MFV 66082b6c88b9: libbsdxml (expat) 2.4.9

main
Xin LI 1 week ago
commit 71f0c44a04
  1. 2
      contrib/expat/COPYING
  2. 85
      contrib/expat/Changes
  3. 1
      contrib/expat/Makefile.in
  4. 22
      contrib/expat/README.md
  5. 4
      contrib/expat/buildconf.sh
  6. 7
      contrib/expat/configure.ac
  7. 1
      contrib/expat/doc/Makefile.in
  8. 10
      contrib/expat/doc/reference.html
  9. 2
      contrib/expat/doc/xmlwf.1
  10. 2
      contrib/expat/doc/xmlwf.xml
  11. 1
      contrib/expat/examples/Makefile.in
  12. 4
      contrib/expat/fix-xmltest-log.sh
  13. 5
      contrib/expat/lib/Makefile.am
  14. 6
      contrib/expat/lib/Makefile.in
  15. 2
      contrib/expat/lib/expat.h
  16. 6
      contrib/expat/lib/internal.h
  17. 2
      contrib/expat/lib/siphash.h
  18. 19
      contrib/expat/lib/xmlparse.c
  19. 7
      contrib/expat/lib/xmltok.c
  20. 6
      contrib/expat/lib/xmltok_impl.c
  21. 1
      contrib/expat/tests/Makefile.in
  22. 1
      contrib/expat/tests/benchmark/Makefile.in
  23. 80
      contrib/expat/tests/runtests.c
  24. 1
      contrib/expat/xmlwf/Makefile.in
  25. 5
      contrib/expat/xmlwf/win32filemap.c
  26. 3
      contrib/expat/xmlwf/xmlwf.c
  27. 6
      lib/libexpat/expat_config.h
  28. 4
      lib/libexpat/libbsdxml.3

@ -1,5 +1,5 @@
Copyright (c) 1998-2000 Thai Open Source Software Center Ltd and Clark Cooper
Copyright (c) 2001-2019 Expat maintainers
Copyright (c) 2001-2022 Expat maintainers
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the

