Changeset 39921 in vbox
- Timestamp:
- Jan 31, 2012 3:22:08 PM (13 years ago)
- Location:
- trunk/src/libs/libxml2-2.6.31
- Files:
-
- 12 edited
-
SAX2.c (modified) (2 diffs)
-
encoding.c (modified) (2 diffs)
-
entities.c (modified) (1 diff)
-
error.c (modified) (1 diff)
-
include/libxml/parser.h (modified) (1 diff)
-
libxml.h (modified) (1 diff)
-
nanohttp.c (modified) (1 diff)
-
parser.c (modified) (49 diffs)
-
parserInternals.c (modified) (2 diffs)
-
tree.c (modified) (2 diffs)
-
xmllint.c (modified) (3 diffs)
-
xpath.c (modified) (19 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/libs/libxml2-2.6.31/SAX2.c
r39915 r39921 12 12 #include <stdlib.h> 13 13 #include <string.h> 14 #include <limits.h> 14 15 #include <libxml/xmlmemory.h> 15 16 #include <libxml/tree.h> … … 2443 2444 (xmlDictOwns(ctxt->dict, lastChild->content))) { 2444 2445 lastChild->content = xmlStrdup(lastChild->content); 2446 } 2447 if (ctxt->nodelen > UINT_MAX - len || 2448 ctxt->nodemem + len > UINT_MAX / 2) { 2449 xmlSAX2ErrMemory(ctxt, "xmlSAX2Characters overflow prevented"); 2450 return; 2445 2451 } 2446 2452 if (ctxt->nodelen + len >= ctxt->nodemem) { -
trunk/src/libs/libxml2-2.6.31/encoding.c
r39915 r39921 1763 1763 1764 1764 /* calculate space available */ 1765 written = out->size - out->use ;1765 written = out->size - out->use - 1; /* count '\0' */ 1766 1766 toconv = in->use; 1767 1767 /* … … 1856 1856 if (toconv == 0) 1857 1857 return (0); 1858 written = out->size - out->use ;1858 written = out->size - out->use -1; /* count '\0' */ 1859 1859 if (toconv * 2 >= written) { 1860 1860 xmlBufferGrow(out, out->size + toconv * 2); -
trunk/src/libs/libxml2-2.6.31/entities.c
r39915 r39921 103 103 104 104 105 if ((entity->children) && (entity->owner == 1) &&105 if ((entity->children) && (entity->owner != 0) && 106 106 (entity == (xmlEntityPtr) entity->children->parent)) 107 107 xmlFreeNodeList(entity->children); -
trunk/src/libs/libxml2-2.6.31/error.c
r39915 r39921 46 46 size += chars + 1; \ 47 47 else \ 48 size += 100;\48 break; \ 49 49 if ((larger = (char *) xmlRealloc(str, size)) == NULL) {\ 50 50 break; \ -
trunk/src/libs/libxml2-2.6.31/include/libxml/parser.h
r39915 r39921 298 298 xmlError lastError; 299 299 xmlParserMode parseMode; /* the parser mode */ 300 unsigned long nbentities; /* number of entities references */ 301 unsigned long sizeentities; /* size of parsed entities */ 300 302 }; 301 303 -
trunk/src/libs/libxml2-2.6.31/libxml.h
r39915 r39921 13 13 #ifndef _LARGEFILE_SOURCE 14 14 #define _LARGEFILE_SOURCE 15 #endif 16 #ifndef _LARGEFILE64_SOURCE 17 #define _LARGEFILE64_SOURCE 15 18 #endif 16 19 #ifndef _FILE_OFFSET_BITS -
trunk/src/libs/libxml2-2.6.31/nanohttp.c
r39915 r39921 1333 1333 blen += strlen(headers) + 2; 1334 1334 if (contentType && *contentType) 1335 /* reserve for string plus 'Content-Type: \r\n" */ 1335 1336 blen += strlen(*contentType) + 16; 1336 1337 if (ctxt->query != NULL) 1338 /* 1 for '?' */ 1337 1339 blen += strlen(ctxt->query) + 1; 1338 1340 blen += strlen(method) + strlen(ctxt->path) + 24; 1339 1341 #ifdef HAVE_ZLIB_H 1342 /* reserve for possible 'Accept-Encoding: gzip' string */ 1340 1343 blen += 23; 1341 1344 #endif 1345 if (ctxt->port != 80) { 1346 /* reserve space for ':xxxxx', incl. potential proxy */ 1347 if (proxy) 1348 blen += 12; 1349 else 1350 blen += 6; 1351 } 1342 1352 bp = (char*)xmlMallocAtomic(blen); 1343 1353 if ( bp == NULL ) { -
trunk/src/libs/libxml2-2.6.31/parser.c
