libexpat

Author	SHA1	Message	Date
Sebastian Pipping	810b74e470	Extract function poolBytesToAllocateFor to add overflow detection (issue #25 )	2017-05-06 00:34:11 +02:00
Sebastian Pipping	0407af0a59	Makefile.in: Have "make clean" remove tests/memcheck.o (fixes #22 , related #17 )	2017-05-03 18:24:42 +02:00
Sebastian Pipping	99e2c0d52a	Changes: Document CVE-2016-9063	2017-05-03 00:38:58 +02:00
Sebastian Pipping	d4f735b88d	Detect integer overflow (CVE-2016-9063) Needs XML_CONTEXT_BYTES to be _undefined_ to trigger, default is defined and set to 1024. Previously patched downstream, e.g. https://sources.debian.net/src/expat/2.2.0-2/debian/patches/CVE-2016-9063.patch/ https://bug1274777.bmoattachments.org/attachment.cgi?id=8755538 This version avoids undefined behavior from _signed_ integer overflow. Signed-off-by: Pascal Cuoq <cuoq@trust-in-soft.com>	2017-05-03 00:38:57 +02:00
Sebastian Pipping	7801ac4cdf	tests: Fix test_byte_info_at_cdata for undefined XML_CONTEXT_BYTES	2017-05-03 00:38:57 +02:00
Sebastian Pipping	766a485e62	Drop Open Watcom specific code (issues #14 and #21 )	2017-05-01 13:38:40 +02:00
Sebastian Pipping	5ceb385eec	htdocs/index.html: Update Git repo and bug report links (issue #1 )	2017-04-26 23:47:13 +02:00
Sebastian Pipping	d1709a6c43	Changes: Document fix to issue #17	2017-04-26 19:08:46 +02:00
Sebastian Pipping	9503581d20	MANIFEST: Add memcheck.{c,h} (issue #17 )	2017-04-26 00:08:03 +02:00
Rhodri James	b47dbc9745	Tidy up attribute prefix bindings on error (fixes #17 )	2017-04-26 00:04:52 +02:00
Rhodri James	16f87daae5	Pull freeing of attribute bindings into a static function (issue #17 )	2017-04-26 00:04:52 +02:00
Rhodri James	ec322eb428	Test to catch Issue #17	2017-04-26 00:04:52 +02:00
Sebastian Pipping	d307e44fbf	expat.spec: Pull version back in sync	2017-04-25 23:51:59 +02:00
Sebastian Pipping	ca5808563d	Changes: Document droppings (issue #14 )	2017-04-25 23:51:59 +02:00
Sebastian Pipping	a67f2a2545	.dsp,.dsw: Drop Visual Studio 6.0 (issue #14 )	2017-04-25 23:51:59 +02:00
Sebastian Pipping	c808687f32	watcom: Drop Open Watcom build system (issue #14 )	2017-04-25 23:37:39 +02:00
Sebastian Pipping	b96d678b34	vms: Drop OpenVMS build system (issue #14 )	2017-04-25 23:37:37 +02:00
Sebastian Pipping	db22312c13	bcb5: Drop Borland build system (issue #14 )	2017-04-25 23:37:34 +02:00
Sebastian Pipping	1106655e57	amiga: Drop AmigaOS 4.x code (issue #14 )	2017-04-25 23:37:30 +02:00
Sebastian Pipping	db023e68b7	configure.ac: Add --(en\|dis)able-xml-context	2017-04-12 23:41:44 +02:00
Sebastian Pipping	0dbbf43fdb	utf8_toUtf8: Cut off partial characters in case of sufficient space, too (closes #16 ) Also, report XML_CONVERT_INPUT_INCOMPLETE properly.	2017-03-30 19:38:57 +02:00
Sebastian Pipping	863c43087f	Address 64bit MinGW compile warning (fixes #15 ) ../../../xmlparse.c: In function ‘generate_hash_secret_salt’: ../../../xmlparse.c:725:42: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] gather_time_entropy() ^ getpid() ^ (unsigned long)parser; ^ Thanks to Viktor Szakats.	2017-03-16 15:54:45 +01:00