@ -2,6 +2,88 @@ NOTE: We are looking for help with a few things:
https://github.com/libexpat/libexpat/labels/help%20wanted
If you can help, please get in touch. Thanks!
Release 2.4.9 Tue September 20 2022
Security fixes:
#629 #640 CVE-2022-40674 -- Heap use-after-free vulnerability in
function doContent. Expected impact is denial of service
or potentially arbitrary code execution.
Bug fixes:
#634 MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0
#614 docs: Fix documentation on effect of switch XML_DTD on
symbol visibility in doc/reference.html
Other changes:
#638 MinGW: Make fix-xmltest-log.sh drop more Wine bug output
#596 #625 Autotools: Sync CMake templates with CMake 3.22
#608 CMake: Migrate from use of CMAKE_*_POSTFIX to
dedicated variables EXPAT_*_POSTFIX to stop affecting
other projects
#597 #599 Windows|CMake: Add missing -DXML_STATIC to test runners
and fuzzers
#512 #621 Windows|CMake: Render .def file from a template to fix
linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON
#611 #621 MinGW|CMake: Apply MSVC .def file when linking
#622 #624 MinGW|CMake: Sync library name with GNU Autotools,
i.e. produce libexpat-1.dll rather than libexpat.dll
by default. Filename libexpat.dll.a is unaffected.
#632 MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in
toolchain file "cmake/mingw-toolchain.cmake" to avoid
error "windres: Command not found" on e.g. Ubuntu 20.04
#597 #627 CMake: Unify inconsistent use of set() and option() in
context of public build time options to take need for
set(.. FORCE) in projects using Expat by means of
add_subdirectory(..) off Expat's users' shoulders
#626 #641 Stop exporting API symbols when building a static library
#644 Resolve use of deprecated "fgrep" by "grep -F"
#620 CMake: Make documentation on variables a bit more consistent
#636 CMake: Drop leading whitespace from a #cmakedefine line in
file expat_config.h.cmake
#594 xmlwf: Fix harmless variable mix-up in function nsattcmp
#592 #593 #610 Address Cppcheck warnings
#643 Address Clang 15 compiler warnings
#642 #644 Version info bumped from 9:8:8 to 9:9:8;
see https://verbump.de/ for what these numbers do
Infrastructure:
#597 #598 CI: Windows: Start covering MSVC 2022
#619 CI: macOS: Migrate off deprecated macOS 10.15
#632 CI: Linux: Make migration off deprecated Ubuntu 18.04 work
#643 CI: Upgrade Clang from 14 to 15
#637 apply-clang-format.sh: Add support for BSD find
#633 coverage.sh: Exclude MinGW headers
#635 coverage.sh: Fix name collision for -funsigned-char
Special thanks to:
David Faure
Felix Wilhelm
Frank Bergmann
Rhodri James
Rosen Penev
Thijs Schreijer
Vincent Torri
and
Google Project Zero
Release 2.4.8 Mon March 28 2022
Other changes:
#587 pkg-config: Move "-lm" to section "Libs.private"
#587 CMake|MSVC: Fix pkg-config section "Libs"
#55 #582 CMake|macOS: Start using linker arguments
"-compatibility_version <version>" and
"-current_version <version>" in a way compatible with
GNU Libtool
#590 #591 Version info bumped from 9:7:8 to 9:8:8;
see https://verbump.de/ for what these numbers do
Infrastructure:
#589 CI: Upgrade Clang from 13 to 14
Special thanks to:
evpobr
Kai Pastor
Sam James
Release 2.4.7 Fri March 4 2022
Bug fixes:
#572 #577 Relax fix to CVE-2022-25236 (introduced with release 2.4.5)
@ -190,7 +272,7 @@ Release 2.4.2 Sun December 19 2021
#498 Autotools: Include files with release archives:
- buildconf.sh
- fuzz/*.c
#507 #519 Autotools: Sync CMake templates
#507 #519 Autotools: Sync CMake templates with CMake 3.20
#495 #524 CMake: MinGW: Fix pkg-config section "Libs" for
- non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug)
- multi-config CMake generators (e.g. Ninja Multi-Config)
@ -264,6 +346,7 @@ Release 2.4.0 Sun May 23 2021
#468 #469 xmlwf: Improve help output and the xmlwf man page
#463 xmlwf: Improve maintainability through some refactoring
#477 xmlwf: Fix man page DocBook validity
#456 Autotools: Sync CMake templates with CMake 3.18
#458 #459 CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR
and CMAKE_INSTALL_INCLUDEDIR
#471 #481 CMake: Add support for standard variable BUILD_SHARED_LIBS

@ -336,6 +336,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@

@ -5,7 +5,7 @@
[![Downloads GitHub](https://img.shields.io/github/downloads/libexpat/libexpat/total?label=Downloads%20GitHub)](https://github.com/libexpat/libexpat/releases)
# Expat, Release 2.4.7
# Expat, Release 2.4.9
This is Expat, a C library for parsing XML, started by
[James Clark](https://en.wikipedia.org/wiki/James_Clark_%28programmer%29) in 1997.
@ -222,37 +222,37 @@ CMAKE_INSTALL_PREFIX:PATH=/usr/local
// Path to a program.
DOCBOOK_TO_MAN:FILEPATH=/usr/bin/docbook2x-man
// build man page for xmlwf
// Build man page for xmlwf
EXPAT_BUILD_DOCS:BOOL=ON
// build the examples for expat library
// Build the examples for expat library
EXPAT_BUILD_EXAMPLES:BOOL=ON
// build fuzzers for the expat library
// Build fuzzers for the expat library
EXPAT_BUILD_FUZZERS:BOOL=OFF
// build pkg-config file
// Build pkg-config file
EXPAT_BUILD_PKGCONFIG:BOOL=ON
// build the tests for expat library
// Build the tests for expat library
EXPAT_BUILD_TESTS:BOOL=ON
// build the xmlwf tool for expat library
// Build the xmlwf tool for expat library
EXPAT_BUILD_TOOLS:BOOL=ON
// Character type to use (char|ushort|wchar_t) [default=char]
EXPAT_CHAR_TYPE:STRING=char
// install expat files in cmake install target
// Install expat files in cmake install target
EXPAT_ENABLE_INSTALL:BOOL=ON
// Use /MT flag (static CRT) when compiling in MSVC
EXPAT_MSVC_STATIC_CRT:BOOL=OFF
// build fuzzers via ossfuzz for the expat library
// Build fuzzers via ossfuzz for the expat library
EXPAT_OSSFUZZ_BUILD:BOOL=OFF
// build a shared expat library
// Build a shared expat library
EXPAT_SHARED_LIBS:BOOL=ON
// Treat all compiler warnings as errors
@ -261,7 +261,7 @@ EXPAT_WARNINGS_AS_ERRORS:BOOL=OFF
// Make use of getrandom function (ON|OFF|AUTO) [default=AUTO]
EXPAT_WITH_GETRANDOM:STRING=AUTO
// utilize libbsd (for arc4random_buf)
// Utilize libbsd (for arc4random_buf)
EXPAT_WITH_LIBBSD:BOOL=OFF
// Make use of syscall SYS_getrandom (ON|OFF|AUTO) [default=AUTO]

