lib/libxml2
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-10-24 13:33:01 +03:00
Code Activity
7,183 Commits 9 Branches 238 Tags
93506d41cbf59b56d586dcc1f40d77237a8bb1ee
Commit Graph

322 Commits

Author SHA1 Message Date
Nick Wellnhofer
e41941109d schemas: Make ValidateStream take a const SAXHandler 2025-01-17 20:05:57 +01:00
Nick Wellnhofer
84a6c82ff8 include: Make most IS_* macros private 
Macros like IS_DIGIT or IS_LETTER severely pollute the C namespace.
 2024-12-21 20:01:30 +01:00
Nick Wellnhofer
3f0bac4820 malloc-fail: Handle more malloc failures in schema code 
These issues can only arise after a memory allocation failed.

- WXS_ADD_*: Add NULL check and raise error
- XML_SCHEMA_*: Make macros safe
- xmlSchemaParseUnion: Fix leak, raise error, commit after success to
  avoid memory corruption
- xmlSchemaVAddNodeQName: Restore nbItems after partial success,
  raise error
- xmlSchemaIDCAcquireTargetList: Raise error
- xmlSchemaXPathProcessHistory: Handle errors
- xmlSchemaIDCFillNodeTables: Fix leak
- xmlSchemaCheckCVCIDCKeyRef: Handle errors
- xmlSchemaVPushText: Reset flag to avoid memory corruption
- xmlSchemaNewValidCtxt: Handle errors
- xmlSchemaVDocWalk: Fix leak
- xmlSchemaInitBasicType: Handle error
- xmlSchemaCleanupTypesInternal: Fix null deref
- xmlSchemaWhiteSpaceReplace: Handle error
- xmlSchemaParseUInt: Handle error
- xmlSchemaValAtomicType: Fix leak, handle error
- xmlSchemaDateNormalize: Fix leak
 2024-12-21 19:41:16 +01:00
Nick Wellnhofer
db8cce3d27 schemas: Check reallocations for overflow 2024-12-21 19:37:38 +01:00
Nick Wellnhofer
0f4f89005d parser: Rename inputPush to xmlCtxtPushInput 2024-11-19 00:25:23 +01:00
Nick Wellnhofer
5d36664fc9 memory: Deprecate xmlGcMemSetup 2024-07-16 17:42:10 +02:00
Nick Wellnhofer
2e63656ec6 parser: Check return value of inputPush 
inputPush typically doesn't fail because we pre-allocate the input
table. The return value should be checked nevertheless.
 2024-07-08 11:27:52 +02:00
Rosen Penev
217e9b7af2 clang-tidy: don't return in void functions 
Found with readability-redundant-control-flow

Signed-off-by: Rosen Penev <rosenp@gmail.com>
 2024-06-20 20:37:34 +00:00
Nick Wellnhofer
ef8dc4f673 schemas: Add callbacks for resource loader 2024-06-12 16:36:12 +02:00
Nick Wellnhofer
869f72442a schemas: Fix ADD_ANNOTATION 
Fix adding multiple annotations.
 2024-03-17 16:14:04 +01:00
Nick Wellnhofer
d0d6174e81 valid: Rework xmlAddID 2024-03-15 19:47:07 +01:00
Benjamin Gilbert
653ef99902 schemas: fix spurious warning about truncated snprintf output 
Fix warning:

    xmlschemas.c: In function 'xmlSchemaVAttributesComplex':
    xmlschemas.c:25506:63: warning: 'snprintf' output may be truncated before the last format character [-Wformat-truncation=]
    xmlschemas.c:25506:29: note: 'snprintf' output between 3 and 13 bytes into a destination of size 12

On my system (GCC 13.2.1 x86_64) the warning only appears with -O0.
counter can't exceed 1000, so there's no real bug.
 2024-03-02 17:03:28 +09:00
Nick Wellnhofer
c8f1f4a280 doc: Improve documentation of error handlers 2023-12-21 17:36:17 +01:00
Nick Wellnhofer
531d06add6 error: Stop printing some errors by default 
Unfortunately, it's long-standing behavior for libxml2 to print all
reported errors to stderr by default. This default behavior is now
partially disabled. If no error handler is set, only parser and
validation errors are passed to a generic error handler or printed to
stderr. Other errors are still available via xmlGetLastError and can be
captured with a structured error handler.
 2023-12-21 15:02:24 +01:00
Nick Wellnhofer
06c00f6582 schemas: Improve error handling 
Introduce xmlSchema*ErrFull which checks for memory allocation failures
during error reporting.

