diff options
Diffstat (limited to 'chromium/third_party/libxml/src/parserInternals.c')
-rw-r--r-- | chromium/third_party/libxml/src/parserInternals.c | 239 |
1 files changed, 125 insertions, 114 deletions
diff --git a/chromium/third_party/libxml/src/parserInternals.c b/chromium/third_party/libxml/src/parserInternals.c index c26ccdaa71a..f55700e562a 100644 --- a/chromium/third_party/libxml/src/parserInternals.c +++ b/chromium/third_party/libxml/src/parserInternals.c @@ -299,6 +299,10 @@ xmlParserInputGrow(xmlParserInputPtr in, int len) { if (in->cur == NULL) return(-1); if (in->buf->buffer == NULL) return(-1); + /* Don't grow memory buffers. */ + if ((in->buf->encoder == NULL) && (in->buf->readcallback == NULL)) + return(0); + CHECK_BUFFER(in); indx = in->cur - in->base; @@ -308,12 +312,15 @@ xmlParserInputGrow(xmlParserInputPtr in, int len) { return(0); } - if (in->buf->readcallback != NULL) { - ret = xmlParserInputBufferGrow(in->buf, len); - } else - return(0); + ret = xmlParserInputBufferGrow(in->buf, len); in->base = xmlBufContent(in->buf->buffer); + if (in->base == NULL) { + in->base = BAD_CAST ""; + in->cur = in->base; + in->end = in->base; + return(-1); + } in->cur = in->base + indx; in->end = xmlBufEnd(in->buf->buffer); @@ -353,7 +360,11 @@ xmlParserInputShrink(xmlParserInputPtr in) { ret = xmlBufShrink(in->buf->buffer, used - LINE_LEN); if (ret > 0) { used -= ret; - in->consumed += ret; + if ((ret > ULONG_MAX) || + (in->consumed > ULONG_MAX - (unsigned long)ret)) + in->consumed = ULONG_MAX; + else + in->consumed += ret; } } @@ -395,7 +406,7 @@ xmlNextChar(xmlParserCtxtPtr ctxt) return; } - if ((*ctxt->input->cur == 0) && + if ((ctxt->input->cur >= ctxt->input->end) && (xmlParserInputGrow(ctxt->input, INPUT_CHUNK) <= 0)) { return; } @@ -1020,128 +1031,125 @@ xmlSwitchInputEncodingInt(xmlParserCtxtPtr ctxt, xmlParserInputPtr input, xmlCharEncodingHandlerPtr handler, int len) { int nbchars; + xmlParserInputBufferPtr in; if (handler == NULL) return (-1); if (input == NULL) return (-1); - if (input->buf != NULL) { - ctxt->charset = XML_CHAR_ENCODING_UTF8; - - if (input->buf->encoder != NULL) { - /* - * Check in case the auto encoding detection triggered - * in already. - */ - if (input->buf->encoder == handler) - return (0); + in = input->buf; + if (in == NULL) { + xmlErrInternal(ctxt, + "static memory buffer doesn't support encoding\n", NULL); + /* + * Callers assume that the input buffer takes ownership of the + * encoding handler. xmlCharEncCloseFunc frees unregistered + * handlers and avoids a memory leak. + */ + xmlCharEncCloseFunc(handler); + return (-1); + } - /* - * "UTF-16" can be used for both LE and BE - if ((!xmlStrncmp(BAD_CAST input->buf->encoder->name, - BAD_CAST "UTF-16", 6)) && - (!xmlStrncmp(BAD_CAST handler->name, - BAD_CAST "UTF-16", 6))) { - return(0); - } - */ + ctxt->charset = XML_CHAR_ENCODING_UTF8; - /* - * Note: this is a bit dangerous, but that's what it - * takes to use nearly compatible signature for different - * encodings. - * - * FIXME: Encoders might buffer partial byte sequences, so - * this probably can't work. We should return an error and - * make sure that callers never try to switch the encoding - * twice. - */ - xmlCharEncCloseFunc(input->buf->encoder); - input->buf->encoder = handler; + if (in->encoder != NULL) { + /* + * Check in case the auto encoding detection triggered + * in already. + */ + if (in->encoder == handler) return (0); - } - input->buf->encoder = handler; /* - * Is there already some content down the pipe to convert ? + * Note: this is a bit dangerous, but that's what it + * takes to use nearly compatible signature for different + * encodings. + * + * FIXME: Encoders might buffer partial byte sequences, so + * this probably can't work. We should return an error and + * make sure that callers never try to switch the encoding + * twice. */ - if (xmlBufIsEmpty(input->buf->buffer) == 0) { - int processed; - unsigned int use; + xmlCharEncCloseFunc(in->encoder); + in->encoder = handler; + return (0); + } + in->encoder = handler; + /* + * Is there already some content down the pipe to convert ? + */ + if (xmlBufIsEmpty(in->buffer) == 0) { + size_t processed, use, consumed; + + /* + * Specific handling of the Byte Order Mark for + * UTF-16 + */ + if ((handler->name != NULL) && + (!strcmp(handler->name, "UTF-16LE") || + !strcmp(handler->name, "UTF-16")) && + (input->cur[0] == 0xFF) && (input->cur[1] == 0xFE)) { + input->cur += 2; + } + if ((handler->name != NULL) && + (!strcmp(handler->name, "UTF-16BE")) && + (input->cur[0] == 