summaryrefslogtreecommitdiff
path: root/xmlstring.c
Commit message (Collapse)AuthorAgeFilesLines
* malloc-fail: Don't call xmlErrMemory in xmlstring.cNick Wellnhofer2023-01-241-5/+0
| | | | | | | | | | Functions like xmlStrdup are called in the error handling code (__xmlRaiseError) which can cause problems like use-after-free or infinite loops when invoked recursively. Calling xmlErrMemory without a context argument isn't helpful anyway. Found with libFuzzer, see #344.
* Remove XMLDECL macro from .c filesNick Wellnhofer2022-12-081-1/+1
|
* Remove or annotate char castsNick Wellnhofer2022-09-011-0/+1
|
* Don't use sizeof(xmlChar) or sizeof(char)Nick Wellnhofer2022-09-011-11/+11
|
* Consolidate private header filesNick Wellnhofer2022-08-261-0/+3
| | | | | | | | | | | Private functions were previously declared - in header files in the root directory - in public headers guarded with IN_LIBXML - in libxml.h - redundantly in source files that used them. Consolidate all private header files in include/private.
* Update `xmlStrlen()` to use POSIX / ISO C `strlen()`Mike Dalessio2022-02-261-7/+1
| | | | | | This should be faster on a wide range of platforms. Closes #212
* Remove elfgcchack.hNick Wellnhofer2022-02-201-2/+0
| | | | | The same optimization can be enabled with -fno-semantic-interposition since GCC 5. clang has always used this option by default.
* Avoid potential integer overflow in xmlstring.cNick Wellnhofer2022-01-281-28/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | For historical reasons, the string API operates with int indices which can overflow, especially on 64-bit systems. libxml2 always made the tacit assumption that strings will be never larger than INT_MAX bytes. It should be considered a bug if any part of the code can produce larger strings, whether they are externally visible or not. Likewise, API users are expected not to supply strings larger than INT_MAX bytes. This requirement isn't documented. But even if it was, we must handle larger strings passed in by accident without causing memory errors. - xmlStrndup, xmlCharStrndup, xmlUTF8Strndup Avoid integer overflow if len == INT_MAX. - xmlStrlen, xmlUTF8Strsize, xmlUTF8Strloc Avoid integer overflow by using size_t for index. If an input string larger than INT_MAX bytes is detected, these functions now return 0 instead of a wrong and possibly negative value. - xmlCheckUTF8 Avoid integer overflow by limiting index range. - xmlStrncat, xmlStrncatNew, xmlEscapeFormatString Avoid integer overflow. Return NULL instead of producing strings larger than INT_MAX bytes.
* Fix integer conversion warnings in xmlstring.cNick Wellnhofer2022-01-251-6/+6
| | | | | Use an int to avoid an integer conversion warning with UBSan when left-shifting a char.
* Use strcmp when fuzzingNick Wellnhofer2020-08-081-9/+12
| | | | This should improve data-flow-guided fuzzing.
* Documentation fixesNick Wellnhofer2017-06-181-3/+4
| | | | Fixes bug 347465, bug 599433, bug 624550, bug 698253.
* Spelling and grammar fixesNick Wellnhofer2017-06-171-1/+1
| | | | | Fixes bug 743172, bug 743489, bug 769632, bug 782400 and a few other misspellings.
* More format string warnings with possible format string vulnerabilityDavid Kilzer2016-05-231-0/+55
| | | | | | | For https://bugzilla.gnome.org/show_bug.cgi?id=761029 adds a new xmlEscapeFormatString() function to escape composed format strings
* Fix some format string warnings with possible format string vulnerabilityDavid Kilzer2016-05-231-2/+2
| | | | | | | | For https://bugzilla.gnome.org/show_bug.cgi?id=761029 Decorate every method in libxml2 with the appropriate LIBXML_ATTR_FORMAT(fmt,args) macro and add some cleanups following the reports.
* Bug 763071: heap-buffer-overflow in xmlStrncat ↵CVE-2016-1834Pranjal Jumde2016-05-221-1/+8
| | | | | | | | <https://bugzilla.gnome.org/show_bug.cgi?id=763071> * xmlstring.c: (xmlStrncat): Return NULL if xmlStrlen returns a negative length. (xmlStrncatNew): Ditto.