Remove arguments from memory error handlers.

Use xmlRaiseMemoryError.

Remove TODO macro.
 2023-12-21 02:46:27 +01:00
Nick Wellnhofer
da703eaaea schemas: Fix reallocation in xmlSchemaXPathProcessHistory 
See #614.
 2023-11-05 02:03:05 +01:00
Nick Wellnhofer
45470611b0 error: Make xmlGetLastError return a const error 
This is a slight break of the API, but users really shouldn't modify the
global error struct. The goal is to make xmlLastError use static buffers
for its strings eventually. This should warn people if they're abusing
the struct.
 2023-09-22 13:29:07 +02:00
Nick Wellnhofer
4e1c13ebfd debug: Remove debugging code 
This is barely useful these days and only clutters the code base.
 2023-09-19 17:35:09 +02:00
Nick Wellnhofer
90d5b79958 schemas: Fix memory leak of annotations in notations 
Found by OSS-Fuzz.
 2023-09-14 15:30:38 +02:00
Nick Wellnhofer
d88763ccad schemas: Fix filename in xmlSchemaValidateFile 
Make sure that filename appears in error messages.
 2023-04-30 21:45:39 +02:00
Nick Wellnhofer
165f3436fc schemas: Fix line numbers in streaming validation 2023-04-30 21:45:39 +02:00
Nick Wellnhofer
57d88da675 schemas: Fix memory leak in xmlSchemaValidateStream 
Regressed in 9a82b94a.

Fixes #530.
 2023-04-30 21:45:39 +02:00
Nick Wellnhofer
e4f85f1bd2 [CVE-2023-28484] Fix null deref in xmlSchemaFixupComplexType 
Fix a null pointer dereference when parsing (invalid) XML schemas.

Thanks to Robby Simpson for the report!

Fixes #491.
 2023-04-11 14:29:50 +02:00
Nick Wellnhofer
f8efa589e8 malloc-fail: Handle malloc failures in xmlSchemaInitTypes 
Note that this changes the return value of public function
xmlSchemaInitTypes from void to int. This shouldn't break the ABI on
most platforms.

Found when investigating #500.
 2023-03-14 15:14:38 +01:00
Nick Wellnhofer
73bd5d52ae malloc-fail: Fix type confusion after xmlSchemaFixupTypeAttributeUses 
Found with libFuzzer, see #344.
 2023-03-08 13:17:49 +01:00
Nick Wellnhofer
767ae50bc9 malloc-fail: Fix null deref after xmlSchemaItemList{Add,Insert} 
Found with libFuzzer, see #344.
 2023-03-08 13:17:49 +01:00
Nick Wellnhofer
961a4f35bf malloc-fail: Fix memory leak in xmlSchemaParseUnion 
Also report malloc failure from xmlStrndup.

Found with libFuzzer, see #344.
 2023-03-08 13:17:49 +01:00
Nick Wellnhofer
260d6b8d77 malloc-fail: Fix another memory leak in xmlSchemaBucketCreate 
Found with libFuzzer, see #344.
 2023-03-08 13:17:48 +01:00
Nick Wellnhofer
31844c74df malloc-fail: Fix null deref in xmlSchemaParseUnion 
Found with libFuzzer, see #344.
 2023-03-08 13:17:48 +01:00
Nick Wellnhofer
9afb6c5fb8 malloc-fail: Fix memory leak in WXS_ADD_{LOCAL,GLOBAL} 
It's somewhat dangerous to add the cleanup code to a macro, but
otherwise we'd have to fix all the call sites.

Found with libFuzzer, see #344.
 2023-03-08 13:17:48 +01:00
Nick Wellnhofer
a5787229e5 malloc-fail: Fix memory leak in xmlSchemaBucketCreate 
Found with libFuzzer, see #344.
 2023-03-08 13:17:48 +01:00
Nick Wellnhofer
e15838ab54 malloc-fail: Fix null deref in xmlSchemaParseWildcardNs 
Found with libFuzzer, see #344.
 2023-03-08 13:17:48 +01:00
Nick Wellnhofer
ba290a8663 malloc-fail: Fix memory leak in xmlSchemaItemListAddSize 
Found with libFuzzer, see #344.
 2023-03-08 13:17:47 +01:00
Nick Wellnhofer
0263b35756 malloc-fail: Fix null deref in xmlGet{Min,Max}Occurs 
Also report memory error in xmlSchemaGetNodeContent.