@ -6,7 +6,7 @@
# \___/_/\_\ .__/ \__,_|\__|
# |_| XML parser
#
# Copyright (c) 2017-2021 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2017-2022 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2018 Marco Maggi <marco.maggi-ipsu@poste.it>
# Licensed under the MIT license:
#
@ -40,7 +40,7 @@ set -e
# not put SIZEOF_VOID_P in the eventual expat_config.h.
patch_expat_config_h_in() {
local filename="$1"
local sizeof_void_p_line_number="$(fgrep -n SIZEOF_VOID_P "${filename}" | awk -F: '{print $1}')"
local sizeof_void_p_line_number="$(grep -F -n SIZEOF_VOID_P "${filename}" | awk -F: '{print $1}')"
[[ ${sizeof_void_p_line_number} =~ ^[0-9]+$ ]] # cheap assert
local first_line_to_delete=$(( sizeof_void_p_line_number - 1 ))
local last_line_to_delete=$(( sizeof_void_p_line_number + 1 ))

@ -82,7 +82,7 @@ dnl If the API changes incompatibly set LIBAGE back to 0
dnl
LIBCURRENT=9 # sync
LIBREVISION=7 # with
LIBREVISION=9 # with
LIBAGE=8 # CMakeLists.txt!
AC_CONFIG_HEADERS([expat_config.h])
@ -134,8 +134,9 @@ AS_CASE(["$LD"],[*clang*],
[*linux*],[archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags $wl-soname $wl$soname -o $lib'])])
EXPATCFG_COMPILER_SUPPORTS_VISIBILITY([
AX_APPEND_FLAG([-fvisibility=hidden], [AM_CFLAGS])
AX_APPEND_FLAG([-DXML_ENABLE_VISIBILITY=1], [AM_CPPFLAGS])])
AX_APPEND_FLAG([-fvisibility=hidden], [AM_CFLAGS])
AS_IF([test "${enable_shared}" = yes],
[AX_APPEND_FLAG([-DXML_ENABLE_VISIBILITY=1], [AM_CPPFLAGS])])])
dnl Checks for typedefs, structures, and compiler characteristics.

@ -238,6 +238,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@

@ -50,7 +50,7 @@
<div>
<h1>
The Expat XML Parser
<small>Release 2.4.7</small>
<small>Release 2.4.9</small>
</h1>
</div>
<div class="content">
@ -365,8 +365,12 @@ this is defined, default attribute values from an external DTD subset
are reported and attribute value normalization occurs based on the
type of attributes defined in the external subset. Without
this, Expat has a smaller memory footprint and can be faster, but will
not load external entities or process conditional sections. This does
not affect the set of functions available in the API.</dd>
not load external entities or process conditional sections. If defined, makes
the functions <code><a
href="#XML_SetBillionLaughsAttackProtectionMaximumAmplification">
XML_SetBillionLaughsAttackProtectionMaximumAmplification</a></code> and <code>
<a href="#XML_SetBillionLaughsAttackProtectionActivationThreshold">
XML_SetBillionLaughsAttackProtectionActivationThreshold</a></code> available.</dd>
<dt>XML_NS</dt>
<dd>When defined, support for the <cite><a href=

@ -5,7 +5,7 @@
\\$2 \(la\\$1\(ra\\$3
..
.if \n(.g .mso www.tmac
.TH XMLWF 1 "March 4, 2022" "" ""
.TH XMLWF 1 "September 20, 2022" "" ""
.SH NAME
xmlwf \- Determines if an XML document is well-formed
.SH SYNOPSIS