* Fix OOB read with invalid UTF-8 in xmlUTF8StrsizeNick Wellnhofer2016-04-231-1/+1
| | | | | | | | | | | With certain invalid UTF-8, xmlUTF8Strsize can read up to 6 bytes beyond the end of the string and return the wrong size. This means that in xmlUTF8Strndup and similar code, some content behind the string is copied. But since the terminating \0 is copied as well, this probably can't be exploited to leak sensitive information. Found by afl-fuzz and ASan.
* Big space and tab cleanupDaniel Veillard2012-09-111-17/+17
| | | | Remove all space before tabs and space and tabs at end of lines.
* Both args of xmlStrcasestr are constDaniel Veillard2009-08-121-1/+1
| | | | | * include/libxml/xmlstring.h xmlstring.c: fix the constness of the second arg of xmlStrcasestr()
* Fixed xmlStrEqual() doc, DanielDaniel Veillard2005-12-221-1/+1
|
* Fixed a segfault during text concatenation when validating a node tree:Kasimier T. Buchcik2005-12-201-3/+7
| | | | | | | | | | | * xmlschemas.c xmlstring.c: Fixed a segfault during text concatenation when validating a node tree: xmlStrncat was called with a @len of -1; but unlike xmlStrncatNew, it does not calculate the length automatically in such a case (reported by Judy Hay on the mailing list). Updated the descriptions of the involved string functions to note this.
* fixed a number of warnings shown by HP-UX compiler and reported by RickDaniel Veillard2005-12-101-1/+1
| | | | | | | * HTMLparser.c configure.in parserInternals.c runsuite.c runtest.c testapi.c xmlschemas.c xmlschemastypes.c xmlstring.c: fixed a number of warnings shown by HP-UX compiler and reported by Rick Jones Daniel
* applied a patch from Marcus Boerger to fix problems with callingDaniel Veillard2005-07-211-1/+1
| | | | | | | | | | | | * error.c globals.c parser.c runtest.c testHTML.c testSAX.c threads.c valid.c xmllint.c xmlreader.c xmlschemas.c xmlstring.c xmlwriter.c include/libxml/parser.h include/libxml/relaxng.h include/libxml/valid.h include/libxml/xmlIO.h include/libxml/xmlerror.h include/libxml/xmlexports.h include/libxml/xmlschemas.h: applied a patch from Marcus Boerger to fix problems with calling conventions on Windows this should fix #309757 Daniel
* revamped the elfgcchack.h format to cope with gcc4 change of aliasingDaniel Veillard2005-04-011-0/+3
| | | | | | | | | | | * doc/apibuild.py doc/elfgcchack.xsl: revamped the elfgcchack.h format to cope with gcc4 change of aliasing allowed scopes, had to add extra informations to doc/libxml2-api.xml to separate the header from the c module source. * *.c: updated all c library files to add a #define bottom_xxx and reimport elfgcchack.h thereafter, and a bit of cleanups. * doc//* testapi.c: regenerated when rebuilding the API Daniel
* reset input->base within xmlStopParser removed call to xmlUTF8Strlen fromWilliam M. Brack2004-12-201-1/+1
| | | | | | | * parser.c: reset input->base within xmlStopParser * xmlstring.c: removed call to xmlUTF8Strlen from within xmlUTF8Strpos (Bill Moseley pointed out it was not useful)
* more fixes. DanielDaniel Veillard2004-11-081-2/+7
| | | | | * parser.c testapi.c xmlIO.c xmlstring.c: more fixes. Daniel
* autogenerate a minimal NULL value sequence for unknown pointer types ThisDaniel Veillard2004-11-051-1/+4
| | | | | | | | | | | | * gentest.py testapi.c: autogenerate a minimal NULL value sequence for unknown pointer types * HTMLparser.c SAX2.c chvalid.c encoding.c entities.c parser.c parserInternals.c relaxng.c valid.c xmlIO.c xmlreader.c xmlsave.c xmlschemas.c xmlschemastypes.c xmlstring.c xpath.c xpointer.c: This uncovered an impressive amount of entry points not checking for NULL pointers when they ought to, closing all the open gaps. Daniel
* more testing and coverage more cleanups rebuilt DanielDaniel Veillard2004-11-021-1/+3
| | | | | | | * gentest.py testapi.c: more testing and coverage * elfgcchack.h xmlstring.c include/libxml/xmlstring.h: more cleanups * doc/*: rebuilt Daniel