r39915 r39921 80 80 #include <zlib.h> 81 81 #endif 82 83 static void 84 xmlFatalErr(xmlParserCtxtPtr ctxt, xmlParserErrors error, const char *info); 85 86 /************************************************************************ 87 * * 88 * Arbitrary limits set in the parser. * 89 * * 90 ************************************************************************/ 91 92 #define XML_PARSER_BIG_ENTITY 1000 93 #define XML_PARSER_LOT_ENTITY 5000 94 95 /* 96 * XML_PARSER_NON_LINEAR is the threshold where the ratio of parsed entity 97 * replacement over the size in byte of the input indicates that you have 98 * and eponential behaviour. A value of 10 correspond to at least 3 entity 99 * replacement per byte of input. 100 */ 101 #define XML_PARSER_NON_LINEAR 10 102 103 /* 104 * xmlParserEntityCheck 105 * 106 * Function to check non-linear entity expansion behaviour 107 * This is here to detect and stop exponential linear entity expansion 108 * This is not a limitation of the parser but a safety 109 * boundary feature. 110 */ 111 static int 112 xmlParserEntityCheck(xmlParserCtxtPtr ctxt, unsigned long size, 113 xmlEntityPtr ent) 114 { 115 unsigned long consumed = 0; 116 117 if (ctxt == NULL) 118 return (0); 119 if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP) 120 return (1); 121 if (size != 0) { 122 /* 123 * Do the check based on the replacement size of the entity 124 */ 125 if (size < XML_PARSER_BIG_ENTITY) 126 return(0); 127 128 /* 129 * A limit on the amount of text data reasonably used 130 */ 131 if (ctxt->input != NULL) { 132 consumed = ctxt->input->consumed + 133 (ctxt->input->cur - ctxt->input->base); 134 } 135 consumed += ctxt->sizeentities; 136 137 if ((size < XML_PARSER_NON_LINEAR * consumed) && 138 (ctxt->nbentities * 3 < XML_PARSER_NON_LINEAR * consumed)) 139 return (0); 140 } else if (ent != NULL) { 141 /* 142 * use the number of parsed entities in the replacement 143 */ 144 size = ent->owner; 145 146 /* 147 * The amount of data parsed counting entities size only once 148 */ 149 if (ctxt->input != NULL) { 150 consumed = ctxt->input->consumed + 151 (ctxt->input->cur - ctxt->input->base); 152 } 153 consumed += ctxt->sizeentities; 154 155 /* 156 * Check the density of entities for the amount of data 157 * knowing an entity reference will take at least 3 bytes 158 */ 159 if (size * 3 < consumed * XML_PARSER_NON_LINEAR) 160 return (0); 161 } else { 162 /* 163 * strange we got no data for checking just return 164 */ 165 return (0); 166 } 167 168 xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL); 169 return (1); 170 } 82 171 83 172 /** … … 2179 2268 * Macro used to grow the current buffer. 2180 2269 */ 2181 #define growBuffer(buffer) { \ 2182 xmlChar *tmp; \ 2183 buffer##_size *= 2; \ 2184 tmp = (xmlChar *) \ 2185 xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \ 2186 if (tmp == NULL) goto mem_error; \ 2187 buffer = tmp; \ 2270 #define growBuffer(buffer, n) { \ 2271 xmlChar *tmp; \ 2272 buffer##_size *= 2; \ 2273 buffer##_size += n; \ 2274 tmp = (xmlChar *) \ 2275 xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \ 2276 if (tmp == NULL) goto mem_error; \ 2277 buffer = tmp; \ 2188 2278 } 2189 2279 … … 2253 2343 } 2254 2344 if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { 2255 growBuffer(buffer );2345 growBuffer(buffer, XML_PARSER_BUFFER_SIZE); 2256 2346 } 2257 2347 } else if ((c == '&') && (what & XML_SUBSTITUTE_REF)) { … … 2261 2351 str); 2262 2352 ent = xmlParseStringEntityRef(ctxt, &str); 2353 if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP) 2354 goto int_error; 2355 if (ent != NULL) 2356 ctxt->nbentities += ent->owner; 2263 2357 if ((ent != NULL) && 2264 2358 (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) { … … 2266 2360 COPY_BUF(0,buffer,nbchars,ent->content[0]); 2267 2361 if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { 2268 growBuffer(buffer );2362 growBuffer(buffer, XML_PARSER_BUFFER_SIZE); 2269 2363 } 2270 2364 } else { … … 2285 2379 if (nbchars > 2286 2380 buffer_size - XML_PARSER_BUFFER_SIZE) { 2287 growBuffer(buffer); 2381 if (xmlParserEntityCheck(ctxt, nbchars, ent)) { 2382 xmlFree(rep); 2383 goto int_error; 2384 } 2385 growBuffer(buffer, XML_PARSER_BUFFER_SIZE); 2288 2386 } 2289 2387 } … … 2296 2394 buffer[nbchars++] = '&'; 2297 2395 if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) { 2298 growBuffer(buffer );2396 growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE); 2299 2397 } 2300 2398 for (;i > 0;i--) … … 2307 2405 "String decoding PE Reference: %.30s\n", str); 2308 2406 ent = xmlParseStringPEReference(ctxt, &str); 2407 if (ctxt->lastError.code == XML_ERR_ENTITY_LOOP) 2408 goto int_error; 2409 if (ent != NULL) 2410 ctxt->nbentities += ent->owner; 2309 2411 if (ent != NULL) { 2310 2412 xmlChar *rep; … … 2320 2422 if (nbchars > 2321 2423 buffer_size - XML_PARSER_BUFFER_SIZE) { 2322 growBuffer(buffer); 2424 if (xmlParserEntityCheck(ctxt, nbchars, ent)) { 2425 xmlFree(rep); 2426 goto int_error; 2427 } 2428 growBuffer(buffer, XML_PARSER_BUFFER_SIZE); 2323 2429 } 2324 2430 } … … 2330 2436 str += l; 2331 2437 if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) { 2332 growBuffer(buffer );2438 growBuffer(buffer, XML_PARSER_BUFFER_SIZE); 2333 2439 } 2334 2440 } … … 2343 2449 mem_error: 2344 2450 xmlErrMemory(ctxt, NULL); 2451 int_error: 2452 if (buffer != NULL) 2453 xmlFree(buffer); 2345 2454 return(NULL); 2346 2455 } … … 3127 3236 if (ctxt->replaceEntities) { 3128 3237 if (len > buf_size - 10) { 3129 growBuffer(buf );3238 growBuffer(buf, 10); 3130 3239 } 3131 3240 buf[len++] = '&'; … … 3136 3245 */ 3137 3246 if (len > buf_size - 10) { 3138 growBuffer(buf );3247 growBuffer(buf, 10); 3139 3248 } 3140 3249 buf[len++] = '&'; … … 3146 3255 } else { 3147 3256 if (len > buf_size - 10) { 3148 growBuffer(buf );3257 growBuffer(buf, 10); 3149 3258 } 3150 3259 len += xmlCopyChar(0, &buf[len], val); … … 3152 3261 } else { 3153 3262 ent = xmlParseEntityRef(ctxt); 3263 ctxt->nbentities++; 3264 if (ent != NULL) 3265 ctxt->nbentities += ent->owner; 3154 3266 if ((ent != NULL) && 3155 3267 (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) { 3156 3268 if (len > buf_size - 10) { 3157 growBuffer(buf );3269 growBuffer(buf, 10); 3158 3270 } 3159 3271 if ((ctxt->replaceEntities == 0) && … … 3180 3292 buf[len++] = *current++; 3181 3293 if (len > buf_size - 10) { 3182 growBuffer(buf );3294 growBuffer(buf, 10); 3183 3295 } 3184 3296 } … … 3187 3299 } else { 3188 3300 if (len > buf_size - 10) { 3189 growBuffer(buf );3301 growBuffer(buf, 10); 3190 3302 } 3191 3303 if (ent->content != NULL) … … 3213 3325 */ 3214 3326 buf[len++] = '&'; 3215 if(len > buf_size - i - 10) {3216 growBuffer(buf );3327 while (len > buf_size - i - 10) { 3328 growBuffer(buf, i + 10); 3217 3329 } 3218 3330 for (;i > 0;i--) … … 3227 3339 COPY_BUF(l,buf,len,0x20); 3228 3340 if (len > buf_size - 10) { 3229 growBuffer(buf );3341 growBuffer(buf, 10); 3230 3342 } 3231 3343 } … … 3236 3348 COPY_BUF(l,buf,len,c); 3237 3349 if (len > buf_size - 10) { 3238 growBuffer(buf );3350 growBuffer(buf, 10); 3239 3351 } 3240 3352 } … … 4251 4363 ctxt->sax->processingInstruction(ctxt->userData, 4252 4364 target, NULL); 4253 ctxt->instate = state; 4365 if (ctxt->instate != XML_PARSER_EOF) 4366 ctxt->instate = state; 4254 4367 