From d83fc3afd5e37d969d5b634a7b9b12ebec4428ee Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Tue, 12 May 2020 22:06:34 +0200
Subject: [PATCH 1/4] Travis: Install a find(1) better than that of macOS

---
 .travis.sh | 1 +
 Brewfile   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/.travis.sh b/.travis.sh
index 44fcf604..bcf6c089 100755
--- a/.travis.sh
+++ b/.travis.sh
@@ -34,6 +34,7 @@ if [[ ${TRAVIS_OS_NAME} = osx ]]; then
     latest_brew_python3_bin="$(ls -1d /usr/local/Cellar/python/3.*/bin | sort -n | tail -n1)"
     export PATH="${latest_brew_python3_bin}${PATH:+:}${PATH}"
     export PATH="/usr/local/opt/coreutils/libexec/gnubin${PATH:+:}${PATH}"
+    export PATH="/usr/local/opt/findutils/libexec/gnubin${PATH:+:}${PATH}"
 elif [[ ${TRAVIS_OS_NAME} = linux ]]; then
     export PATH="/usr/lib/llvm-9/bin:${PATH}"
 fi
diff --git a/Brewfile b/Brewfile
index 98a87fd7..c2edcc1f 100644
--- a/Brewfile
+++ b/Brewfile
@@ -5,6 +5,7 @@ brew "coreutils"
 brew "cppcheck"
 brew "docbook2x"
 brew "dos2unix"
+brew "findutils"
 brew "gcc"
 brew "gettext"
 brew "ghostscript"

From e4262a282e87667de583956c68063630b3943b5e Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Tue, 12 May 2020 21:50:08 +0200
Subject: [PATCH 2/4] Travis: Improve call to cppcheck

This adds:
- argument --force
- blacklists .c files that are ment to be included, only
- printing the version of cppcheck
---
 .travis.sh | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/.travis.sh b/.travis.sh
index bcf6c089..3da8d6a8 100755
--- a/.travis.sh
+++ b/.travis.sh
@@ -60,7 +60,19 @@ elif [[ ${MODE} = cmake-oos ]]; then
     make DESTDIR="${PWD}"/ROOT install
     find ROOT -printf "%P\n" | sort
 elif [[ ${MODE} = cppcheck ]]; then
-    cppcheck --quiet --error-exitcode=1 .
+    cppcheck --version
+    find_args=(
+        -type f \(
+            -name \*.cpp
+            -o -name \*.c
+        \)
+        -not \(  # Exclude .c files that are merely included by other files
+            -name xmltok_ns.c
+            -o -name xmltok_impl.c
+        \)
+        -exec cppcheck --quiet --error-exitcode=1 --force {} +
+    )
+    find "${find_args[@]}"
 elif [[ ${MODE} = clang-format ]]; then
     ./apply-clang-format.sh
     git diff --exit-code

From 13bb381d296ef8da09a3f00f5b23724b5deb6a38 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Wed, 27 May 2020 20:28:06 +0200
Subject: [PATCH 3/4] xmlparse.c: Fix reading uninitialized variable (#404)

---
 expat/Changes        | 3 +++
 expat/lib/xmlparse.c | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/expat/Changes b/expat/Changes
index f76046d5..2a64a848 100644
--- a/expat/Changes
+++ b/expat/Changes
@@ -6,6 +6,7 @@ Release x.x.x xxx xxxxxxxxx xx xxxx
         Bug fixes:
   #390 #395 #398  Fix undefined behavior during parsing caused by
                     pointer arithmetic with NULL pointers
+            #404  Fix reading uninitialized variable during parsing
 
         Other changes:
             #396  Windows: Drop support for Visual Studio <=8.0/2005
@@ -41,6 +42,8 @@ Release x.x.x xxx xxxxxxxxx xx xxxx
             Maciej Sroczyński
             Mohammed Khajapasha
             Vadim Zeitlin
+                 and
+            Cppcheck 2.0 and the Cppcheck team
 
 Release 2.2.9 Wed September 25 2019
         Other changes:
diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
index 849411ce..492ae5e1 100644
--- a/expat/lib/xmlparse.c
+++ b/expat/lib/xmlparse.c
@@ -3592,7 +3592,7 @@ doCdataSection(XML_Parser parser, const ENCODING *enc, const char **startPtr,
   *startPtr = NULL;
 
   for (;;) {
-    const char *next;
+    const char *next = s; /* in case of XML_TOK_NONE or XML_TOK_PARTIAL */
     int tok = XmlCdataSectionTok(enc, s, end, &next);
     *eventEndPP = next;
     switch (tok) {
@@ -3710,7 +3710,7 @@ ignoreSectionProcessor(XML_Parser parser, const char *start, const char *end,
 static enum XML_Error
 doIgnoreSection(XML_Parser parser, const ENCODING *enc, const char **startPtr,
                 const char *end, const char **nextPtr, XML_Bool haveMore) {
-  const char *next;
+  const char *next = *startPtr; /* in case of XML_TOK_NONE or XML_TOK_PARTIAL */
   int tok;
   const char *s = *startPtr;
   const char **eventPP;

From f027055f9d5b9f90bd6cd74c85e3401ab9ab44c2 Mon Sep 17 00:00:00 2001
From: Sebastian Pipping <sebastian@pipping.org>
Date: Thu, 28 May 2020 01:59:04 +0200
Subject: [PATCH 4/4] Travis: Limit Cppcheck to macOS

.. because Homebrew comes with 2.0 while
Ubuntu trusty has 1.61, only.
---
 .travis.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 39ea3025..2b0802ee 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -15,12 +15,13 @@ env:
     - CFLAGS='-g3 -pipe'
   matrix:
     - MODE=cmake-oos
-    - MODE=cppcheck
     - MODE=distcheck
     - MODE=qa-sh CC=clang CXX=clang++ LD=clang++ QA_SANITIZER=address
 
 matrix:
   include:
+    - os: osx
+      env: MODE=cppcheck
     - os: linux
       env: MODE=clang-format
     - os: linux