cheng/libexpat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,116 Commits 1 Branch 0 Tags 16 MiB
69e781f06d
Commit Graph

1962 Commits

Author SHA1 Message Date
Rhodri James
f1b5c14b96 Test attribute enum handling with failing allocator 2017-07-22 21:31:45 +02:00
Rhodri James
66435cff61 Test attribute enum value handling 2017-07-22 21:31:40 +02:00
Rhodri James
8857da5a65 Test foreign DTD with no contents 2017-07-22 21:31:12 +02:00
Rhodri James
cfcfd4685f Test foreign DTD with rejecting standalone handler 2017-07-22 21:31:07 +02:00
Rhodri James
060c12bc19 Test Foreign DTD setting with failing allocator 2017-07-22 21:31:02 +02:00
Rhodri James
f03d06a8c1 Test XML_UseForeignDTD without external subset 2017-07-22 21:30:57 +02:00
Rhodri James
234c654c19 Test XML_UseForeignDTD with a doctype 2017-07-22 21:30:52 +02:00
Rhodri James
4c197b0ef9 Add entity declaration handler to public parameter entity test 2017-07-22 21:30:47 +02:00
Rhodri James
604a527186 Test long public name in doctype allocator test 2017-07-22 21:30:42 +02:00
Rhodri James
8d42ab97d9 Test invalid name for public doctype 2017-07-22 21:30:37 +02:00
Rhodri James
ddddcfd393 Expand public doctype allocation test 2017-07-22 21:30:32 +02:00
Rhodri James
9223704553 Test allocation failure paths parsing a public doctype 2017-07-22 21:30:27 +02:00
Rhodri James
8babc25e44 Test public parameter entity with failing allocator 2017-07-22 21:30:22 +02:00
Rhodri James
e57d2413a1 Test various errors in parameter entity values 2017-07-22 21:30:17 +02:00
Rhodri James
78138c87f4 Test invalid character in foreign DTD parameter entity 2017-07-22 21:30:12 +02:00
Rhodri James
e5d84961bb Fix error reporting in external entity test handler 2017-07-22 21:29:55 +02:00
Rhodri James
9de593495c Test UTF-8 byte order mark in parameter entity value parsing 2017-07-22 21:29:13 +02:00
Rhodri James
c45340e138 Test aborting external entity value parser 2017-07-22 21:29:08 +02:00
Rhodri James
2cbcf88443 Test malformed XML/text declaration rejected by ext entity parser 2017-07-22 21:29:03 +02:00
Rhodri James
1d80cc21a8 Test XML declaration in external entity processing 2017-07-22 21:28:57 +02:00
Rhodri James
ac16e93789 Extend external parameter entity nested parser testing 2017-07-22 21:28:50 +02:00
Sebastian Pipping
782bb8a9a5 runtests.c: Fix memleaks 2017-07-22 21:28:20 +02:00
Rhodri James
e6dbd40799 Test nested external parser handling 2017-07-22 21:27:02 +02:00
Rhodri James
71c4f59886 Test unknown encoding handling in external parameter entity handler 2017-07-22 21:25:54 +02:00
Rhodri James
1fbdc13dcb Test a bad encoding is rejected at initialisation time 2017-07-22 21:25:49 +02:00
Rhodri James
ac40d1ed35 Test declaring a UTF-16 encoding while actually in UTF-8 is rejected 2017-07-22 21:25:44 +02:00
Rhodri James
80a32d09de Test XML declaration with long encoding name and failing allocator 2017-07-22 21:25:39 +02:00
Rhodri James
50ce682021 Test XML declaration handling with a duff allocator 2017-07-22 21:25:34 +02:00
Rhodri James
5279d9c588 Test external entity parsing suppressed with UNLESS_STANDALONE parameter 2017-07-22 21:25:29 +02:00
Rhodri James
e8ae6734bc Test partial UTF-8 characters in IGNORE section 2017-07-22 21:25:24 +02:00
Rhodri James
9948d7cdfc Refactor to reduce proliferation of external entity handlers 2017-07-22 21:18:57 +02:00
Sebastian Pipping
aa82b779bd Changes: Document dangling pointer fix 2017-07-20 22:17:52 +02:00
Sebastian Pipping
786d7abfcd xmlparse.c: Fix dangling pointer caused by use of realloc 
Variables pool->ptr and pool->start point to addresses
that may have been freed if realloc chose the path of
a new base address.  So we do the math on these pointers
while they are not dangling, yet.

