'compression' is another unused member in struct _xmlDoc which is even
better suited to store ownership status. More importantly, this frees up
the 'psvi' member.
This changes the public API but this feature is only required to
implement EXSLT functions.
Remove includes of "config.h", <libxslt/xsltconfig.h> and
<libxml/xmlversion.h> in libexslt C sources since they are
already included with "libexslt/libexslt.h".
exsltFuncFunctionFunction handles XPath extension functions and is called
from the XPath engine. Since evaluation of function templates can change
the XPath context node, it must be backed up to avoid corruption.
Without proper backup, evaluating certain content in function templates
could also result in use-after-free errors.
It seems that libxml2 commit 029d0e96 helped to expose the error.
Fixes#11.
If a variable with a "select" expression calls an EXSLT func:function,
the context variable must be restored before evaluating the function
result. This makes sure that the RVTs in the result will be moved to
the context variable's fragment list when they're released in
xsltReleaseLocalRVTs or xsltReleaseLocalRVTs.
Thanks to Nikolai Weibull for the report.
The RVTs referenced from function results must not be blindly registered
as local, as they might be part of variables from an outer scope. Remove
LOCAL/VARIABLE distinction for RVTs. Don't register as local RVT
unconditionally when reflagging as LOCAL. Instead, register function
result RVTs from inner variables as local RVTs when they're released in
xsltFreeStackElem. Keep local function result RVTs xsltReleaseLocalRVTs
instead of reregistering.
Closes: https://gitlab.gnome.org/GNOME/libxslt/issues/2
Thanks to Daniel Mendler and Martin Gieseking for the reports.
Set the context variable to NULL when evaluating EXSLT functions.
Fixes potential use-after-free errors or memory leaks.
Fixes bug 792580. Thanks to Clemens Gutweiler for the report.
https://bugzilla.gnome.org/show_bug.cgi?id=792580
Similar to the previous fix to exsltFuncFunctionFunction,
exsltFuncResultElem also has to get the current node from the transform
context instead of the XPath context.
Thanks to Nicolas Gregoire for the report.
Fixes bug 786989.
Get the current node from the transform context. The current node in
the XPath context isn't guaranteed to be preserved when evaluating the
function template and could point to an invalid address.
Thanks to Nicolas Gregoire for the report.
Fixes bug 785589.
This fixes a regression introduced when consolidating recursion checks
in commit 1c8e0e5. When a function is called recursively during
evaluation of its arguments, the recursion check in
xsltApplySequenceConstructor is never reached. Readd recursion check
in exsltFuncFunctionFunction but use the template depth counter.
Fixes bug #777293:
https://bugzilla.gnome.org/show_bug.cgi?id=777293
Move the check for potentially infinite recursion to
xsltApplySequenceConstructor. In this function, both template and
func:function calls can be handled. This also checks for the following
case of infinite recursion in attribute sets found with afl-fuzz:
<x:attribute-set name="set">
<x:attribute name="attr">
<elem x:use-attribute-sets="set"/>
</x:attribute>
</x:attribute-set>
Rename funcLevel to depth and check against maxTemplateDepth. I hope it
isn't a problem to rename an internal struct item.
The psvi slot of RVTs documents is used to store ownership information.
XSLT_RVT_LOCAL for RVTs that are destroyed after the current instructions
ends.
XSLT_RVT_VARIABLE for RVTs that are part of a local variable and are
destroyed after the variable goes out of scope.
XSLT_RVT_FUNC_RESULT for RVTs that are part of results returned with
func:result. These RVTs won't be destroyed after exiting a template and
will be reset to XSLT_RVT_LOCAL or XSLT_RVT_VARIABLE in the template
that receives the return value.
XSLT_RVT_GLOBAL for RVTs that are part of a global variable.
The function xsltFlagRVTs is used for the following ownership
transitions:
- LOCAL or VARIABLE to FUNC_RESULT when returning a value with
func:result.