Sebastian Pipping	ff9cf997fb	"make run-xmltest" order instability once more (issue #13 )	2017-03-13 21:20:56 +01:00
Sebastian Pipping	afcd79a4b3	Makefile: Turn xmlts.zip download to https	2017-03-13 20:16:06 +01:00
Sebastian Pipping	ef4ab16d9a	Travis: Have xmlts.zip bypass git clean -X	2017-03-13 20:16:06 +01:00
Sebastian Pipping	ce34ddfe9f	Travis: Inline .travis.sh for better integration	2017-03-13 18:45:31 +01:00
Sebastian Pipping	e064eb4c18	Travis: Pull xmlts.zip download out of script section .. so that temporary download issues count for setup issues, not script execution	2017-03-13 18:44:06 +01:00
Sebastian Pipping	11187083d9	Travis: Move from sudo to apt addon	2017-03-13 18:44:06 +01:00
Rhodri James	7091e83cb4	Check that version information is consistent	2017-03-13 18:12:24 +01:00
Rhodri James	69b23486c9	Test XML_ErrorString range checking	2017-03-13 18:06:20 +01:00
Sebastian Pipping	822036fd12	Tests: Make dealing with global parser instance more robust	2017-03-13 18:06:05 +01:00
Rhodri James	6a1873f1f1	Free the content model when used	2017-03-13 17:54:41 +01:00
Rhodri James	813dde9bcc	Add test coverage of XML_GetInputContext()	2017-03-13 17:51:59 +01:00
Sebastian Pipping	19e6c3ac9f	Tests: Address wildcard expansion order variance (fixes #13 )	2017-03-13 17:39:14 +01:00
Rhodri James	c85b577eed	Check byte information behaviour in handlers	2017-03-13 16:23:04 +01:00
Rhodri James	a0eca419bd	Extend coverage of byte information function tests	2017-03-13 15:39:38 +01:00
Rhodri James	2dbc5c800b	Test byte information functions	2017-03-13 15:39:38 +01:00
Rhodri James	012de3c01b	Improve test coverage of XML_ResumeParser	2017-03-13 15:22:52 +01:00
Rhodri James	cf29d40fd3	Extend test coverage of XML_ResumeParser	2017-03-13 15:21:24 +01:00
Rhodri James	6975a78eb5	Extend test coverage of XML_ResumeParser()	2017-03-13 15:21:13 +01:00
Rhodri James	b1ef084e82	Test XML_StopParser() in external entity parsing	2017-03-13 15:15:44 +01:00
Rhodri James	ca324d219c	Increase test coverage of XML_StopParser	2017-03-12 19:42:33 +01:00
Sebastian Pipping	7c715a9d3c	Fix __func__ for -std=c89 with GCC 5.4.0 (fixes #12 ) GCC 5.4.0 does not define __STDC_VERSION__ when -std=c89 is passed.	2017-03-08 22:25:37 +01:00
Sebastian Pipping	acbdb19a28	configure.ac: Fix const correctness in check for __func__	2017-03-08 22:24:47 +01:00
Rhodri James	0a3827eb7d	Extend tests of XML_GetBuffer for still more coverage	2017-03-05 22:56:23 +01:00
Rhodri James	28d9f9938f	Extend XML_GetBuffer testing coverage	2017-03-05 22:54:57 +01:00
Rhodri James	1c3c9b2bd5	Further test coverage of XML_GetBuffer	2017-03-05 22:53:15 +01:00
Rhodri James	11df015a54	Extend tests to XML_GetBuffer in various circumstances	2017-03-05 22:44:17 +01:00
Rhodri James	98c2606759	Test XML_ParseBuffer API in various parse states	2017-03-05 22:38:33 +01:00
Rhodri James	d54933675f	Extend empty string parse tests	2017-03-05 22:36:29 +01:00

... 3 4 5 6 7 ...

1709 Commits