For a related article:
http://trust-in-soft.com/dangling-pointer-indeterminate/
 2017-07-20 22:16:09 +02:00
Sebastian Pipping
99fb4b57f8 xmlparse.c: Fix DLL hijacking vulnerability (#82) 2017-07-19 20:19:37 +02:00
Sebastian Pipping
c5897e8c14 xmlparse.c: Fix comment typo 2017-07-19 20:19:07 +02:00
Sebastian Pipping
8c62e0aad1 Support arc4random for pre-10.7/Lion macOS 2017-07-19 15:39:33 +02:00
Sebastian Pipping
947879849f Rely on HAVE_ARC4RANDOM_BUF for CloudABI 2017-07-19 15:36:48 +02:00
Sebastian Pipping
fc6a6c2e80 runtests.c: Fix indentation 2017-07-16 23:07:03 +02:00
Rhodri James
d164cd59f9 Change all URLs to use example.org 2017-07-16 23:07:03 +02:00
Rhodri James
eb3b5c3fc0 Use meaningful constants for return values from handlers 2017-07-16 23:07:03 +02:00
Rhodri James
c1a29e9ad6 Tweak attribute list to improve test coverage 2017-07-16 23:07:02 +02:00
Rhodri James
d9fce70b6f Test reallocation of attribute list with failing reallocator 2017-07-16 23:02:30 +02:00
Rhodri James
e24cf7a9cf Tweak test_alloc_external_entity to improve code coverage 2017-07-16 23:02:30 +02:00
Rhodri James
0153af32fb Extend skip handler test coverage 2017-07-16 23:02:30 +02:00
Rhodri James
ce81d26087 Test features are appropriately set 2017-07-16 23:02:30 +02:00
Rhodri James
2393c3fe26 Test predefined entities 2017-07-16 23:02:30 +02:00
Rhodri James
ec93648563 Make final reallocation test safe 2017-07-16 23:02:30 +02:00
Rhodri James
deeb8f2aae Test robustness against failing reallocator for parsing long names 2017-07-16 23:02:30 +02:00
Rhodri James
fe4f238660 Refactor long test data string 2017-07-16 23:02:30 +02:00
Rhodri James
c87613c958 Extend XML_GetBuffer testing coverage 2017-07-16 23:02:30 +02:00
Rhodri James
991693f12b Fix message in XML declaration handler 2017-07-16 23:02:30 +02:00
Rhodri James
a7884ded31 Restore groupSize if (re)allocation of groupConnector fails 2017-07-16 23:02:30 +02:00
Rhodri James
ab53439060 Ensure unparsed entity handler gets set 
Revise dummy handlers to flag when they are executed, and ensure
that they are executed in the test.  Add XML to get the deprecated
unparsed entity handler executed, and ensure that the allocation
check fails each possible allocator in sequence despite the
caching of some allocations in the parser object.

NOTE that this commit does not pass check because of an allocation
bug.
 2017-07-16 23:02:30 +02:00
Rhodri James
85ed69eaf9 Split combined triplet_count into two distinct flags 2017-07-16 23:02:30 +02:00
Sebastian Pipping
26175e6a44 Revert "Fix structure initialisation not to cause warnings" 
This reverts commit 894033fab8.
 2017-07-16 23:02:30 +02:00
Sebastian Pipping
317a023df2 runtests.c: Fix memleaks 2017-07-16 19:07:50 +02:00
Rhodri James
23e64e1fbc Increase test coverage of ignore section processing 2017-07-16 19:05:03 +02:00
Rhodri James
6cacca3987 Refactor previous test to use existing test functions 2017-07-16 19:04:55 +02:00
Rhodri James
7a3664ab29 Test a broken IGNORE section is faulted 2017-07-16 19:04:44 +02:00
Rhodri James
da0bac99ad Exercise conditional exclusion code 2017-07-16 19:04:13 +02:00
Rhodri James
7495f28469 Test suspending the parse in the middle of CDATA handling 2017-07-16 19:02:26 +02:00
Rhodri James
23c488c8fd Test aborting parse while processing CDATA 2017-07-16 19:02:21 +02:00
Rhodri James
1a8297c54c Test a variety of incomplete UTF-16 CDATA strings 2017-07-16 19:02:14 +02:00
Rhodri James
9ac26205bc Test handling of UTF-16 supplementary plane characters 2017-07-16 19:01:54 +02:00
Rhodri James
e932825e22 Test long UTF-16 CDATA (more than internal buffer size) 2017-07-16 19:01:38 +02:00
Rhodri James
fa37a8069a Test CDATA correctly runs through a default handler 
In particular exercises a code path dealing with newlines
 2017-07-16 19:01:20 +02:00
Rhodri James
b86bec407b Test handling of CDATA in an external entity parser 2017-07-16 19:01:14 +02:00
Rhodri James
47003df13d Test reallocation of URI in re-used binding with dodgy reallocator 2017-07-16 19:00:57 +02:00
Rhodri James
757ac4cb0e Test w3.org xmlns URL is correctly rejected 2017-07-16 19:00:44 +02:00
Rhodri James
c7d2fc3020 Test rejection of invalid attribute 'xml' and use of w3.org 2017-07-16 19:00:36 +02:00
Rhodri James
a2302df9b6 Test for correct rejection of 'xmlns' as an attribute 2017-07-16 19:00:30 +02:00
Rhodri James
1ead467e3c Test extension of URI buffer shared between element tags 2017-07-16 19:00:24 +02:00
Rhodri James
d8651ffbe8 Test medium-length element name with namespaces and a failing allocator 2017-07-16 19:00:18 +02:00
Rhodri James
ea6ab8be03 Test mixed prefixed and unprefixed attributes in a namespace 2017-07-16 18:59:49 +02:00
Rhodri James
cbfc54ee2f Test allocator handling of attribute with long namespace 2017-07-16 18:59:34 +02:00
Sebastian Pipping
8eda8b3c9e runtests.c: Fix memleaks 2017-07-16 18:58:21 +02:00
Rhodri James
1c0ecf1b95 Test attribute table hash collision handling 2017-07-16 18:56:24 +02:00
Rhodri James
d526cd09f7 Test long attribute names in a namespace with failing allocator 2017-07-16 18:56:24 +02:00
Rhodri James
ade4c402af Extend test coverage of external entity handler parameters 2017-07-16 18:56:24 +02:00
Rhodri James
