diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2022-09-20 23:00:54 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2022-09-20 23:00:54 +0000 |
commit | 00a6f5903c1270b713b859f7358ca65453b74304 (patch) | |
tree | e89704804f78f4ab0623722737aa0bfff5b17da4 /lib/libexpat | |
parent | 33ad2b93f618cc5cf0565c911db1f3be222f6420 (diff) |
Update libexpat to 2.4.9. This fixes CVE-2022-40674. Relevant for
OpenBSD are security fixes #629 #640 and other changes #610 #643.
No library bump necessary.
OK deraadt@
Diffstat (limited to 'lib/libexpat')
-rw-r--r-- | lib/libexpat/COPYING | 2 | ||||
-rw-r--r-- | lib/libexpat/Changes | 85 | ||||
-rw-r--r-- | lib/libexpat/README.md | 22 | ||||
-rw-r--r-- | lib/libexpat/doc/reference.html | 10 | ||||
-rw-r--r-- | lib/libexpat/lib/expat.h | 2 | ||||
-rw-r--r-- | lib/libexpat/lib/internal.h | 6 | ||||
-rw-r--r-- | lib/libexpat/lib/siphash.h | 2 | ||||
-rw-r--r-- | lib/libexpat/lib/xmlparse.c | 19 | ||||
-rw-r--r-- | lib/libexpat/lib/xmltok.c | 7 | ||||
-rw-r--r-- | lib/libexpat/lib/xmltok_impl.c | 6 | ||||
-rw-r--r-- | lib/libexpat/tests/runtests.c | 80 |
11 files changed, 206 insertions, 35 deletions
diff --git a/lib/libexpat/COPYING b/lib/libexpat/COPYING index 3c0142e71c8..ce9e5939291 100644 --- a/lib/libexpat/COPYING +++ b/lib/libexpat/COPYING @@ -1,5 +1,5 @@ Copyright (c) 1998-2000 Thai Open Source Software Center Ltd and Clark Cooper -Copyright (c) 2001-2019 Expat maintainers +Copyright (c) 2001-2022 Expat maintainers Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/lib/libexpat/Changes b/lib/libexpat/Changes index 95f697b39a4..cfc83a09dae 100644 --- a/lib/libexpat/Changes +++ b/lib/libexpat/Changes @@ -2,6 +2,88 @@ NOTE: We are looking for help with a few things: https://github.com/libexpat/libexpat/labels/help%20wanted If you can help, please get in touch. Thanks! +Release 2.4.9 Tue September 20 2022 + Security fixes: + #629 #640 CVE-2022-40674 -- Heap use-after-free vulnerability in + function doContent. Expected impact is denial of service + or potentially arbitrary code execution. + + Bug fixes: + #634 MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0 + #614 docs: Fix documentation on effect of switch XML_DTD on + symbol visibility in doc/reference.html + + Other changes: + #638 MinGW: Make fix-xmltest-log.sh drop more Wine bug output + #596 #625 Autotools: Sync CMake templates with CMake 3.22 + #608 CMake: Migrate from use of CMAKE_*_POSTFIX to + dedicated variables EXPAT_*_POSTFIX to stop affecting + other projects + #597 #599 Windows|CMake: Add missing -DXML_STATIC to test runners + and fuzzers + #512 #621 Windows|CMake: Render .def file from a template to fix + linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON + #611 #621 MinGW|CMake: Apply MSVC .def file when linking + #622 #624 MinGW|CMake: Sync library name with GNU Autotools, + i.e. produce libexpat-1.dll rather than libexpat.dll + by default. Filename libexpat.dll.a is unaffected. + #632 MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in + toolchain file "cmake/mingw-toolchain.cmake" to avoid + error "windres: Command not found" on e.g. Ubuntu 20.04 + #597 #627 CMake: Unify inconsistent use of set() and option() in + context of public build time options to take need for + set(.. FORCE) in projects using Expat by means of + add_subdirectory(..) off Expat's users' shoulders + #626 #641 Stop exporting API symbols when building a static library + #644 Resolve use of deprecated "fgrep" by "grep -F" + #620 CMake: Make documentation on variables a bit more consistent + #636 CMake: Drop leading whitespace from a #cmakedefine line in + file expat_config.h.cmake + #594 xmlwf: Fix harmless variable mix-up in function nsattcmp + #592 #593 #610 Address Cppcheck warnings + #643 Address Clang 15 compiler warnings + #642 #644 Version info bumped from 9:8:8 to 9:9:8; + see https://verbump.de/ for what these numbers do + + Infrastructure: + #597 #598 CI: Windows: Start covering MSVC 2022 + #619 CI: macOS: Migrate off deprecated macOS 10.15 + #632 CI: Linux: Make migration off deprecated Ubuntu 18.04 work + #643 CI: Upgrade Clang from 14 to 15 + #637 apply-clang-format.sh: Add support for BSD find + #633 coverage.sh: Exclude MinGW headers + #635 coverage.sh: Fix name collision for -funsigned-char + + Special thanks to: + David Faure + Felix Wilhelm + Frank Bergmann + Rhodri James + Rosen Penev + Thijs Schreijer + Vincent Torri + and + Google Project Zero + +Release 2.4.8 Mon March 28 2022 + Other changes: + #587 pkg-config: Move "-lm" to section "Libs.private" + #587 CMake|MSVC: Fix pkg-config section "Libs" + #55 #582 CMake|macOS: Start using linker arguments + "-compatibility_version <version>" and + "-current_version <version>" in a way compatible with + GNU Libtool + #590 #591 Version info bumped from 9:7:8 to 9:8:8; + see https://verbump.de/ for what these numbers do + + Infrastructure: + #589 CI: Upgrade Clang from 13 to 14 + + Special thanks to: + evpobr + Kai Pastor + Sam James + Release 2.4.7 Fri March 4 2022 Bug fixes: #572 #577 Relax fix to CVE-2022-25236 (introduced with release 2.4.5) @@ -190,7 +272,7 @@ Release 2.4.2 Sun December 19 2021 #498 Autotools: Include files with release archives: - buildconf.sh - fuzz/*.c - #507 #519 Autotools: Sync CMake templates + #507 #519 Autotools: Sync CMake templates with CMake 3.20 #495 #524 CMake: MinGW: Fix pkg-config section "Libs" for - non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug) - multi-config CMake generators (e.g. Ninja Multi-Config) @@ -264,6 +346,7 @@ Release 2.4.0 Sun May 23 2021 #468 #469 xmlwf: Improve help output and the xmlwf man page #463 xmlwf: Improve maintainability through some refactoring #477 xmlwf: Fix man page DocBook validity + #456 Autotools: Sync CMake templates with CMake 3.18 #458 #459 CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR and CMAKE_INSTALL_INCLUDEDIR #471 #481 CMake: Add support for standard variable BUILD_SHARED_LIBS diff --git a/lib/libexpat/README.md b/lib/libexpat/README.md index 6bfbf130dbf..c0ac8b0fb23 100644 --- a/lib/libexpat/README.md +++ b/lib/libexpat/README.md @@ -5,7 +5,7 @@ [![Downloads