- FUNC_RESULT to LOCAL or VARIABLE when receiving a func:result.
- LOCAL to GLOBAL after evaluating global variables or parameters.
This obsoletes the element localRVTBase in the context struct and the
xsltExtensionInstructionResultRegister function. Aside from the
func:result implementation, the only reason for the old mechanism was
to protect RVTs (which can only be returned from extension functions)
in global variables from being destroyed too early. This is done
automatically now, so there's no need for extension authors to call
this function anymore.
The function xsltExtensionInstructionResultFinalize is unsupported
now. To the best of my knowledge, it isn't used outside of libxslt.
Another benefit is that, in some cases, RVTs are freed earlier now.
Also fixes bug #602531.
For https://bugzilla.gnome.org/show_bug.cgi?id=680920
If the first child of a func:function template is xslt:text, it will be
removed by xsltParseTemplateContent. So xsltParseTemplateContent should
be called before setting func->content to the first child.
* libxslt/xsltInternals.h libexslt/functions.c: add a function call
counting in the transformation context, and test/increment/decrement
in exsltFuncFunctionFunction enter and exit
* libexslt/functions.c: further enhancement to the original
fix for bug #381319 (which was not correct).
* tests/exslt/functions: minor enhancement to function.9.xsl;
function.10.[xsl,xml,out] added to regression tests to check
recursive calls.
* libexslt/functions.c: changed handling of function params
to fix bug #381319
* libxslt/transform.[ch]: exposed xsltLocalVariablePush and
xsltLocalVariablePop as global entries so that they could
be used from within libexslt/functions.c
* tests/exslt/functions/function.9.[xsl,xml,out] added to
regression tests
* libxslt/transform.c: Fixed problem with cleanup of RVT's, should
clear bug350085; cleaned up most warnings (still a problem in
xsltShallowCopyNsNode)
* trivial warning cleanup in libxslt/[extensions.c, namespaces.c,
xslt.c and xsltInternals.h] and libexslt/functions.c
* libxslt/attributes.c libxslt/documents.c
libxslt/functions.c libxslt/keys.c libxslt/namespaces.c
libxslt/pattern.c libxslt/preproc.c libxslt/templates.c
libxslt/templates.h libxslt/transform.c
libxslt/variables.c libxslt/xslt.c
libxslt/xsltInternals.h libxslt/xsltutils.c
libxslt/xsltutils.h libexslt/common.c libexslt/dynamic.c
libexslt/functions.c libexslt/strings.c:
Committing again, since I forgot to switch from win to linux
linebreaks in the files.
* libxslt/attributes.c libxslt/documents.c
libxslt/functions.c libxslt/keys.c libxslt/namespaces.c
libxslt/pattern.c libxslt/preproc.c libxslt/templates.c
libxslt/templates.h libxslt/transform.c libxslt/variables.c
libxslt/xslt.c libxslt/xsltInternals.h libxslt/xsltutils.c
libxslt/xsltutils.h libexslt/common.c libexslt/dynamic.c
libexslt/functions.c libexslt/strings.c:
Refactored xsltValueOf(). Changed to use xmlXPathCastToString()
directly, rather than creating an intermediate object with
xmlXPathConvertString(). This now does not add a text-node to
the result if the string is empty (this has impact on
serialization, since an empty text-node is serialized as
<foo></foo>, and now it will be serialized as <foo/>).
Refactored other functions in transform.c:
Mostly code cleanup/restructuring. Minimized number of
function variables for instruction which eat up function stack
memory when recursing templates (xsltIf(), xsltChoose(),
xsltApplyTemplates(), xsltCallTemplate()).
Changed XSLT tests to use xmlXPathCompiledEvalToBoolean().
Implemented redefinition checks at compilation-time and
eliminating them at transformation time in the refactored code
paths.
Introduced the field @currentTemplateRule on xsltTransformContext to
reflect the "Current Template Rule" as defined by the spec.