d69a504a5a Comment change: explain why attribute count is twice what you expect 2017-07-16 18:56:23 +02:00
Rhodri James
b1bea33582 Check NULLing the encoding works before the parse is started 2017-07-16 18:56:23 +02:00
Rhodri James
1056c797dd Test for specific error from XML_UseForeignDTD() 2017-07-16 18:56:23 +02:00
Rhodri James
894033fab8 Fix structure initialisation not to cause warnings 2017-07-16 18:56:23 +02:00
Rhodri James
53e1698aa3 Add test case for long URIs in attributes with failing allocator 2017-07-16 18:56:23 +02:00
Rhodri James
c90f4bc24c Restore original nsAttsSize if reallocation fails 2017-07-16 18:56:23 +02:00
Rhodri James
41ab4fd94a Test reallocation failure in xmlns attribute handling 
Note that this commit provokes a segfault due to a bug in
storeAtts()
 2017-07-16 18:56:23 +02:00
Rhodri James
f748d87811 Test rejection of unbound prefix, improve coverage of attribute handling 2017-07-16 18:56:23 +02:00
Rhodri James
9f844cac4a Revert recorded size of attribute memory when reallocation fails 2017-07-16 18:56:23 +02:00
Rhodri James
edfcd16b98 Test long namespace names (1024 characters) 2017-07-16 18:56:23 +02:00
Rhodri James
8dabab1576 Refactor namespace allocation tests 2017-07-16 18:56:23 +02:00
Rhodri James
20c12da662 Extend code path coverage of entity handling 2017-07-16 18:56:23 +02:00
Rhodri James
f591474e62 Add test coverage for comments with a failing allocator 2017-07-16 18:43:34 +02:00
Rhodri James
8f3d13188b More coverage of PIs with failing allocator 2017-07-16 18:43:18 +02:00
Rhodri James
a1cffcb4ea Test parsing a PI with a failing allocator 2017-07-16 18:42:33 +02:00
Rhodri James
97ad97e9e9 Expand really long line test for encoded CDATA handling 2017-07-16 18:42:23 +02:00
Rhodri James
ef26a78837 Test right square bracket handling in external entity parses 2017-07-16 18:41:49 +02:00
Rhodri James
a3a68a412d More tests for the right square bracket control paths 2017-07-16 18:41:33 +02:00
Rhodri James
8bdf2bc102 Test handling of right square bracket at end of content data 2017-07-16 18:41:23 +02:00
Rhodri James
fe2e255025 Extend ASCII CDATA test to cover a default handler 2017-07-16 18:41:08 +02:00
Rhodri James
213c8523a3 Add CDATA section handlers for increased test coverage 2017-07-16 18:41:03 +02:00
Rhodri James
05fe0bd6c9 Add default handler to namespace failing allocation test 
Increases code coverage.  Also tweaked allocation counts for
better coverage
 2017-07-16 18:40:52 +02:00
Rhodri James
e92f989efe Add default handlers to character entity tests to extend coverage 2017-07-16 18:40:41 +02:00
Rhodri James
dabb530d17 Extend coverage of namespace start and end handlers 2017-07-16 18:40:33 +02:00
Rhodri James
41524fed85 Test external entity with no handler 2017-07-16 18:40:05 +02:00
Rhodri James
9a7d8d2c3f Tweak tests for greater allocation failure coverage 2017-07-16 18:39:56 +02:00
Rhodri James
7653beecee More external entity allocation failure coverage 2017-07-16 18:39:42 +02:00
Rhodri James
f71790ccf9 Extend coverage of partial character parsing 2017-07-16 18:37:31 +02:00
Rhodri James
6cfef69705 Test trailing CR in external entity parse 2017-07-16 18:37:17 +02:00
Rhodri James
15ef260f6b Test handling of trailing CR (rather than newline) 2017-07-16 18:37:00 +02:00
Sebastian Pipping
b24ecb9d46 runtests.c: Fix memleaks 2017-07-16 18:27:00 +02:00
Rhodri James
df0138ac3f Extend test coverage of external entity suspension 2017-07-16 18:23:44 +02:00
Rhodri James
80394e1792 Test suspending from an external entity's XML declaration handler 2017-07-16 18:23:20 +02:00
Sebastian Pipping
5c07211b84 runtests.c: Fix memory leaks 2017-07-16 02:09:23 +02:00
Sebastian Pipping
738162b60c runtests.c: Polish test_ext_entity_invalid_parse 2017-07-16 02:06:29 +02:00
Rhodri James
7b9b40bcee Refactor and extend external entity parse error testing 2017-07-16 02:01:30 +02:00
Rhodri James
6381273b8b Check parse errors in external entity parsers 2017-07-16 01:59:28 +02:00
Rhodri James
24e16ecbd8 Test UTF-8 BOM is recognised in UTF-8 external entity 2017-07-16 01:58:07 +02:00
Rhodri James
ab53e5da3f Test unknown encoding in external entity parser (increase coverage) 2017-07-16 01:55:23 +02:00
Rhodri James
0f403d1d5d Check handling of long element names with namespaces 2017-07-16 01:52:59 +02:00
Rhodri James
da93b3992a Refactor allocator test support 2017-07-16 01:44:33 +02:00
Sebastian Pipping
4f81bb01c1 qa.sh: Use clang for mode "address" to detect memory leaks (#23) 2017-07-15 19:48:47 +02:00
Sebastian Pipping
7bc4aa61ae qa.sh: Rename BASE_FLAGS to BASE_COMPILE_FLAGS 2017-07-15 19:48:45 +02:00
Sebastian Pipping
86c00d7f64 Changes: Document test suite memleak fixes 2017-07-15 19:14:49 +02:00
Sebastian Pipping
483803255d minicheck.c: Protect against potential NULL dereference 2017-07-15 19:14:49 +02:00
Sebastian Pipping
7c82b0b4ab minicheck.c: Rename *_dispose to *_free 2017-07-15 19:07:30 +02:00
Rhodri James
c5b129e597 Free the external entity parser in external_entity_loader_set_encoding() 
Removes the last of the memory leaks detected by AddressSanitizer
in the test suite (see Issue #23)
 2017-07-14 17:55:51 +01:00
Rhodri James
e4bfe3c7d1 Free all the data structures associated with test cases. 