GitHub](https://img.shields.io/github/downloads/libexpat/libexpat/total?label=Downloads%20GitHub)](https://github.com/libexpat/libexpat/releases) -# Expat, Release 2.4.7 +# Expat, Release 2.4.9 This is Expat, a C library for parsing XML, started by [James Clark](https://en.wikipedia.org/wiki/James_Clark_%28programmer%29) in 1997. @@ -222,37 +222,37 @@ CMAKE_INSTALL_PREFIX:PATH=/usr/local // Path to a program. DOCBOOK_TO_MAN:FILEPATH=/usr/bin/docbook2x-man -// build man page for xmlwf +// Build man page for xmlwf EXPAT_BUILD_DOCS:BOOL=ON -// build the examples for expat library +// Build the examples for expat library EXPAT_BUILD_EXAMPLES:BOOL=ON -// build fuzzers for the expat library +// Build fuzzers for the expat library EXPAT_BUILD_FUZZERS:BOOL=OFF -// build pkg-config file +// Build pkg-config file EXPAT_BUILD_PKGCONFIG:BOOL=ON -// build the tests for expat library +// Build the tests for expat library EXPAT_BUILD_TESTS:BOOL=ON -// build the xmlwf tool for expat library +// Build the xmlwf tool for expat library EXPAT_BUILD_TOOLS:BOOL=ON // Character type to use (char|ushort|wchar_t) [default=char] EXPAT_CHAR_TYPE:STRING=char -// install expat files in cmake install target +// Install expat files in cmake install target EXPAT_ENABLE_INSTALL:BOOL=ON // Use /MT flag (static CRT) when compiling in MSVC EXPAT_MSVC_STATIC_CRT:BOOL=OFF -// build fuzzers via ossfuzz for the expat library +// Build fuzzers via ossfuzz for the expat library EXPAT_OSSFUZZ_BUILD:BOOL=OFF -// build a shared expat library +// Build a shared expat library EXPAT_SHARED_LIBS:BOOL=ON // Treat all compiler warnings as errors @@ -261,7 +261,7 @@ EXPAT_WARNINGS_AS_ERRORS:BOOL=OFF // Make use of getrandom function (ON|OFF|AUTO) [default=AUTO] EXPAT_WITH_GETRANDOM:STRING=AUTO -// utilize libbsd (for arc4random_buf) +// Utilize libbsd (for arc4random_buf) EXPAT_WITH_LIBBSD:BOOL=OFF // Make use of syscall SYS_getrandom (ON|OFF|AUTO) [default=AUTO] diff --git a/lib/libexpat/doc/reference.html b/lib/libexpat/doc/reference.html index 87ace02d456..4ab8d5a76b2 100644 --- a/lib/libexpat/doc/reference.html +++ b/lib/libexpat/doc/reference.html @@ -50,7 +50,7 @@ <div> <h1> The Expat XML Parser - <small>Release 2.4.7</small> + <small>Release 2.4.9</small> </h1> </div> <div class="content"> @@ -365,8 +365,12 @@ this is defined, default attribute values from an external DTD subset are reported and attribute value normalization occurs based on the type of attributes defined in the external subset. Without this, Expat has a smaller memory footprint and can be faster, but will -not load external entities or process conditional sections. This does -not affect the set of functions available in the API.</dd> +not load external entities or process conditional sections. If defined, makes +the functions <code><a +href="#XML_SetBillionLaughsAttackProtectionMaximumAmplification"> +XML_SetBillionLaughsAttackProtectionMaximumAmplification</a></code> and <code> +<a href="#XML_SetBillionLaughsAttackProtectionActivationThreshold"> +XML_SetBillionLaughsAttackProtectionActivationThreshold</a></code> available.