* adding xmlMemBlocks() work on generator of an automatic API regressionDaniel Veillard2004-11-021-1/+3
| | | | | | | | | | | * xmlmemory.c include/libxml/xmlmemory.h: adding xmlMemBlocks() * Makefile.am gentest.py testapi.c: work on generator of an automatic API regression test tool. * SAX2.c nanoftp.c parser.c parserInternals.c tree.c xmlIO.c xmlstring.c: various API hardeing changes as a result of running teh first set of automatic API regression tests. * test/slashdot16.xml: apparently missing from CVS, commited it Daniel
* added code to handle <group>, including dumping to output (bug 151924).William M. Brack2004-10-061-1/+1
| | | | | | | * catalog.c: added code to handle <group>, including dumping to output (bug 151924). * xmlcatalog.c, xmlstring.c, parser.c: minor compiler warning cleanup (no change to logic)
* modified comments on xmlGetUTF8Char in response to bug 151760 (no changeWilliam M. Brack2004-09-031-4/+6
| | | | | * xmlstring.c: modified comments on xmlGetUTF8Char in response to bug 151760 (no change to logic)
* fixed error reported on the list caused by my last changeWilliam M. Brack2004-08-311-1/+1
| | | | | * xmlstring.c: fixed error reported on the list caused by my last change
* fixed bug introduced during OOM fixup causing problems with defaultWilliam M. Brack2004-08-311-34/+18
| | | | | | | | | | * SAX2.c: fixed bug introduced during OOM fixup causing problems with default namespace when a named prefix with the same href was present (reported on the mailing list by Karl Eichwalder. * xmlstring.c: modified xmlCheckUTF8 with suggested code from Julius Mittenzwei. * dict.c: added a typecast to try to avoid problem reported by Pascal Rodes.
* fixed a problem with xmlCheckUTF8 reported on the mailing list by JuliusWilliam M. Brack2004-08-281-3/+26
| | | | | * xmlstring.c: fixed a problem with xmlCheckUTF8 reported on the mailing list by Julius Mittenzwei
* Dodji pointed out a bug in xmlGetNodePath() applied patch from Albert ChinDaniel Veillard2004-08-141-1/+1
| | | | | | | | | | | | | | | * tree.c: Dodji pointed out a bug in xmlGetNodePath() * xmlcatalog.c: applied patch from Albert Chin to add a --no-super-update option to xmlcatalog see #145461 and another patch also from Albert Chin to not crash on -sgml --del without args see #145462 * Makefile.am: applied another patch from Albert Chin to fix a problem with diff on Solaris #145511 * xmlstring.c: fix xmlCheckUTF8() according to the suggestion in bug #148115 * python/libxml.py: apply fix from Marc-Antoine Parent about the errors in libxml(2).py on the node wrapper #135547 Daniel
* some parser optimizations, xmllint --memory --timing --repeat --streamDaniel Veillard2004-01-121-0/+5
| | | | | | | * dict.c parser.c xmlstring.c: some parser optimizations, xmllint --memory --timing --repeat --stream ./db10000.xml went down from 16.5 secs to 15.5 secs. Daniel
* moved string and UTF8 routines out of parser.c and encoding.c into a newWilliam M. Brack2004-01-061-0/+951
* encoding.c, parser.c, xmlstring.c, Makefile.am, include/libxml/Makefile.am, include/libxml/catalog.c, include/libxml/chvalid.h, include/libxml/encoding.h, include/libxml/parser.h, include/libxml/relaxng.h, include/libxml/tree.h, include/libxml/xmlwriter.h, include/libxml/xmlstring.h: moved string and UTF8 routines out of parser.c and encoding.c into a new module xmlstring.c with include file include/libxml/xmlstring.h mostly using patches from Reid Spencer. Since xmlChar now defined in xmlstring.h, several include files needed to have a #include added for safety. * doc/apibuild.py: added some additional sorting for various references displayed in the APIxxx.html files. Rebuilt the docs, and also added new file for xmlstring module. * configure.in: small addition to help my testing; no effect on normal usage. * doc/search.php: added $_GET[query] so that persistent globals can be disabled (for recent versions of PHP)
View Lorry Controller Status