Removes some of the memory leaks discovered by AddressSanitizer
in the test suite (see Issue #23)
 2017-07-14 17:53:56 +01:00
Rhodri James
38c1ce7cd5 Free the content model in dummy_element_decl_handler() 
Removes some of the memory leaks found by AddressSanitizer in
the test suite (see Issue #23)
 2017-07-14 17:33:59 +01:00
Rhodri James
d350a6cb0d Free external entity parser in external_entity_param() 
Removes some of the memory leaks detected by AddressSanitizer in
the test suite (see Issue #23).
 2017-07-14 17:22:54 +01:00
Rhodri James
8cdcb7219d Free external entity parser in external_entity_suspender() 
Removes some memory leaks detected by AddressSanitizer in
the test suite (see Issue #23)
 2017-07-14 17:15:12 +01:00
Rhodri James
448cd2acac Free external entity parser in external_entity_param_checker() 
Removes some of the memory leaks detected by AddressSanitizer
in the test suite (see Issue #23)
 2017-07-14 17:13:22 +01:00
Rhodri James
a7db7a1c1a Free external entity parser in external_entity_resetter() when done 
Deals with some of the memory leaks found by AddressSanitizer in
the test suite (Issue #23)
 2017-07-14 17:03:25 +01:00
Rhodri James
d3b3f7fa48 Free external entity parser in external_entity_loader() when done. 
Removes some memory leaks detected by AddressSanitizer in the
test suite (see Issue #23)
 2017-07-14 17:02:34 +01:00
Rhodri James
18be28458b Use correct parser to signal failure in external_entity_loader() 2017-07-14 16:49:50 +01:00
Sebastian Pipping
7c3eedb20b xmlparse.c: Adjust _GNU_SOURCE define in favor of Python (#77) 2017-07-12 23:55:49 +02:00
Sebastian Pipping
c5daa8c0b1 Changes: Improve 2.2.2 security notes 2017-07-12 23:00:19 +02:00
Sebastian Pipping
f8bd51b5a3 xmlparse.c: Avoid _GNU_SOURCE macro redefinition (#77) 2017-07-12 21:09:39 +02:00
Sebastian Pipping
1ea1425d15 xmlparse.c: Address compile warning with -DNDEBUG (issue #76) 2017-07-12 20:20:22 +02:00
Sebastian Pipping
b5aaa782fa runtests.c: Protect against -DNDEBUG (issue #76 related) 2017-07-12 20:16:37 +02:00
Sebastian Pipping
e72c42eb18 Prepare release version 2.2.2 2017-07-12 19:00:02 +02:00
Sebastian Pipping
8c9ec41705 Bump version info from 7:3:6 to 7:4:6 2017-07-12 19:00:02 +02:00
Sebastian Pipping
5f51145401 Move to C99 (#73) and fix ULL integer literals (#69) 2017-07-12 18:47:37 +02:00
Sebastian Pipping
ba03edc6e6 Changes: Document low quality entropy detection (related to #43) 2017-07-12 18:11:28 +02:00
Sebastian Pipping
ff0207e607 xmlparse.c: Protect against accidental use of low quality entropy (issue #43) 2017-07-12 18:11:01 +02:00
Sebastian Pipping
939f5af58f xmlparse.c: Move includes up (to reduce chance of macro interference) 
Commit 6ee259bc84 is related.
 2017-07-12 17:47:55 +02:00
Sebastian Pipping
a449035d04 Changes: Communicate security aspects in detail (#60) 2017-07-12 16:28:27 +02:00
Rhodri James
196bea60b1 Fix protocolEncodingName. (pull request #70) 
Ensure that protocolEncodingName is always either NULL or points
to the correct encoding for the parser, even if the parser is
reset.
 2017-07-10 22:10:49 +02:00
Sebastian Pipping
61e1a31fdc Changes: Mention CMake improvements 2017-07-09 22:40:17 +02:00
Ben Boeckel
f01b2c0e27 cmake: use the current binary directory 
This is not necessarily the top-level CMake directory (such as when
expat is included inside of another project's source tree directly), so
we should instead use the one relative to this `CMakeLists.txt` file.
 2017-07-05 17:13:57 -04:00
Ben Boeckel
c2888d56c0 ConfigureChecks: configure into the build tree 
This helps to keep the source tree cleaner.
 2017-07-05 17:12:38 -04:00
Ben Boeckel
ab89ae73c7 cmake: include the current directory's ConfigureChecks.cmake 
The file we want is always in the same directory. The
`ConfigureChecks.cmake` file is included in many projects and the wrong
`CMAKE_MODULE_PATH` can cause the wrong one to be used here.
 2017-07-05 17:11:48 -04:00
Ben Boeckel
dc4422e894 cmake: remove executable bits from cmake files 
These files are not executable and should not be stored as such inside
of the repository.
 2017-07-05 17:11:30 -04:00
Sebastian Pipping
2994cfc3d9 siphash.h: Ensure <=80 line length 2017-07-05 14:07:10 +02:00
Sebastian Pipping
736d47c8ef siphash.h: Add const qualifiers 2017-07-05 14:06:37 +02:00
Sebastian Pipping
44b8064042 Changes: Add MOX reference 2017-07-01 17:30:19 +02:00
Rhodri James
f196feb61f Add means to avoid downloading xmlts.zip in coverage tests 
Modifies target tests/xmlts.zip so that if the environment variable
XMLTS_DIR is set, the xmlts.zip will be copied from there rather
than downloaded again from xml.org.  I currently need this
because I have a very limited internet connection.