@ -21,7 +21,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY dhfirstname "<firstname>Scott</firstname>">
<!ENTITY dhsurname "<surname>Bronson</surname>">
<!ENTITY dhdate "<date>March 4, 2022</date>">
<!ENTITY dhdate "<date>September 20, 2022</date>">
<!-- Please adjust this^^ date whenever cutting a new release. -->
<!ENTITY dhsection "<manvolnum>1</manvolnum>">
<!ENTITY dhemail "<email>bronson@rinspin.com</email>">

@ -259,6 +259,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@

@ -6,7 +6,7 @@
# \___/_/\_\ .__/ \__,_|\__|
# |_| XML parser
#
# Copyright (c) 2019 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2019-2022 Sebastian Pipping <sebastian@pipping.org>
# Licensed under the MIT license:
#
# Permission is hereby granted, free of charge, to any person obtaining
@ -42,6 +42,8 @@ sed \
-e '/^Application tried to create a window, but no driver could be loaded.$/d' \
-e '/^Make sure that your X server is running and that $DISPLAY is set correctly.$/d' \
-e '/^err:systray:initialize_systray Could not create tray window$/d' \
-e '/^[0-9a-f]\+:err:/d' \
-e '/^wine client error:/d' \
-e '/^In ibm\/invalid\/P49\/: Unhandled exception: unimplemented .\+/d' \
\
"${filename}" > "${tempfile}"

@ -6,7 +6,7 @@
# \___/_/\_\ .__/ \__,_|\__|
# |_| XML parser
#
# Copyright (c) 2017-2021 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2017-2022 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2017 Tomasz Kłoczko <kloczek@fedoraproject.org>
# Copyright (c) 2019 David Loffredo <loffredo@steptools.com>
# Licensed under the MIT license:
@ -74,8 +74,7 @@ EXTRA_DIST = \
iasciitab.h \
internal.h \
latin1tab.h \
libexpat.def \
libexpatw.def \
libexpat.def.cmake \
nametab.h \
siphash.h \
utf8tab.h \

@ -22,7 +22,7 @@
# \___/_/\_\ .__/ \__,_|\__|
# |_| XML parser
#
# Copyright (c) 2017-2021 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2017-2022 Sebastian Pipping <sebastian@pipping.org>
# Copyright (c) 2017 Tomasz Kłoczko <kloczek@fedoraproject.org>
# Copyright (c) 2019 David Loffredo <loffredo@steptools.com>
# Licensed under the MIT license:
@ -297,6 +297,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@
@ -435,8 +436,7 @@ EXTRA_DIST = \
iasciitab.h \
internal.h \
latin1tab.h \
libexpat.def \
libexpatw.def \
libexpat.def.cmake \
nametab.h \
siphash.h \
utf8tab.h \

@ -1055,7 +1055,7 @@ XML_SetBillionLaughsAttackProtectionActivationThreshold(
*/
#define XML_MAJOR_VERSION 2
#define XML_MINOR_VERSION 4
#define XML_MICRO_VERSION 7
#define XML_MICRO_VERSION 9
#ifdef __cplusplus
}

@ -28,7 +28,7 @@
Copyright (c) 2002-2003 Fred L. Drake, Jr. <fdrake@users.sourceforge.net>
Copyright (c) 2002-2006 Karl Waclawek <karl@waclawek.net>
Copyright (c) 2003 Greg Stein <gstein@users.sourceforge.net>
Copyright (c) 2016-2021 Sebastian Pipping <sebastian@pipping.org>
Copyright (c) 2016-2022 Sebastian Pipping <sebastian@pipping.org>
Copyright (c) 2018 Yury Gribov <tetra2005@gmail.com>
Copyright (c) 2019 David Loffredo <loffredo@steptools.com>
Licensed under the MIT license:
@ -107,7 +107,9 @@
#include <limits.h> // ULONG_MAX
#if defined(_WIN32) && ! defined(__USE_MINGW_ANSI_STDIO)
#if defined(_WIN32) \
&& (! defined(__USE_MINGW_ANSI_STDIO) \
|| (1 - __USE_MINGW_ANSI_STDIO - 1 == 0))
# define EXPAT_FMT_ULL(midpart) "%" midpart "I64u"
# if defined(_WIN64) // Note: modifiers "td" and "zu" do not work for MinGW
# define EXPAT_FMT_PTRDIFF_T(midpart) "%" midpart "I64d"