0xFE) && (input->cur[1] == 0xFF)) { + input->cur += 2; + } + /* + * Errata on XML-1.0 June 20 2001 + * Specific handling of the Byte Order Mark for + * UTF-8 + */ + if ((handler->name != NULL) && + (!strcmp(handler->name, "UTF-8")) && + (input->cur[0] == 0xEF) && + (input->cur[1] == 0xBB) && (input->cur[2] == 0xBF)) { + input->cur += 3; + } + + /* + * Shrink the current input buffer. + * Move it as the raw buffer and create a new input buffer + */ + processed = input->cur - input->base; + xmlBufShrink(in->buffer, processed); + input->consumed += processed; + in->raw = in->buffer; + in->buffer = xmlBufCreate(); + in->rawconsumed = processed; + use = xmlBufUse(in->raw); + + if (ctxt->html) { /* - * Specific handling of the Byte Order Mark for - * UTF-16 - */ - if ((handler->name != NULL) && - (!strcmp(handler->name, "UTF-16LE") || - !strcmp(handler->name, "UTF-16")) && - (input->cur[0] == 0xFF) && (input->cur[1] == 0xFE)) { - input->cur += 2; - } - if ((handler->name != NULL) && - (!strcmp(handler->name, "UTF-16BE")) && - (input->cur[0] == 0xFE) && (input->cur[1] == 0xFF)) { - input->cur += 2; - } - /* - * Errata on XML-1.0 June 20 2001 - * Specific handling of the Byte Order Mark for - * UTF-8 + * convert as much as possible of the buffer */ - if ((handler->name != NULL) && - (!strcmp(handler->name, "UTF-8")) && - (input->cur[0] == 0xEF) && - (input->cur[1] == 0xBB) && (input->cur[2] == 0xBF)) { - input->cur += 3; - } - + nbchars = xmlCharEncInput(in, 1); + } else { /* - * Shrink the current input buffer. - * Move it as the raw buffer and create a new input buffer + * convert just enough to get + * '<?xml version="1.0" encoding="xxx"?>' + * parsed with the autodetected encoding + * into the parser reading buffer. */ - processed = input->cur - input->base; - xmlBufShrink(input->buf->buffer, processed); - input->buf->raw = input->buf->buffer; - input->buf->buffer = xmlBufCreate(); - input->buf->rawconsumed = processed; - use = xmlBufUse(input->buf->raw); - - if (ctxt->html) { - /* - * convert as much as possible of the buffer - */ - nbchars = xmlCharEncInput(input->buf, 1); - } else { - /* - * convert just enough to get - * '<?xml version="1.0" encoding="xxx"?>' - * parsed with the autodetected encoding - * into the parser reading buffer. - */ - nbchars = xmlCharEncFirstLineInput(input->buf, len); - } - xmlBufResetInput(input->buf->buffer, input); - if (nbchars < 0) { - xmlErrInternal(ctxt, - "switching encoding: encoder error\n", - NULL); - return (-1); - } - input->buf->rawconsumed += use - xmlBufUse(input->buf->raw); + nbchars = xmlCharEncFirstLineInput(in, len); } - return (0); - } else { - xmlErrInternal(ctxt, - "static memory buffer doesn't support encoding\n", NULL); - /* - * Callers assume that the input buffer takes ownership of the - * encoding handler. xmlCharEncCloseFunc frees unregistered - * handlers and avoids a memory leak. - */ - xmlCharEncCloseFunc(handler); - return (-1); + xmlBufResetInput(in->buffer, input); + if (nbchars < 0) { + xmlErrInternal(ctxt, + "switching encoding: encoder error\n", + NULL); + return (-1); + } + consumed = use - xmlBufUse(in->raw); + if ((consumed > ULONG_MAX) || + (in->rawconsumed > ULONG_MAX - (unsigned long)consumed)) + in->rawconsumed = ULONG_MAX; + else + in->rawconsumed += consumed; } + return (0); } /** @@ -1236,7 +1244,7 @@ xmlNewInputStream(xmlParserCtxtPtr ctxt) { * the id is actually needed. */ if (ctxt != NULL) { - if (ctxt->input_id >= INT_MAX) { + if (input->id >= INT_MAX) { xmlErrMemory(ctxt, "Input ID overflow\n"); return(NULL); } @@ -1309,8 +1317,11 @@ xmlNewEntityInputStream(xmlParserCtxtPtr ctxt, xmlEntityPtr entity) { break; case XML_EXTERNAL_GENERAL_PARSED_ENTITY: case XML_EXTERNAL_PARAMETER_ENTITY: - return(xmlLoadExternalEntity((char *) entity->URI, - (char *) entity->ExternalID, ctxt)); + input = xmlLoadExternalEntity((char *) entity->URI, + (char *) entity->ExternalID, ctxt); + if (input != NULL) + input->entity = entity; + return(input); case XML_INTERNAL_GENERAL_ENTITY: xmlErrInternal(ctxt, "Internal entity %s without content !\n", @@ -1341,6 +1352,7 @@ xmlNewEntityInputStream(xmlParserCtxtPtr ctxt, xmlEntityPtr entity) { input->cur = entity->content; input->length = entity->length; input->end = &entity->content[input->length]; + input->entity = entity; return(input); } @@ -1639,7 +1651,6 @@ xmlInitSAXParserCtxt(xmlParserCtxtPtr ctxt, const xmlSAXHandler *sax, ctxt->depth = 0; ctxt->charset = XML_CHAR_ENCODING_UTF8; ctxt->catalogs = NULL; - ctxt->nbentities = 0; ctxt->sizeentities = 0; ctxt->sizeentcopy = 0; ctxt->input_id = 1; |