 2017-07-01 17:21:24 +02:00
Sebastian Pipping
6ee259bc84 xmlparse.c: Move includes up to fix macro interference 
Guilty is our macro "buffer" resolving to "parser->m_buffer".
Issue #59 is related.
 2017-07-01 14:52:24 +02:00
Sebastian Pipping
b37622e679 Changes: Mention parameter validation bug 2017-07-01 14:43:25 +02:00
Sebastian Pipping
ac256dafdf xmlparse.c: Fix parser NULL dereference 
errorCode is a macro resolving to parser->m_errorCode.
Issue #59 is related.
 2017-07-01 14:36:36 +02:00
Sebastian Pipping
00bd9dab99 Changes: Mention #68, give credit to Kerin Millar 2017-07-01 13:12:29 +02:00
Kerin Millar
c14a173105 conftools/get-version.sh: Fix unsafe expansions of $hdr 
Also, use $() instead of ``. See http://mywiki.wooledge.org/BashFAQ/082.
 2017-06-29 17:00:36 +01:00
Kerin Millar
9502963fd2 conftools/get-version.sh: Use printf rather than try to infer non-portable echo options 2017-06-29 16:59:59 +01:00
Sebastian Pipping
566d4bb019 Makefile.in: Waterproof against differences in line endings 
For MinGW cross-compilation, second try.
 2017-06-28 18:58:36 +02:00
Sebastian Pipping
58663de348 Merge branch 'mingw-crossdev-wine-linuxmint' (#64) 2017-06-28 16:03:52 +02:00
Sebastian Pipping
85bc1329dd xmlwf/readfilemap.c: Address -Wsign-compare warning 
read:
http://pubs.opengroup.org/onlinepubs/009695399/functions/read.html
 2017-06-27 23:26:49 +02:00
Sebastian Pipping
552a79bc98 coverage.sh: Symlink libwinpthread-1.dll as well for Linux Mint 2017-06-27 23:09:18 +02:00
Sebastian Pipping
e4f71eeaa0 tests: Address -Wformat compile warnings 2017-06-26 00:31:29 +02:00
Sebastian Pipping
93baf8759b Changes: Give credit to Viktor Szakats (#61) 2017-06-25 20:15:28 +02:00
Viktor Szakats
73a5a2e9c0 LoadLibrary() call to work correctly regardless of _UNICODE setting 
This solution allows the build system to chose whichever mode, instead
of forcing the "ANSI" alternative of the API.
 2017-06-25 19:42:17 +02:00
Sebastian Pipping
23a533d19b Changes: Mention fix to #60 2017-06-25 17:53:25 +02:00
Václav Slavík
95b95032f9 Fix building on win32 if _UNICODE is defined 
Explicitly use LoadLibraryA() instead of the LoadLibrary() macro, which 
may expand to LoadLibraryW() depending on build configuration.
 2017-06-25 17:38:11 +02:00
Sebastian Pipping
6dc3273aa5 coverage.sh: Fix two comment typos 2017-06-24 16:11:09 +02:00
Sebastian Pipping
3932cc8df4 siphash.h: Compress change log a bit 2017-06-23 21:06:20 +02:00
Sebastian Pipping
a85511958a Changes/siphash.h: Extend log, give credit to Victor Stinner 2017-06-23 21:06:20 +02:00
Victor Stinner
788bff7a3b Fix compiler warnings on Windows 64-bit 
Explicitly cast on integer downcasting to fix compiler warnings.
 2017-06-23 10:40:05 +02:00
Sebastian Pipping
2d82462393 siphash.h: Fix duplicate/leftover line in the header (#57) 2017-06-22 20:26:53 +02:00
Sebastian Pipping
956147f81a Changes: Mention getrandom detection issues on macOS (#52) 2017-06-19 20:37:34 +02:00
Sebastian Pipping
c74d380b8f siphash.h: Address lack of stdint.h for Visual Studio 2003-2008 2017-06-18 22:03:01 +02:00
Sebastian Pipping
1ce8ec1c12 Changes: Start post-2.2.1 section 2017-06-18 21:53:55 +02:00
Sebastian Pipping
602e6c78ca configure.ac: Fix mis-detection of getrandom on Debian GNU/kFreeBSD (#50) 
There is no such thing but we need to link (not just compile) to realize.
