| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
This reverts commit 79c8a6b which caused a serious regression in
streaming mode.
Also reverts part of commit 52ceced "Fix infinite loops with push
parser in recovery mode".
Fixes bug 786554.
|
|
|
|
|
|
|
|
|
| |
When expanding a parameter entity in a DTD, infinite recursion could
lead to an infinite loop or memory exhaustion.
Thanks to Wei Lei for the first of many reports.
Fixes bug 759579.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure to finish all entities in the internal subset. Nevertheless,
readd a sanity check in xmlParseStartTag2 that was lost in my previous
commit. Also add a sanity check in xmlPopInput. Popping an input
unexpectedly was the source of many recent memory bugs. The check
doesn't mitigate such issues but helps with diagnosis.
Always base entity boundary checks on the input ID, not the input
pointer. The pointer could have been reallocated to the old address.
Always throw a well-formedness error if a boundary check fails. In a
few places, a validity error was thrown.
Fix a few error codes and improve indentation.
|
|
|
|
|
|
|
|
| |
Before, truncated UTF-8 sequences at the end of a file were treated as
EOF. Create an error message containing the offending bytes.
xmlStringCurrentChar would also print characters from the input stream,
not the string it's working on.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For https://bugzilla.gnome.org/show_bug.cgi?id=759573
* parser.c:
(xmlParseElementDecl): Return early on invalid input to fix
non-minimized test case (759573-2.xml). Otherwise the parser
gets into a bad state in SKIP(3) at the end of the function.
(xmlParseConditionalSections): Halt parsing when hitting invalid
input that would otherwise caused xmlParserHandlePEReference()
to recurse unexpectedly. This fixes the minimized test case
(759573.xml).
* result/errors/759573-2.xml: Add.
* result/errors/759573-2.xml.err: Add.
* result/errors/759573-2.xml.str: Add.
* result/errors/759573.xml: Add.
* result/errors/759573.xml.err: Add.
* result/errors/759573.xml.str: Add.
* test/errors/759573-2.xml: Add.
* test/errors/759573.xml: Add.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For https://bugzilla.gnome.org/show_bug.cgi?id=759020
* parser.c:
(xmlParseStartTag2): Attribute strings are only valid if the
base does not change, so add another check where the base may
change. Make sure to set 'attvalue' to NULL after freeing it.
* result/errors/759020.xml: Added.
* result/errors/759020.xml.err: Added.
* result/errors/759020.xml.str: Added.
* test/errors/759020.xml: Added test case.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
<https://bugzilla.gnome.org/show_bug.cgi?id=759398>
* parser.c:
(xmlParseNCNameComplex): Store start position instead of a
pointer to the name since the underlying buffer may change,
resulting in a stale pointer being used.
* result/errors/759398.xml: Added.
* result/errors/759398.xml.err: Added.
* result/errors/759398.xml.str: Added.
* test/errors/759398.xml: Added test case.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
<https://bugzilla.gnome.org/show_bug.cgi?id=758588>
* parser.c:
(xmlParseEndTag2): Add bounds checks before dereferencing
ctxt->input->cur past the end of the buffer, or incrementing the
pointer past the end of the buffer.
* result/errors/758588.xml: Add test result.
* result/errors/758588.xml.err: Ditto.
* result/errors/758588.xml.str: Ditto.
* test/errors/758588.xml: Add regression test.
|
|
|
|
|
|
|
| |
For https://bugzilla.gnome.org/show_bug.cgi?id=754947
The checking function was returning incorrect args in some cases
Adds the test to teh reg suite and fix one of the existing test output
|
|
|
|
|
|
|
|
| |
For https://bugzilla.gnome.org/show_bug.cgi?id=754946
When hitting the end of the current input buffer while parsing
a name we could end up loosing the beginning of the name, which
led to various issues.
|
|
|
|
|
|
|
|
|
| |
Unless explicietely asked for when validating or replacing entities
with their value. Problem pointed out by Tom Lane <tgl@redhat.com>
* parser.c: do not load external parsed entities unless needed
* test/errors/extparsedent.xml result/errors/extparsedent.xml*:
add a regression test to avoid change of the behaviour in the future
|
|
|
|
|
|
|
|
|
|
|
| |
* uri.c include/libxml/uri.h: rewrite the URI parser to update to
rfc3986 (from 2396)
* test/errors/webdav.xml result/errors/webdav.xml*: removed the
error test, 'DAV:' is a correct URI under 3986
* Makefile.am: small cleanup in make check
Daniel
svn path=/trunk/; revision=3763
|
|
|
|
|
|
|
|
|
|
| |
* parser.c: fix a memeory leak in internal subset parsing with
a fix from Ashwin
* test/errors/content1.xml result/errors/content1.xml*:
add test to regressions
Daniel
svn path=/trunk/; revision=3680
|
|
|
|
|
|
|
|
|
|
| |
* parser.c: fixed a parser bug where invalid char in comment may
not be detected, reported by Ashwin Sinha
* test/errors/comment1.xml result/errors/comment1.xml*: added
the example to the regression suite
Daniel
svn path=/trunk/; revision=3647
|
|
|
|
|
|
|
|
|
|
| |
* parser.c: fix bug #414846 where invalid characters in attributes
would sometimes not be detected.
* test/errors/attr4.xml result/errors/attr4.xml*: added a specific
test case to the regression tests
Daniel
svn path=/trunk/; revision=3634
|
|
|
|
|
|
|
| |
* parser.c: fixed problem with free on dupl attribute in
dtd (bug309637).
* test/errors/attr3.xml, result/errors/attr3.*: added
regression test for this
|
|
|
|
|
|
|
|
| |
* parser.c: fixed a bug failing to detect UTF-8 violations in
CData in push mode.
* result/errors/cdata.xml* test/errors/cdata.xml: added the test
to the regressions
Daniel
|
|
|
|
|
|
|
|
|
| |
* parser.c: fixed bug #164556 where non-fatal errors stopped
push parsing and xmlreader.
* Makefile.am: fixup
* test/errors/webdav.xml result/errors/webdav*: adding regression
test for this problem.
Daniel
|
|
|
|
|
|
|
|
| |
* parser.c: fixed a bug where invalid charrefs may not be detected
sometimes as pointed by Morus Walter.
* test/errors/charref1.xm result/errors/charref1.xml*: added the
test in the regression suite.
Daniel
|
|
|
|
|
| |
Beuah !
Daniel
|
|
|