Found with libFuzzer, see #344.
 2023-03-08 13:17:47 +01:00
Nick Wellnhofer
cfbc1f48ee malloc-fail: Fix memory leak in xmlSchemaParse 
Found with libFuzzer, see #344.
 2023-03-08 13:17:47 +01:00
Nick Wellnhofer
0ce1f8427b schemas: Remove useless if statement 
bucket->origTargetNamespace is always NULL in this branch.

Fixes #481.
 2023-02-21 15:46:06 +01:00
Nick Wellnhofer
dd3569eaa5 Remove XMLDECL macro from .c files 2022-12-08 02:43:17 +01:00
Nick Wellnhofer
abb5a93fed schemas: Fix infinite loop in xmlSchemaCheckElemSubstGroup 
Types like xmlSchemaTypeAnyTypeDef have a base type pointing to itself,
resulting in an infinite loop.

Fixes #430.
 2022-11-02 10:55:29 +01:00
Nick Wellnhofer
b6f1298ae7 warnings: Remove set-but-unused variables 
Fixes compiler warnings with clang 15.
 2022-10-25 19:34:38 +02:00
Nick Wellnhofer
1d4f5d24ac schemas: Fix null-pointer-deref in xmlSchemaCheckCOSSTDerivedOK 
Found by OSS-Fuzz.
 2022-09-13 16:56:59 +02:00
Nick Wellnhofer
0f568c0b73 Consolidate private header files 
Private functions were previously declared

- in header files in the root directory
- in public headers guarded with IN_LIBXML
- in libxml.h
- redundantly in source files that used them.

Consolidate all private header files in include/private.
 2022-08-26 02:11:56 +02:00
Nick Wellnhofer
9a82b94a94 Introduce xmlNewSAXParserCtxt and htmlNewSAXParserCtxt 
Add API functions to create a parser context with a custom SAX handler
without having to mess with ctxt->sax manually.
 2022-08-24 14:07:55 +02:00
Nick Wellnhofer
a09c89545d Fix memory leak with invalid XSD 
xmlSchemaClearElemInfo can add new items to the "matcher" cache, so the
cache must be cleared after calling this function, not before. This
only seems to affect invalid XSDs.

Fixes #390.
 2022-08-15 12:19:25 +02:00
Nick Wellnhofer
3e7b4f37aa Avoid calling xmlSetTreeDoc 
Create text nodes with xmlNewDocText or set the document directly to
avoid xmlSetTreeDoc being called when the node is inserted.
 2022-06-20 01:49:39 +02:00
Damjan Jovanovic
2fe372a0aa Properly fold whitespace around the QName value when validating an XSD schema. 
(May also need fixing in other places.)

Issue: 239
 2022-03-02 14:22:36 +00:00
Nick Wellnhofer
346c3a930c Remove elfgcchack.h 
The same optimization can be enabled with -fno-semantic-interposition
since GCC 5. clang has always used this option by default.
 2022-02-20 21:49:04 +01:00
Nick Wellnhofer
1c7d91abe4 Fix handling of XSD with empty namespace 
An empty namespace means no default namespace.

Fixes #303.
 2022-02-03 23:31:19 +01:00
huangduirong
e4c91f7473 Fix Null-deref-in-xmlSchemaGetComponentTargetNs 2022-01-16 16:24:47 +01:00
Nick Wellnhofer
c35628a24c Revert "Make schema validation fail with multiple top-level elements" 
This reverts commit 4f2aee18f6.

Fixes #305.
 2022-01-15 18:18:22 +01:00
Nick Wellnhofer
8ca3a59b2e Fix integer overflow in xmlSchemaGetParticleTotalRangeMin 
The function is only used once and its return value is only checked for
zero. Disable the function like its Max counterpart and add an
implementation for the special case.

Found by OSS-Fuzz.
 2020-12-15 20:14:28 +01:00