cheng/libexpat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,648 Commits 1 Branch 0 Tags 16 MiB
01bbdedb66
Commit Graph

1648 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sebastian Pipping
01bbdedb66 Changes: Add CVE-2017-9233 info to change log 2017-06-17 01:00:45 +02:00
Rhodri James
c4bf96bb51 xmlparse.c: Fix external entity infinite loop bug (CVE-2017-9233) 2017-06-17 01:00:05 +02:00
Rhodri James
774ee6c15b Tests: Cover external entity infinite loop bug 2017-06-17 01:00:05 +02:00
Sebastian Pipping
13a55ba351 Changes: Add call for help 2017-06-17 00:56:27 +02:00
Sebastian Pipping
fa1bda5cd0 Add AUTHORS file 
$ git log | fgrep Author: | sed 's, <[^>]\+>,,' | sort | uniq -c | awk '{ if (int($1) >= 20) print }' | sed 's,.*: ,,' | sort
 2017-06-17 00:48:03 +02:00
Sebastian Pipping
db774d9a32 Add master readme as a symlink 2017-06-16 21:30:01 +02:00
Sebastian Pipping
913851a90c Remove amigaconfig.h and macconfig.h (issue #14) 2017-06-16 21:06:16 +02:00
Sebastian Pipping
760077feeb xmlparse.c: Polish ENTROPY_DEBUG 
The cast fixes a compile warning.
 2017-06-16 20:48:53 +02:00
Sebastian Pipping
c235f0aa43 MinGW: No longer ignore expat_config.h 
Previously, "#define XML_CONTEXT_BYTES 1024" from winconfig.h
would render --disable-xml-context ineffective.
 2017-06-16 20:38:52 +02:00
Sebastian Pipping
2446329958 Address MemorySanitizer mis-report on SYS_getrandom 2017-06-15 23:45:44 +02:00
Sebastian Pipping
60d00148b5 Changes: Mention new error code XML_ERROR_INVALID_ARGUMENT 2017-06-15 22:18:02 +02:00
Sebastian Pipping
2b005a837f Introduce random-based SHA256 release identifier 
Idea is to ease finding bundles of Expat in the wild in the future.
PS: If you need to bundle Expat, please keep your copy up to date.
 2017-06-15 22:11:38 +02:00
Sebastian Pipping
bfa1152c8e coverage.sh: Add Windows MinGW cross-compilation 2017-06-14 22:41:44 +02:00
Sebastian Pipping
3fb1ec4334 Make "make run-xmltest" work for MinGW cross-compilation 2017-06-14 22:36:51 +02:00
Sebastian Pipping
79d10879b2 coverage.sh: Cover arc4random_buf with libbsd 2017-06-14 18:31:05 +02:00
Sebastian Pipping
223365c43d coverage.sh: Extract function _build_case for re-use 2017-06-14 18:07:47 +02:00
Sebastian Pipping
a95e5a6c95 Changes: Mark SourceForge tickets for clarity 2017-06-14 18:02:18 +02:00
Sebastian Pipping
400d260d01 Changes: Fix indentation of a 2.2.1 item 2017-06-14 18:02:18 +02:00
Sebastian Pipping
065486c1ad Changes: Mention commit 7e5b71b748 2017-06-14 17:40:04 +02:00
Sebastian Pipping
a68c125fba tests/runtests.c: Address byte_character_handler unused variables 2017-06-13 23:38:01 +02:00
Sebastian Pipping
7e5b71b748 xmlparse.c: Fix XML_Size/XML_Index cast mixup 
The "MAX = (type)-1" hack only works for unsigned types:
XML_Size is unsigned but XML_Index is not.
As the positive maximum of signed integers is about
half as big as that of their unsigned counterpart,
we divide by 2.