@ -106,7 +106,7 @@
* if this code is included and compiled as C++; related GCC warning is:
* warning: use of C++11 long long integer constant [-Wlong-long]
*/
#define _SIP_ULL(high, low) (((uint64_t)high << 32) | low)
#define _SIP_ULL(high, low) ((((uint64_t)high) << 32) | (low))
#define SIP_ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b))))

@ -1,4 +1,4 @@
/* fcb1a62fefa945567301146eb98e3ad3413e823a41c4378e84e8b6b6f308d824 (2.4.7+)
/* 90815a2b2c80c03b2b889fe1d427bb2b9e3282aa065e42784e001db4f23de324 (2.4.9+)
__ __ _
___\ \/ /_ __ __ _| |_
/ _ \\ /| '_ \ / _` | __|
@ -19,7 +19,7 @@
Copyright (c) 2016 Gustavo Grieco <gustavo.grieco@imag.fr>
Copyright (c) 2016 Pascal Cuoq <cuoq@trust-in-soft.com>
Copyright (c) 2016 Ed Schouten <ed@nuxi.nl>
Copyright (c) 2017-2018 Rhodri James <rhodri@wildebeest.org.uk>
Copyright (c) 2017-2022 Rhodri James <rhodri@wildebeest.org.uk>
Copyright (c) 2017 Václav Slavík <vaclav@slavik.io>
Copyright (c) 2017 Viktor Szakats <commit@vsz.me>
Copyright (c) 2017 Chanho Park <chanho61.park@samsung.com>
@ -4271,7 +4271,7 @@ processXmlDecl(XML_Parser parser, int isGeneralTextEntity, const char *s,
const XML_Char *storedEncName = NULL;
const ENCODING *newEncoding = NULL;
const char *version = NULL;
const char *versionend;
const char *versionend = NULL;
const XML_Char *storedversion = NULL;
int standalone = -1;
@ -5826,10 +5826,15 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end,
{
parser->m_processor = contentProcessor;
/* see externalEntityContentProcessor vs contentProcessor */
return doContent(parser, parser->m_parentParser ? 1 : 0, parser->m_encoding,
s, end, nextPtr,
(XML_Bool)! parser->m_parsingStatus.finalBuffer,
XML_ACCOUNT_DIRECT);
result = doContent(parser, parser->m_parentParser ? 1 : 0,
parser->m_encoding, s, end, nextPtr,
(XML_Bool)! parser->m_parsingStatus.finalBuffer,
XML_ACCOUNT_DIRECT);
if (result == XML_ERROR_NONE) {
if (! storeRawNames(parser))
return XML_ERROR_NO_MEMORY;
}
return result;
}
}

@ -21,6 +21,7 @@
Copyright (c) 2017 José Gutiérrez de la Concha <jose@zeroc.com>
Copyright (c) 2019 David Loffredo <loffredo@steptools.com>
Copyright (c) 2021 Dong-hee Na <donghee.na@python.org>
Copyright (c) 2022 Martin Ettl <ettl.martin78@googlemail.com>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
@ -296,7 +297,7 @@ sb_charMatches(const ENCODING *enc, const char *p, int c) {
}
#else
/* c is an ASCII character */
# define CHAR_MATCHES(enc, p, c) (*(p) == c)
# define CHAR_MATCHES(enc, p, c) (*(p) == (c))
#endif
#define PREFIX(ident) normal_##ident
@ -740,7 +741,7 @@ DEFINE_UTF16_TO_UTF16(big2_)
((p)[1] == 0 ? ((struct normal_encoding *)(enc))->type[(unsigned char)*(p)] \
: unicode_byte_type((p)[1], (p)[0]))
#define LITTLE2_BYTE_TO_ASCII(p) ((p)[1] == 0 ? (p)[0] : -1)
#define LITTLE2_CHAR_MATCHES(p, c) ((p)[1] == 0 && (p)[0] == c)
#define LITTLE2_CHAR_MATCHES(p, c) ((p)[1] == 0 && (p)[0] == (c))
#define LITTLE2_IS_NAME_CHAR_MINBPC(p) \
UCS2_GET_NAMING(namePages, (unsigned char)p[1], (unsigned char)p[0])
#define LITTLE2_IS_NMSTRT_CHAR_MINBPC(p) \
@ -875,7 +876,7 @@ static const struct normal_encoding internal_little2_encoding
? ((struct normal_encoding *)(enc))->type[(unsigned char)(p)[1]] \
: unicode_byte_type((p)[0], (p)[1]))
#define BIG2_BYTE_TO_ASCII(p) ((p)[0] == 0 ? (p)[1] : -1)
#define BIG2_CHAR_MATCHES(p, c) ((p)[0] == 0 && (p)[1] == c)
#define BIG2_CHAR_MATCHES(p, c) ((p)[0] == 0 && (p)[1] == (c))
#define BIG2_IS_NAME_CHAR_MINBPC(p) \
UCS2_GET_NAMING(namePages, (unsigned char)p[0], (unsigned char)p[1])
#define BIG2_IS_NMSTRT_CHAR_MINBPC(p) \