 2017-06-18 18:56:03 +02:00
spzeidler
e5e25fac16 Fix sh syntax in configure.ac (#49) 
The old '==' sh-is-not-C issue
It doesn't matter in bash, but some other sh don't like it, so it's a portability issue
 2017-06-18 14:30:22 +02:00
Karl Waclawek
c4446687cf Merge branch 'master' of https://github.com/libexpat/libexpat 2017-06-17 12:07:38 -04:00
Karl Waclawek
85718691e5 Windows release: Update README, remove VC++ 6.0 files from installer, fix runtests.vcxproj file. 2017-06-17 12:05:48 -04:00
Sebastian Pipping
82b8241c1c Changes: Add link for SipHash commits 2017-06-17 17:44:32 +02:00
Sebastian Pipping
508b1c3023 Changes: Add reference to SipHash ticket 2017-06-17 12:04:41 +02:00
Sebastian Pipping
e421621fb3 win32/expat.iss: Install AUTHORS file, too 2017-06-17 12:02:29 +02:00
Sebastian Pipping
484cc4e62c Bump version, year, and ID for 2.2.1 
Also fill earliest release date
 2017-06-17 01:58:05 +02:00
Sebastian Pipping
d7ba4e385e Changes: Mention address leak, add MOX-??? references 2017-06-17 01:44:00 +02:00
Sebastian Pipping
b6742eb325 Bump version info from 7:2:6 to 7:3:6 2017-06-17 01:12:35 +02:00
Sebastian Pipping
c2d4688d5b Changes: Mention SipHash 2017-06-17 01:10:11 +02:00
Sebastian Pipping
1ee8601f24 Merge branch 'siphash' 2017-06-17 01:04:09 +02:00
Sebastian Pipping
01bbdedb66 Changes: Add CVE-2017-9233 info to change log 2017-06-17 01:00:45 +02:00
Rhodri James
c4bf96bb51 xmlparse.c: Fix external entity infinite loop bug (CVE-2017-9233) 2017-06-17 01:00:05 +02:00
Rhodri James
774ee6c15b Tests: Cover external entity infinite loop bug 2017-06-17 01:00:05 +02:00
Sebastian Pipping
13a55ba351 Changes: Add call for help 2017-06-17 00:56:27 +02:00
Sebastian Pipping
fa1bda5cd0 Add AUTHORS file 
$ git log | fgrep Author: | sed 's, <[^>]\+>,,' | sort | uniq -c | awk '{ if (int($1) >= 20) print }' | sed 's,.*: ,,' | sort
 2017-06-17 00:48:03 +02:00
Sebastian Pipping
913851a90c Remove amigaconfig.h and macconfig.h (issue #14) 2017-06-16 21:06:16 +02:00
Sebastian Pipping
760077feeb xmlparse.c: Polish ENTROPY_DEBUG 
The cast fixes a compile warning.
 2017-06-16 20:48:53 +02:00
Sebastian Pipping
c235f0aa43 MinGW: No longer ignore expat_config.h 
Previously, "#define XML_CONTEXT_BYTES 1024" from winconfig.h
would render --disable-xml-context ineffective.
 2017-06-16 20:38:52 +02:00
Sebastian Pipping
2446329958 Address MemorySanitizer mis-report on SYS_getrandom 2017-06-15 23:45:44 +02:00
Sebastian Pipping
60d00148b5 Changes: Mention new error code XML_ERROR_INVALID_ARGUMENT 2017-06-15 22:18:02 +02:00
Sebastian Pipping
2b005a837f Introduce random-based SHA256 release identifier 
Idea is to ease finding bundles of Expat in the wild in the future.
PS: If you need to bundle Expat, please keep your copy up to date.
 2017-06-15 22:11:38 +02:00
Sebastian Pipping
bfa1152c8e coverage.sh: Add Windows MinGW cross-compilation 2017-06-14 22:41:44 +02:00
Sebastian Pipping
3fb1ec4334 Make "make run-xmltest" work for MinGW cross-compilation 2017-06-14 22:36:51 +02:00
Sebastian Pipping
79d10879b2 coverage.sh: Cover arc4random_buf with libbsd 2017-06-14 18:31:05 +02:00
Sebastian Pipping
223365c43d coverage.sh: Extract function _build_case for re-use 2017-06-14 18:07:47 +02:00
Sebastian Pipping
a95e5a6c95 Changes: Mark SourceForge tickets for clarity 2017-06-14 18:02:18 +02:00
Sebastian Pipping
400d260d01 Changes: Fix indentation of a 2.2.1 item 2017-06-14 18:02:18 +02:00
Sebastian Pipping
065486c1ad Changes: Mention commit 7e5b71b748 2017-06-14 17:40:04 +02:00
Sebastian Pipping
a68c125fba tests/runtests.c: Address byte_character_handler unused variables 2017-06-13 23:38:01 +02:00
Sebastian Pipping
7e5b71b748 xmlparse.c: Fix XML_Size/XML_Index cast mixup 
The "MAX = (type)-1" hack only works for unsigned types:
XML_Size is unsigned but XML_Index is not.
As the positive maximum of signed integers is about
half as big as that of their unsigned counterpart,
we divide by 2.