Example for 2 bit integers:
* signed: -2, -1, 0, 1 == 2^1-1
* unsigned: 0, 1, 2, 3 == 2^2-1

Fixing 4be2cb5afc
 2017-06-13 23:37:36 +02:00
Sebastian Pipping
51308292cd coverage.sh: Fix "make check" error propagation 2017-06-13 23:02:32 +02:00
Sebastian Pipping
a3e164560a MANIFEST: Add missing run.sh.in 
Second half of 49693bb768
 2017-06-11 22:45:22 +02:00
Sebastian Pipping
302bb6529a MANIFEST: Drop pre-X Mac OS MPW Makefile (issue #14) 
Second half of a39382bee5
 2017-06-11 22:39:08 +02:00
Sebastian Pipping
a39382bee5 Drop pre-X Mac OS MPW Makefile (issue #14) 2017-06-10 22:54:26 +02:00
Sebastian Pipping
632bb9f39e Changes: Add missing details for 2.2.1 2017-06-07 23:33:39 +02:00
Sebastian Pipping
3518a91e72 Changes: Mention commits of important 2.2.1 fixes 2017-06-07 23:29:49 +02:00
Sebastian Pipping
bf9b32eae3 Changes: Improve classification/order of existing entries for 2.2.1 2017-06-07 21:17:57 +02:00
Sebastian Pipping
8706f69ca7 examples: Unify expat.h include 2017-06-07 20:31:35 +02:00
Sebastian Pipping
4f862dddf9 examples|tests|xmlwf: Drop AmigaOS 4.x include (issue #14) 2017-06-07 20:31:15 +02:00
Sebastian Pipping
64f3cf982a Merge branch 'better-entropy' (pull request #30) 2017-06-07 20:18:50 +02:00
Sebastian Pipping
ee43797ac9 Avoid implicit declaration of function ‘syscall’ with -std=c89 2017-06-07 20:14:41 +02:00
Sebastian Pipping
d514ea4c52 Merge branch 'crossdev-mingw' 2017-06-04 18:13:30 +02:00
Sebastian Pipping
49693bb768 Add run.sh wrapper to run test suite with Wine for MinGW 2017-06-04 17:43:47 +02:00
Sebastian Pipping
9560d17165 Makefile.in: Add missing @EXEEXT@ to runtests for MinGW 2017-06-04 17:25:23 +02:00
Sebastian Pipping
120bbbc8cf configure.ac: Disable auto-detection of libbsd 2017-06-01 20:53:44 +02:00
Sebastian Pipping
afd0805071 expat.h: Fix version hint on XML_ERROR_INVALID_ARGUMENT 
Introduced at commit 768613f801.
 2017-05-31 23:45:12 +02:00
Sebastian Pipping
f356fb56fb Detect and support syscall(SYS_getrandom, [..]) as well 2017-05-31 23:31:15 +02:00
Sebastian Pipping
9e02465f09 Make EXPAT_ENTROPY_DEBUG=1 print entropy source and bytes 2017-05-31 13:28:10 +02:00
Sebastian Pipping
377fa896b3 Merge branch 'parent-hash-salt' (fixes #31) 2017-05-30 21:35:40 +02:00
Sebastian Pipping
9592ce6771 Make hash salt setter/getter go up to the very top (issue #31) 2017-05-30 20:50:40 +02:00
Sebastian Pipping
11f5e68e30 Detect XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2 (issue #33) 2017-05-29 00:03:02 +02:00
Sebastian Pipping
4be2cb5afc Detect overflow from len=INT_MAX call to XML_Parse 
Relevant only when XML_CONTEXT_BYTES not defined
 2017-05-28 23:11:00 +02:00
Sebastian Pipping
70db8d2538 Reject negative length call to XML_Parse 2017-05-28 21:35:12 +02:00
Sebastian Pipping
6a747c837c Set errorCode for XML_Parse on NULL parser 
Related to 56c75720c2
 2017-05-28 21:31:58 +02:00
Sebastian Pipping
50db475431 Address unused variable warning (for XML_CONTEXT_BYTES not defined) 2017-05-28 20:50:43 +02:00
Sebastian Pipping
84f9ca1066 Fix sharing of hash salt across parsers (issue #31) 
This affects when XML_ExternalEntityParserCreate was called
prior to XML_Parse.
 2017-05-28 17:32:28 +02:00
Sebastian Pipping
f0b63f56c8 Address warning "initializer element is not computable at load time" 2017-05-28 15:02:19 +02:00
Sebastian Pipping
ad8521ca84 Pull out shared variable and is-unused marker 2017-05-25 21:55:05 +02:00
Sebastian Pipping
13e4b3d05e Autoconf: Add --(with|without)-libbsd for bypassing auto-detection 2017-05-25 21:15:36 +02:00