@ -16,6 +16,7 @@
Copyright (c) 2018 Anton Maklakov <antmak.pub@gmail.com>
Copyright (c) 2019 David Loffredo <loffredo@steptools.com>
Copyright (c) 2020 Boris Kolpackov <boris@codesynthesis.com>
Copyright (c) 2022 Martin Ettl <ettl.martin78@googlemail.com>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
@ -96,7 +97,7 @@
# define CHECK_NMSTRT_CASE(n, enc, ptr, end, nextTokPtr) \
case BT_LEAD##n: \
if (end - ptr < n) \
if ((end) - (ptr) < (n)) \
return XML_TOK_PARTIAL_CHAR; \
if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \
*nextTokPtr = ptr; \
@ -124,7 +125,8 @@
# define PREFIX(ident) ident
# endif
# define HAS_CHARS(enc, ptr, end, count) (end - ptr >= count * MINBPC(enc))
# define HAS_CHARS(enc, ptr, end, count) \
((end) - (ptr) >= ((count)*MINBPC(enc)))
# define HAS_CHAR(enc, ptr, end) HAS_CHARS(enc, ptr, end, 1)

@ -545,6 +545,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@

@ -256,6 +256,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@

@ -4990,6 +4990,78 @@ START_TEST(test_suspend_resume_internal_entity) {
}
END_TEST
void
suspending_comment_handler(void *userData, const XML_Char *data) {
UNUSED_P(data);
XML_Parser parser = (XML_Parser)userData;
XML_StopParser(parser, XML_TRUE);
}
START_TEST(test_suspend_resume_internal_entity_issue_629) {
const char *const text
= "<!DOCTYPE a [<!ENTITY e '<!--COMMENT-->a'>]><a>&e;<b>\n"
"<"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"/>"
"</b></a>";
const size_t firstChunkSizeBytes = 54;
XML_Parser parser = XML_ParserCreate(NULL);
XML_SetUserData(parser, parser);
XML_SetCommentHandler(parser, suspending_comment_handler);
if (XML_Parse(parser, text, (int)firstChunkSizeBytes, XML_FALSE)
!= XML_STATUS_SUSPENDED)
xml_failure(parser);
if (XML_ResumeParser(parser) != XML_STATUS_OK)
xml_failure(parser);
if (XML_Parse(parser, text + firstChunkSizeBytes,
(int)(strlen(text) - firstChunkSizeBytes), XML_TRUE)
!= XML_STATUS_OK)
xml_failure(parser);
XML_ParserFree(parser);
}
END_TEST
/* Test syntax error is caught at parse resumption */
START_TEST(test_resume_entity_with_syntax_error) {
const char *text = "<!DOCTYPE doc [\n"
@ -7589,7 +7661,7 @@ START_TEST(test_misc_version) {
fail("Version mismatch");
#if ! defined(XML_UNICODE) || defined(XML_UNICODE_WCHAR_T)
if (xcstrcmp(version_text, XCS("expat_2.4.7"))) /* needs bump on releases */
if (xcstrcmp(version_text, XCS("expat_2.4.9"))) /* needs bump on releases */
fail("XML_*_VERSION in expat.h out of sync?\n");
#else
/* If we have XML_UNICODE defined but not XML_UNICODE_WCHAR_T
@ -11764,12 +11836,12 @@ START_TEST(test_accounting_precision) {
END_TEST
static float
portableNAN() {
portableNAN(void) {
return strtof("nan", NULL);
}
static float
portableINFINITY() {
portableINFINITY(void) {
return strtof("infinity", NULL);
}
@ -12016,6 +12088,8 @@ make_suite(void) {
tcase_add_test(tc_basic, test_partial_char_in_epilog);
tcase_add_test(tc_basic, test_hash_collision);
tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_internal_entity);
tcase_add_test__ifdef_xml_dtd(tc_basic,
test_suspend_resume_internal_entity_issue_629);
tcase_add_test__ifdef_xml_dtd(tc_basic, test_resume_entity_with_syntax_error);
tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_parameter_entity);
tcase_add_test(tc_basic, test_restart_on_error);