Example for 2 bit integers:
* signed: -2, -1, 0, 1 == 2^1-1
* unsigned: 0, 1, 2, 3 == 2^2-1

Fixing 4be2cb5afc
 2017-06-13 23:37:36 +02:00
Sebastian Pipping
51308292cd coverage.sh: Fix "make check" error propagation 2017-06-13 23:02:32 +02:00
Sebastian Pipping
a3e164560a MANIFEST: Add missing run.sh.in 
Second half of 49693bb768
 2017-06-11 22:45:22 +02:00
Sebastian Pipping
302bb6529a MANIFEST: Drop pre-X Mac OS MPW Makefile (issue #14) 
Second half of a39382bee5
 2017-06-11 22:39:08 +02:00
Sebastian Pipping
efa3749d8f siphash: Test implementation 2017-06-11 01:20:41 +02:00
Sebastian Pipping
3fcef5021a siphash: Replace current hash algorithm by SipHash 2017-06-11 01:20:41 +02:00
Sebastian Pipping
c0f7c250e3 siphash: Make siphash.h ready for C89 Expat 2017-06-11 01:20:41 +02:00
Sebastian Pipping
38d5bf0080 siphash: Integrate into build system 2017-06-11 01:20:41 +02:00
Sebastian Pipping
695314a849 Add unmodified siphash-20121104.h by William Ahern as siphash.h 2017-06-11 00:49:05 +02:00
Sebastian Pipping
a39382bee5 Drop pre-X Mac OS MPW Makefile (issue #14) 2017-06-10 22:54:26 +02:00
Sebastian Pipping
632bb9f39e Changes: Add missing details for 2.2.1 2017-06-07 23:33:39 +02:00
Sebastian Pipping
3518a91e72 Changes: Mention commits of important 2.2.1 fixes 2017-06-07 23:29:49 +02:00
Sebastian Pipping
bf9b32eae3 Changes: Improve classification/order of existing entries for 2.2.1 2017-06-07 21:17:57 +02:00
Sebastian Pipping
8706f69ca7 examples: Unify expat.h include 2017-06-07 20:31:35 +02:00
Sebastian Pipping
4f862dddf9 examples|tests|xmlwf: Drop AmigaOS 4.x include (issue #14) 2017-06-07 20:31:15 +02:00
Sebastian Pipping
64f3cf982a Merge branch 'better-entropy' (pull request #30) 2017-06-07 20:18:50 +02:00
Sebastian Pipping
ee43797ac9 Avoid implicit declaration of function ‘syscall’ with -std=c89 2017-06-07 20:14:41 +02:00
Sebastian Pipping
49693bb768 Add run.sh wrapper to run test suite with Wine for MinGW 2017-06-04 17:43:47 +02:00
Sebastian Pipping
9560d17165 Makefile.in: Add missing @EXEEXT@ to runtests for MinGW 2017-06-04 17:25:23 +02:00
Sebastian Pipping
120bbbc8cf configure.ac: Disable auto-detection of libbsd 2017-06-01 20:53:44 +02:00
Sebastian Pipping
afd0805071 expat.h: Fix version hint on XML_ERROR_INVALID_ARGUMENT 
Introduced at commit 768613f801.
 2017-05-31 23:45:12 +02:00
Sebastian Pipping
f356fb56fb Detect and support syscall(SYS_getrandom, [..]) as well 2017-05-31 23:31:15 +02:00
Sebastian Pipping
9e02465f09 Make EXPAT_ENTROPY_DEBUG=1 print entropy source and bytes 2017-05-31 13:28:10 +02:00
Sebastian Pipping
377fa896b3 Merge branch 'parent-hash-salt' (fixes #31) 2017-05-30 21:35:40 +02:00
Sebastian Pipping
9592ce6771 Make hash salt setter/getter go up to the very top (issue #31) 2017-05-30 20:50:40 +02:00
Sebastian Pipping
11f5e68e30 Detect XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2 (issue #33) 2017-05-29 00:03:02 +02:00
Sebastian Pipping
4be2cb5afc Detect overflow from len=INT_MAX call to XML_Parse 
Relevant only when XML_CONTEXT_BYTES not defined
 2017-05-28 23:11:00 +02:00
Sebastian Pipping
70db8d2538 Reject negative length call to XML_Parse 2017-05-28 21:35:12 +02:00
Sebastian Pipping
6a747c837c Set errorCode for XML_Parse on NULL parser 
Related to 56c75720c2
 2017-05-28 21:31:58 +02:00
Sebastian Pipping
50db475431 Address unused variable warning (for XML_CONTEXT_BYTES not defined) 2017-05-28 20:50:43 +02:00
Sebastian Pipping
84f9ca1066 Fix sharing of hash salt across parsers (issue #31) 
This affects when XML_ExternalEntityParserCreate was called
prior to XML_Parse.
 2017-05-28 17:32:28 +02:00
Sebastian Pipping
f0b63f56c8 Address warning "initializer element is not computable at load time" 2017-05-28 15:02:19 +02:00
Sebastian Pipping
ad8521ca84 Pull out shared variable and is-unused marker 2017-05-25 21:55:05 +02:00
Sebastian Pipping
13e4b3d05e Autoconf: Add --(with|without)-libbsd for bypassing auto-detection 2017-05-25 21:15:36 +02:00
Sebastian Pipping
ba1fc202c1 Changes: Mention use of high quality entropy sources 2017-05-25 21:15:36 +02:00
Sebastian Pipping
04ad658bd3 Pull parser instance address out of entropy equation to not leak that information 2017-05-25 21:15:36 +02:00
Sebastian Pipping
7a93938687 Start using arc4random_buf with BSD and libbsd 2017-05-25 21:15:36 +02:00
Sebastian Pipping
c9cc7dd3d7 Start using getrandom for entropy extraction with glibc 2.25+ 2017-05-25 20:08:23 +02:00
Sebastian Pipping
01e78c377b Start using RtlGenRandom for entropy extraction on WinXP and later 2017-05-25 20:07:01 +02:00
Sebastian Pipping
4c6ac5ebc8 Changes: Document move from WIN32 to _WIN32 2017-05-25 15:25:18 +02:00
Sebastian Pipping
50e0dd88f0 Visual Studio 20xx: No longer define WIN32 2017-05-25 15:25:18 +02:00
Sebastian Pipping
078af33952 CMake: No longer define WIN32 2017-05-25 15:25:18 +02:00
Sebastian Pipping
8f25f91e9e Replace WIN32 by _WIN32 in code 2017-05-25 15:25:18 +02:00
Sebastian Pipping
d923c99e13 Changes: Adjust indentation 2017-05-25 15:25:18 +02:00
Rhodri James
a4dc944f37 Prevent use of uninitialised variable 
I don't believe the value of 'next' is actually used if it is not
set by the tokenizer, but this is very hard to prove.  For safety,
we give it a safe default value.