</dd> <dt>XML_NS</dt> <dd>When defined, support for the <cite><a href= diff --git a/lib/libexpat/lib/expat.h b/lib/libexpat/lib/expat.h index c9214f64070..2b47ce2a8d3 100644 --- a/lib/libexpat/lib/expat.h +++ b/lib/libexpat/lib/expat.h @@ -1055,7 +1055,7 @@ XML_SetBillionLaughsAttackProtectionActivationThreshold( */ #define XML_MAJOR_VERSION 2 #define XML_MINOR_VERSION 4 -#define XML_MICRO_VERSION 7 +#define XML_MICRO_VERSION 9 #ifdef __cplusplus } diff --git a/lib/libexpat/lib/internal.h b/lib/libexpat/lib/internal.h index 444eba0fb03..e09f533b23c 100644 --- a/lib/libexpat/lib/internal.h +++ b/lib/libexpat/lib/internal.h @@ -28,7 +28,7 @@ Copyright (c) 2002-2003 Fred L. Drake, Jr. <fdrake@users.sourceforge.net> Copyright (c) 2002-2006 Karl Waclawek <karl@waclawek.net> Copyright (c) 2003 Greg Stein <gstein@users.sourceforge.net> - Copyright (c) 2016-2021 Sebastian Pipping <sebastian@pipping.org> + Copyright (c) 2016-2022 Sebastian Pipping <sebastian@pipping.org> Copyright (c) 2018 Yury Gribov <tetra2005@gmail.com> Copyright (c) 2019 David Loffredo <loffredo@steptools.com> Licensed under the MIT license: @@ -107,7 +107,9 @@ #include <limits.h> // ULONG_MAX -#if defined(_WIN32) && ! defined(__USE_MINGW_ANSI_STDIO) +#if defined(_WIN32) \ + && (! defined(__USE_MINGW_ANSI_STDIO) \ + || (1 - __USE_MINGW_ANSI_STDIO - 1 == 0)) # define EXPAT_FMT_ULL(midpart) "%" midpart "I64u" # if defined(_WIN64) // Note: modifiers "td" and "zu" do not work for MinGW # define EXPAT_FMT_PTRDIFF_T(midpart) "%" midpart "I64d" diff --git a/lib/libexpat/lib/siphash.h b/lib/libexpat/lib/siphash.h index e5406d7ee9e..303283ad2de 100644 --- a/lib/libexpat/lib/siphash.h +++ b/lib/libexpat/lib/siphash.h @@ -106,7 +106,7 @@ * if this code is included and compiled as C++; related GCC warning is: * warning: use of C++11 long long integer constant [-Wlong-long] */ -#define _SIP_ULL(high, low) (((uint64_t)high << 32) | low) +#define _SIP_ULL(high, low) ((((uint64_t)high) << 32) | (low)) #define SIP_ROTL(x, b) (uint64_t)(((x) << (b)) | ((x) >> (64 - (b)))) diff --git a/lib/libexpat/lib/xmlparse.c b/lib/libexpat/lib/xmlparse.c index 05216d997b0..c0bece51d70 100644 --- a/lib/libexpat/lib/xmlparse.c +++ b/lib/libexpat/lib/xmlparse.c @@ -1,4 +1,4 @@ -/* fcb1a62fefa945567301146eb98e3ad3413e823a41c4378e84e8b6b6f308d824 (2.4.7+) +/* 90815a2b2c80c03b2b889fe1d427bb2b9e3282aa065e42784e001db4f23de324 (2.4.9+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -19,7 +19,7 @@ Copyright (c) 2016 Gustavo Grieco <gustavo.grieco@imag.fr> Copyright (c) 2016 Pascal Cuoq <cuoq@trust-in-soft.com> Copyright (c) 2016 Ed Schouten <ed@nuxi.nl> - Copyright (c) 2017-2018 Rhodri James <rhodri@wildebeest.org.uk> + Copyright (c) 2017-2022 Rhodri James <rhodri@wildebeest.org.uk> Copyright (c) 2017 Václav Slavík <vaclav@slavik.io> Copyright (c) 2017 Viktor Szakats <commit@vsz.me> Copyright (c) 2017 Chanho Park <chanho61.park@samsung.com> @@ -4271,7 +4271,7 @@ processXmlDecl(XML_Parser parser, int isGeneralTextEntity, const char *s, const XML_Char *storedEncName = NULL; const ENCODING *newEncoding = NULL; const char *version = NULL; - const char *versionend; + const char *versionend = NULL; const XML_Char *storedversion = NULL; int standalone = -1; @@ -5826,10 +5826,15 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end, { parser->m_processor = contentProcessor; /* see externalEntityContentProcessor vs contentProcessor */ - return doContent(parser, parser->m_parentParser ? 