@ -264,6 +264,7 @@ EXPAT_LARGE_SIZE = @EXPAT_LARGE_SIZE@
EXPAT_MIN_SIZE = @EXPAT_MIN_SIZE@
EXPAT_NS = @EXPAT_NS@
FGREP = @FGREP@
FILECMD = @FILECMD@
FILEMAP = @FILEMAP@
GREP = @GREP@
INSTALL = @INSTALL@

@ -9,7 +9,8 @@
Copyright (c) 1997-2000 Thai Open Source Software Center Ltd
Copyright (c) 2000 Clark Cooper <coopercc@users.sourceforge.net>
Copyright (c) 2002 Fred L. Drake, Jr. <fdrake@users.sourceforge.net>
Copyright (c) 2016-2017 Sebastian Pipping <sebastian@pipping.org>
Copyright (c) 2016-2022 Sebastian Pipping <sebastian@pipping.org>
Copyright (c) 2022 Martin Ettl <ettl.martin78@googlemail.com>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
@ -107,7 +108,7 @@ filemap(const TCHAR *name,
static void
win32perror(const TCHAR *s) {
LPVOID buf;
LPVOID buf = NULL;
if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM,
NULL, GetLastError(),
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR)&buf, 0,

@ -17,6 +17,7 @@
Copyright (c) 2020 Joe Orton <jorton@redhat.com>
Copyright (c) 2020 Kleber Tarcísio <klebertarcisio@yahoo.com.br>
Copyright (c) 2021 Tim Bray <tbray@textuality.com>
Copyright (c) 2022 Martin Ettl <ettl.martin78@googlemail.com>
Licensed under the MIT license:
Permission is hereby granted, free of charge, to any person obtaining
@ -217,7 +218,7 @@ nsattcmp(const void *p1, const void *p2) {
const XML_Char *att1 = *(const XML_Char **)p1;
const XML_Char *att2 = *(const XML_Char **)p2;
int sep1 = (tcsrchr(att1, NSSEP) != 0);
int sep2 = (tcsrchr(att1, NSSEP) != 0);
int sep2 = (tcsrchr(att2, NSSEP) != 0);
if (sep1 != sep2)
return sep1 - sep2;
return tcscmp(att1, att2);

@ -83,7 +83,7 @@
#define PACKAGE_NAME "expat"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "expat 2.4.3"
#define PACKAGE_STRING "expat 2.4.9"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "expat"
@ -92,7 +92,7 @@
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "2.4.3"
#define PACKAGE_VERSION "2.4.9"
/* Define to 1 if all of the C90 standard headers exist (not just the ones
required in a freestanding environment). This macro is provided for
@ -100,7 +100,7 @@
#define STDC_HEADERS 1
/* Version number of package */
#define VERSION "2.4.3"
#define VERSION "2.4.9"
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */

@ -25,7 +25,7 @@
.\"
.\" $FreeBSD$
.\"/
.Dd November 25, 2019
.Dd September 20, 2022
.Dt LIBBSDXML 3
.Os
.Sh NAME
@ -36,7 +36,7 @@
.Sh DESCRIPTION
The
.Nm
library is a verbatim copy of the eXpat XML library version 2.2.9.
library is a verbatim copy of the eXpat XML library version 2.4.9.
.Pp
The
.Nm

Loading…
Cancel
Save