 2017-05-24 22:03:43 +02:00
Sebastian Pipping
9ed727064b Validate parser parameter to XML_UseParserAsHandlerArg 2017-05-24 21:09:23 +02:00
Sebastian Pipping
b070843f5b Make XML_GetInputContext parameter validation more flexible 2017-05-24 20:52:16 +02:00
Rhodri James
ea1f407c06 Validate parser parameter to XML_DefaultCurrent 2017-05-24 20:49:40 +02:00
Rhodri James
581a4c7ccf Validate parser parameter to XML_MemFree 2017-05-24 20:49:40 +02:00
Rhodri James
fad8400108 Validate parser parameter to XML_MemRealloc 2017-05-24 20:49:40 +02:00
Rhodri James
cca6cdc5f8 Validate parser parameter to XML_MemMalloc 2017-05-24 20:49:40 +02:00
Rhodri James
cbfaa23428 Validate parser parameter to XML_FreeContentModel 2017-05-24 20:49:40 +02:00
Rhodri James
11ec6aefd1 Validate parser parameter to XML_GetCurrentColumnNumber 2017-05-24 20:49:40 +02:00
Rhodri James
1bf78fe1fb Validate parser parameter to XML_GetCurrentLineNumber 2017-05-24 20:49:40 +02:00
Rhodri James
88731abd62 Validate parameters to XML_GetInputContext 2017-05-24 20:49:40 +02:00
Rhodri James
fd2571b27a Validate parser parameter to XML_GetCurrentByteCount 2017-05-24 20:49:40 +02:00
Rhodri James
2253c12304 Validate the parser parameter to XML_GetCurrentByteIndex 2017-05-24 20:49:40 +02:00
Rhodri James
1c365fc049 Validate parser parameter to XML_GetErrorCode 2017-05-24 20:49:40 +02:00
Rhodri James
253c68928e Validate parser parameter for XML_GetParsingStatus 2017-05-24 20:49:40 +02:00
Rhodri James
fadc9db44c Validate parser parameter for XML_ResumeParser 2017-05-24 20:49:40 +02:00
Rhodri James
9ce48e786c Validate parser parameter for XML_StopParser 2017-05-24 20:49:40 +02:00
Rhodri James
49c4ad9210 Validate parser parameter for XML_GetBuffer 2017-05-24 20:49:40 +02:00
Rhodri James
621222bce6 Validate parser parameter for XML_ParseBuffer 2017-05-24 20:49:40 +02:00
Rhodri James
56c75720c2 Validate "parser" and "s" parameters to XML_Parse 2017-05-24 20:49:40 +02:00
Rhodri James
b58abe1e92 Validate parser parameter to XML_SetHashSalt 2017-05-24 20:49:40 +02:00
Rhodri James
2a6ed44fbc Validate parser parameter to XML_SetParamentityParsing 2017-05-24 20:49:40 +02:00
Rhodri James
e5430d8a07 Validate parser parameter to XML_SetXmlDeclHandler 2017-05-24 20:49:40 +02:00
Rhodri James
8fa1d7b48b Validate parser parameter to XML_SetEntityDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
571b2fe3b0 Validate parser parameter to XML_SetAttlistDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
7f6e542071 Validate parser parameter to XML_SetElementDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
62befbddcd Validate parser parameter to XML_SetUnknownEncodingHandler 2017-05-24 20:49:39 +02:00
Rhodri James
23e56eae28 Validate parser parameter to XML_SetSkippedEntityHandler 2017-05-24 20:49:39 +02:00
Rhodri James
ae3785e5fa Validate parser parameter to XML_SetExternalEntityRefHandlerArg 2017-05-24 20:49:39 +02:00
Rhodri James
18e48b4122 Validate parser parameter to XML_SetExternalEntityRefHandler 2017-05-24 20:49:39 +02:00
Rhodri James
f41ff4a32a Validate parser parameter to XML_SetNotStandaloneHandler 2017-05-24 20:49:39 +02:00
Rhodri James
2823d9d388 Validate parser parameter in XML_SetEndNamespaceDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
a3a68e74dd Validate parser parameter to XML_SetStartNamespaceDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
8b379e7818 Validate parser parameter to XML_SetStartNamespaceDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
d34f158922 Validate parser parameter to XML_SetNotationDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
eaaa8e6a9a Validate parser parameter to XML_SetUnparsedEntityDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
41ffcb74da Validate parser parameter to XML_SetEndDoctypeDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
e6e0d3e41f Validate parser parameter to XML_SetStartDoctypeDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
2315924f2a Validate parser parameter to XML_SetDoctypeDeclHandler 2017-05-24 20:49:39 +02:00
Rhodri James
eca1d097e1 Validate parser parameter to XML_SetDefaultHandlerExpand 2017-05-24 20:49:39 +02:00
Rhodri James
2825dc0bae Validate parser parameter to XML_SetDefaultHandler 2017-05-24 20:49:39 +02:00
Rhodri James
fd43da3baa Validate parser parameter to XML_SetEndCdataSectionHandler 2017-05-24 20:49:39 +02:00
Rhodri James
c49b1309fe Validate parser parameter to XML_SetStartCdataSectionHandler 2017-05-24 20:49:39 +02:00
Rhodri James
5c374aa91d Validate parser parameter to XML_SetCdataSectionHandler 2017-05-24 20:49:39 +02:00
Rhodri James
f1685bbf63 Validate parser parameter to XML_SetCommentHandler 2017-05-24 20:49:39 +02:00
Rhodri James
302a85287f Validate parser parameter to XML_SetProcssingInstructionHandler 2017-05-24 20:49:39 +02:00