h: applied a patch from Marcus Boerger
  to fix problems with calling conventions on Windows this should
  fix #309757
Daniel
2005-07-21 13:24:09 +00:00
Daniel Veillard
5d4644ef6e revamped the elfgcchack.h format to cope with gcc4 change of aliasing
* doc/apibuild.py doc/elfgcchack.xsl: revamped the elfgcchack.h
  format to cope with gcc4 change of aliasing allowed scopes, had
  to add extra informations to doc/libxml2-api.xml to separate
  the header from the c module source.
* *.c: updated all c library files to add a #define bottom_xxx
  and reimport elfgcchack.h thereafter, and a bit of cleanups.
* doc//* testapi.c: regenerated when rebuilding the API
Daniel
2005-04-01 13:11:58 +00:00
William M. Brack
230c5504d1 reset input->base within xmlStopParser removed call to xmlUTF8Strlen from
* parser.c: reset input->base within xmlStopParser
* xmlstring.c: removed call to xmlUTF8Strlen from within
  xmlUTF8Strpos (Bill Moseley pointed out it was not
  useful)
2004-12-20 16:18:49 +00:00
Daniel Veillard
5ea30d7f95 more fixes. Daniel
* parser.c testapi.c xmlIO.c xmlstring.c: more fixes.
Daniel
2004-11-08 11:54:28 +00:00
Daniel Veillard
ce682bc24b autogenerate a minimal NULL value sequence for unknown pointer types This
* gentest.py testapi.c: autogenerate a minimal NULL value sequence
  for unknown pointer types
* HTMLparser.c SAX2.c chvalid.c encoding.c entities.c parser.c
  parserInternals.c relaxng.c valid.c xmlIO.c xmlreader.c
  xmlsave.c xmlschemas.c xmlschemastypes.c xmlstring.c xpath.c
  xpointer.c: This uncovered an impressive amount of entry points
  not checking for NULL pointers when they ought to, closing all
  the open gaps.
Daniel
2004-11-05 17:22:25 +00:00
Daniel Veillard
8a32fe4839 more testing and coverage more cleanups rebuilt Daniel
* gentest.py testapi.c: more testing and coverage
* elfgcchack.h xmlstring.c include/libxml/xmlstring.h: more cleanups
* doc/*: rebuilt
Daniel
2004-11-02 22:10:16 +00:00
Daniel Veillard
36e5cd5064 adding xmlMemBlocks() work on generator of an automatic API regression
* xmlmemory.c include/libxml/xmlmemory.h: adding xmlMemBlocks()
* Makefile.am gentest.py testapi.c: work on generator of an
  automatic API regression test tool.
* SAX2.c nanoftp.c parser.c parserInternals.c tree.c xmlIO.c
  xmlstring.c: various API hardeing changes as a result of running
  teh first set of automatic API regression tests.
* test/slashdot16.xml: apparently missing from CVS, commited it
Daniel
2004-11-02 14:52:23 +00:00
William M. Brack
b7b54de6c6 added code to handle <group>, including dumping to output (bug 151924).
* catalog.c: added code to handle <group>, including dumping
  to output (bug 151924).
* xmlcatalog.c, xmlstring.c, parser.c: minor compiler warning
  cleanup (no change to logic)
2004-10-06 16:38:01 +00:00
William M. Brack
3e53016965 modified comments on xmlGetUTF8Char in response to bug 151760 (no change
* xmlstring.c: modified comments on xmlGetUTF8Char in
  response to bug 151760 (no change to logic)
2004-09-03 17:10:08 +00:00
William M. Brack
f409515f15 fixed error reported on the list caused by my last change
* xmlstring.c: fixed error reported on the list caused by
  my last change
2004-08-31 16:49:26 +00:00
William M. Brack
bf5cf2196c fixed bug introduced during OOM fixup causing problems with default
* SAX2.c: fixed bug introduced during OOM fixup causing problems
  with default namespace when a named prefix with the same href
  was present (reported on the mailing list by Karl Eichwalder.
* xmlstring.c: modified xmlCheckUTF8 with suggested code from
  Julius Mittenzwei.
* dict.c: added a typecast to try to avoid problem reported by
  Pascal Rodes.
2004-08-31 06:47:17 +00:00
William M. Brack
3ffe90ea1c fixed a problem with xmlCheckUTF8 reported on the mailing list by Julius
* xmlstring.c: fixed a problem with xmlCheckUTF8 reported on the
  mailing list by Julius Mittenzwei
2004-08-28 01:33:30 +00:00
Daniel Veillard
1f8658a76f Dodji pointed out a bug in xmlGetNodePath() applied patch from Albert Chin
* tree.c: Dodji pointed out a bug in xmlGetNodePath()
* xmlcatalog.c: applied patch from Albert Chin to add a
  --no-super-update option to xmlcatalog see #145461
  and another patch also from Albert Chin to not crash
  on -sgml --del without args see #145462
* Makefile.am: applied another patch from Albert Chin to
  fix a problem with diff on Solaris #145511
* xmlstring.c: fix xmlCheckUTF8() according to the suggestion
  in bug #148115
* python/libxml.py: apply fix from Marc-Antoine Parent about
  the errors in libxml(2).py on the node wrapper #135547
Daniel
2004-08-14 21:46:31 +00:00
Daniel Veillard
c82c57e69c some parser optimizations, xmllint --memory --timing --repeat --stream
* dict.c parser.c xmlstring.c: some parser optimizations,
  xmllint --memory --timing --repeat --stream ./db10000.xml
  went down from 16.5 secs to 15.5 secs.
Daniel
2004-01-12 16:24:34 +00:00
William M. Brack
a2e844a3b3 moved string and UTF8 routines out of parser.c and encoding.c into a new
* encoding.c, parser.c, xmlstring.c, Makefile.am,
  include/libxml/Makefile.am, include/libxml/catalog.c,
  include/libxml/chvalid.h, include/libxml/encoding.h,
  include/libxml/parser.h, include/libxml/relaxng.h,
  include/libxml/tree.h, include/libxml/xmlwriter.h,
  include/libxml/xmlstring.h:
  moved string and UTF8 routines out of parser.c and encoding.c
  into a new module xmlstring.c with include file
  include/libxml/xmlstring.h mostly using patches from Reid
  Spencer.  Since xmlChar now defined in xmlstring.h, several
  include files needed to have a #include added for safety.
* doc/apibuild.py: added some additional sorting for various
  references displayed in the APIxxx.html files.  Rebuilt the
  docs, and also added new file for xmlstring module.
* configure.in: small addition to help my testing; no effect on
  normal usage.
* doc/search.php: added $_GET[query] so that persistent globals
  can be disabled (for recent versions of PHP)
2004-01-06 11:52:13 +00:00