NOTE that ctxt->currentTemplateRule and ctxt->templ is not the
same; the former is the "Current Template Rule" as defined by the
XSLT spec, the latter is simply the template struct being
currently processed by Libxslt.
Added XML_COMMENT_NODE and XML_CDATA_SECTION_NODE to the macro
IS_XSLT_REAL_NODE.
Misc code cleanup/restructuring and everything else I already forgot.
Refactored lifetime of temporary result tree fragments.
Substituted all calls to the now deprecated xsltRegisterTmpRVT()
for the new xsltRegisterLocalRVT().
Fragments of xsl:variable and xsl:param are freed when the
variable/pram is freed.
Fragments created when evaluating a "select" of xsl:varible and
xsl:param are also bound to the lifetime of the var/param.
EXSLT's func:function now uses the following functions to let take
care the transformation's garbage collector of returned tree
fragments:
xsltExtensionInstructionResultRegister(),
xsltExtensionInstructionResultFinalize()
Fixes:
#339222 - xsl:param at invalid position inside an xsl:template is
not catched
#346015 - Non-declared caller-parameters are accepted
#160400 - Compiles invalid XSLT; unbound variable accepted
#308441 - namespaced parameters become unregistered
#307103 - problem with proximity position in predicates of match
patterns
#328218 - problem with exsl:node-set() when converting strings
to node sets
#318088 - infinite recursion detection
#321505 - Multiple contiguous CDATA in output
#334493 - "--param" option does not have root context
#114377 - weird func:result/xsl:variable/exsl:node-set interaction
#150309 - Regression caused by fix for 142768
* libxslt/xsltInternals.h libxslt/attributes.c
libxslt/documents.c libxslt/extensions.c
libxslt/extensions.h libxslt/functions.c
libxslt/imports.c libxslt/keys.c libxslt/preproc.c
libxslt/transform.c libxslt/variables.c libxslt/xslt.c
libxslt/xsltutils.c libxslt/xsltutils.h libexslt/functions.c:
Next step of refactoring (plus some bug-fixes).
For more details see #340780.
* libexslt/crypto.c, libexslt/functions.c, libxslt/keys.c,
libxslt/numbers.c, libxslt/pattern.c, libxslt/transform.c,
libxslt/variables.c: changed some variable names for warning
cleanup when -ansi flag is not present.
* libxslt/namespaces.c: fixed potential NULL pointer reference
pointed out by Dennis Dams (bug 156187)
* configure.in, config.h.in, libexslt/date.c: changed date.c to use
gmtime_r if available (bug 129983)
* libexslt/functions.c: fixed a namespace problem concerning a
function with a namespace-qualified name (bug 155197)
* libexslt/functions.c: applied patch for param visibility from
Shaun McCance. Changed variable scoping in accordance with
Shaun's suggestions. This fixed problem reported on the list
by Bernd Lang
* tests/exslt/functions/function.8.[xml,xsl,out], Makefile.am:
regression test for above
* xsltproc/Makefile.am libxslt/libxslt.h libxslt/numbersInternals.h
libexslt/*.c configure.in: applied patch from Mikhail Grushinskiy
for compilation with MingW compiler on Windows.
Daniel
* libxslt/transform.c libxslt/variables.c libxslt/xsltInternals.h:
cleaning up Result Value Tree handling
* libexslt/functions.c libexslt/strings.c: fixed a pair of
implementations.
* tests/exslt/strings/Makefile.am tests/exslt/strings/tokenize.2.*:
added Mark Vakoc test combining for-each and exslt:tokenize
Daniel
* configure.in: preparing 1.0.14
* doc/*: updated rebuilt
* libxslt/*.c libexslt/*.c libxslt/libxslt.h libexslt/libexslt.h:
implemented the IN_LIBXSLT and IN_LIBEXSLT mechanism discussed
with the Windows maintainers
Daniel
* libxslt/extensions.c: fixed bug #73791 related to extension
function declared in included stylesheets
* tests/exslt/functions/function.7.*: added specific test
Daniel