1 : 0, parser->m_encoding, - s, end, nextPtr, - (XML_Bool)! parser->m_parsingStatus.finalBuffer, - XML_ACCOUNT_DIRECT); + result = doContent(parser, parser->m_parentParser ? 1 : 0, + parser->m_encoding, s, end, nextPtr, + (XML_Bool)! parser->m_parsingStatus.finalBuffer, + XML_ACCOUNT_DIRECT); + if (result == XML_ERROR_NONE) { + if (! storeRawNames(parser)) + return XML_ERROR_NO_MEMORY; + } + return result; } } diff --git a/lib/libexpat/lib/xmltok.c b/lib/libexpat/lib/xmltok.c index c659983b400..2b7012a58be 100644 --- a/lib/libexpat/lib/xmltok.c +++ b/lib/libexpat/lib/xmltok.c @@ -21,6 +21,7 @@ Copyright (c) 2017 José Gutiérrez de la Concha <jose@zeroc.com> Copyright (c) 2019 David Loffredo <loffredo@steptools.com> Copyright (c) 2021 Dong-hee Na <donghee.na@python.org> + Copyright (c) 2022 Martin Ettl <ettl.martin78@googlemail.com> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -296,7 +297,7 @@ sb_charMatches(const ENCODING *enc, const char *p, int c) { } #else /* c is an ASCII character */ -# define CHAR_MATCHES(enc, p, c) (*(p) == c) +# define CHAR_MATCHES(enc, p, c) (*(p) == (c)) #endif #define PREFIX(ident) normal_##ident @@ -740,7 +741,7 @@ DEFINE_UTF16_TO_UTF16(big2_) ((p)[1] == 0 ? ((struct normal_encoding *)(enc))->type[(unsigned char)*(p)] \ : unicode_byte_type((p)[1], (p)[0])) #define LITTLE2_BYTE_TO_ASCII(p) ((p)[1] == 0 ? (p)[0] : -1) -#define LITTLE2_CHAR_MATCHES(p, c) ((p)[1] == 0 && (p)[0] == c) +#define LITTLE2_CHAR_MATCHES(p, c) ((p)[1] == 0 && (p)[0] == (c)) #define LITTLE2_IS_NAME_CHAR_MINBPC(p) \ UCS2_GET_NAMING(namePages, (unsigned char)p[1], (unsigned char)p[0]) #define LITTLE2_IS_NMSTRT_CHAR_MINBPC(p) \ @@ -875,7 +876,7 @@ static const struct normal_encoding internal_little2_encoding ? ((struct normal_encoding *)(enc))->type[(unsigned char)(p)[1]] \ : unicode_byte_type((p)[0], (p)[1])) #define BIG2_BYTE_TO_ASCII(p) ((p)[0] == 0 ? (p)[1] : -1) -#define BIG2_CHAR_MATCHES(p, c) ((p)[0] == 0 && (p)[1] == c) +#define BIG2_CHAR_MATCHES(p, c) ((p)[0] == 0 && (p)[1] == (c)) #define BIG2_IS_NAME_CHAR_MINBPC(p) \ UCS2_GET_NAMING(namePages, (unsigned char)p[0], (unsigned char)p[1]) #define BIG2_IS_NMSTRT_CHAR_MINBPC(p) \ diff --git a/lib/libexpat/lib/xmltok_impl.c b/lib/libexpat/lib/xmltok_impl.c index 4072b06497d..1971d74bf8c 100644 --- a/lib/libexpat/lib/xmltok_impl.c +++ b/lib/libexpat/lib/xmltok_impl.c @@ -16,6 +16,7 @@ Copyright (c) 2018 Anton Maklakov <antmak.pub@gmail.com> Copyright (c) 2019 David Loffredo <loffredo@steptools.com> Copyright (c) 2020 Boris Kolpackov <boris@codesynthesis.com> + Copyright (c) 2022 Martin Ettl <ettl.martin78@googlemail.com> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -96,7 +97,7 @@ # define CHECK_NMSTRT_CASE(n, enc, ptr, end, nextTokPtr) \ case BT_LEAD##n: \ - if (end - ptr < n) \ + if ((end) - (ptr) < (n)) \ return XML_TOK_PARTIAL_CHAR; \ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \ *nextTokPtr = ptr; \ @@ -124,7 +125,8 @@ # define PREFIX(ident) ident # endif -# define HAS_CHARS(enc, ptr, end, count) (end - ptr >= count * MINBPC(enc)) +# define HAS_CHARS(enc, ptr, end, count) \ + ((end) - (ptr) >= ((count)*MINBPC(enc))) # define HAS_CHAR(enc, ptr, end) HAS_CHARS(enc, ptr, end, 1) diff --git a/lib/libexpat/tests/runtests.c b/lib/libexpat/tests/runtests.c index 3309bbaa076..530f1844b5e 100644 --- a/lib/libexpat/tests/runtests.c +++ b/lib/libexpat/tests/runtests.c @@ -4990,6 +4990,78 @@ START_TEST(test_suspend_resume_internal_entity) { } END_TEST +void +suspending_comment_handler(void *userData, const XML_Char *data) { + UNUSED_P(data); + XML_Parser parser = (XML_Parser)userData; + XML_StopParser(parser, XML_TRUE); +} + +START_TEST(test_suspend_resume_internal_entity_issue_629) { + const char *const text + = "<!DOCTYPE a [<!ENTITY e '<!--COMMENT-->a'>]><a>&e;<b>\n" + "<" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "/>" + "</b></a>"; + const size_t firstChunkSizeBytes = 54; + + XML_Parser parser = XML_ParserCreate(NULL); + XML_SetUserData(parser, parser); + XML_SetCommentHandler(parser, suspending_comment_handler); + + if (XML_Parse(parser, text, (int)firstChunkSizeBytes, XML_FALSE) + != XML_STATUS_SUSPENDED) + xml_failure(parser); + if (XML_ResumeParser(parser) != XML_STATUS_OK) + xml_failure(parser); + if (XML_Parse(parser, text + firstChunkSizeBytes, + (int)(strlen(text) - firstChunkSizeBytes), XML_TRUE) + != XML_STATUS_OK) + xml_failure(parser); + XML_ParserFree(parser); +} +END_TEST + /* Test syntax error is caught at parse resumption */ START_TEST(test_resume_entity_with_syntax_error) { const char *text = "<!DOCTYPE doc [\n" @@ -7589,7 +7661,7 @@ START_TEST(test_misc_version) { fail("Version mismatch"); #if ! defined(XML_UNICODE) || defined(XML_UNICODE_WCHAR_T) - if (xcstrcmp(version_text, XCS("expat_2.4.7"))) /* needs bump on releases */ + if (xcstrcmp(version_text, XCS("expat_2.4.9"))) /* needs bump on releases */ fail("XML_*_VERSION in expat.h out of sync?\n"); #else /* If we have XML_UNICODE defined but not XML_UNICODE_WCHAR_T @@ -11764,12 +11836,12 @@ START_TEST(test_accounting_precision) { END_TEST static float -portableNAN() { +portableNAN(void) { return strtof("nan", NULL); } static float -portableINFINITY() { +portableINFINITY(void) { return strtof("infinity", NULL); } @@ -12016,6 +12088,8 @@ make_suite(void) { tcase_add_test(tc_basic, test_partial_char_in_epilog); tcase_add_test(tc_basic, test_hash_collision); tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_internal_entity); + tcase_add_test__ifdef_xml_dtd(tc_basic, + test_suspend_resume_internal_entity_issue_629); tcase_add_test__ifdef_xml_dtd(tc_basic, test_resume_entity_with_syntax_error); tcase_add_test__ifdef_xml_dtd(tc_basic, test_suspend_resume_parameter_entity); tcase_add_test(tc_basic, test_restart_on_error); |