return; 4255 4368 } … … 4331 4444 xmlFatalErr(ctxt, XML_ERR_PI_NOT_STARTED, NULL); 4332 4445 } 4333 ctxt->instate = state; 4446 if (ctxt->instate != XML_PARSER_EOF) 4447 ctxt->instate = state; 4334 4448 } 4335 4449 } … … 4434 4548 xmlChar *orig = NULL; 4435 4549 int skipped; 4550 unsigned long oldnbent = ctxt->nbentities; 4436 4551 4437 4552 /* GROW; done in the caller */ … … 4643 4758 } 4644 4759 if (cur != NULL) { 4760 if ((cur->owner != 0) || (cur->children == NULL)) { 4761 cur->owner = ctxt->nbentities - oldnbent; 4762 if (cur->owner == 0) 4763 cur->owner = 1; 4764 } 4645 4765 if (cur->orig != NULL) 4646 4766 xmlFree(orig); … … 4753 4873 xmlFatalErrMsg(ctxt, XML_ERR_NAME_REQUIRED, 4754 4874 "Name expected in NOTATION declaration\n"); 4755 return(ret); 4875 xmlFreeEnumeration(ret); 4876 return(NULL); 4756 4877 } 4757 4878 cur = xmlCreateEnumeration(name); 4758 if (cur == NULL) return(ret); 4879 if (cur == NULL) { 4880 xmlFreeEnumeration(ret); 4881 return(NULL); 4882 } 4759 4883 if (last == NULL) ret = last = cur; 4760 4884 else { … … 4766 4890 if (RAW != ')') { 4767 4891 xmlFatalErr(ctxt, XML_ERR_NOTATION_NOT_FINISHED, NULL); 4768 if ((last != NULL) && (last != ret)) 4769 xmlFreeEnumeration(last); 4770 return(ret); 4892 xmlFreeEnumeration(ret); 4893 return(NULL); 4771 4894 } 4772 4895 NEXT; … … 4809 4932 cur = xmlCreateEnumeration(name); 4810 4933 xmlFree(name); 4811 if (cur == NULL) return(ret); 4934 if (cur == NULL) { 4935 xmlFreeEnumeration(ret); 4936 return(NULL); 4937 } 4812 4938 if (last == NULL) ret = last = cur; 4813 4939 else { … … 5207 5333 xmlChar type = 0; 5208 5334 5335 if (ctxt->depth > 128) { 5336 xmlFatalErrMsgInt(ctxt, XML_ERR_ELEMCONTENT_NOT_FINISHED, 5337 "xmlParseElementChildrenContentDecl : depth %d too deep\n", 5338 ctxt->depth); 5339 return(NULL); 5340 } 5209 5341 SKIP_BLANKS; 5210 5342 GROW; … … 5215 5347 NEXT; 5216 5348 SKIP_BLANKS; 5349 ctxt->depth++; 5217 5350 cur = ret = xmlParseElementChildrenContentDecl(ctxt, inputid); 5351 ctxt->depth--; 5218 5352 SKIP_BLANKS; 5219 5353 GROW; … … 5345 5479 NEXT; 5346 5480 SKIP_BLANKS; 5481 ctxt->depth++; 5347 5482 last = xmlParseElementChildrenContentDecl(ctxt, inputid); 5483 ctxt->depth--; 5348 5484 SKIP_BLANKS; 5349 5485 } else { … … 6072 6208 ent->children = list; 6073 6209 ent->last = list; 6074 ent->owner = 1; 6210 if (ent->owner == 0) 6211 ent->owner = 1; 6075 6212 list->parent = (xmlNodePtr) ent; 6076 6213 } else { … … 6081 6218 } 6082 6219 } else { 6220 unsigned long oldnbent = ctxt->nbentities; 6083 6221 /* 6084 6222 * 4.3.2: An internal general parsed entity is well-formed … … 6103 6241 value, user_data, &list); 6104 6242 ctxt->depth--; 6243 6105 6244 } else if (ent->etype == 6106 6245 XML_EXTERNAL_GENERAL_PARSED_ENTITY) { … … 6114 6253 xmlErrMsgStr(ctxt, XML_ERR_INTERNAL_ERROR, 6115 6254 "invalid entity type found\n", NULL); 6255 } 6256 /* 6257 * Store the number of entities needing parsing for entity 6258 * content and do checkings 6259 */ 6260 if ((ent->owner != 0) || (ent->children == NULL)) { 6261 ent->owner = ctxt->nbentities - oldnbent; 6262 if (ent->owner == 0) 6263 ent->owner = 1; 6264 } 6265 if (ret == XML_ERR_ENTITY_LOOP) { 6266 xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL); 6267 xmlFreeNodeList(list); 6268 return; 6269 } 6270 if (xmlParserEntityCheck(ctxt, 0, ent)) { 6271 xmlFreeNodeList(list); 6272 return; 6116 6273 } 6117 6274 if (ret == XML_ERR_ENTITY_LOOP) { … … 6133 6290 list->parent = (xmlNodePtr) ent; 6134 6291 list = NULL; 6135 ent->owner = 1; 6292 if (ent->owner == 0) 6293 ent->owner = 1; 6136 6294 } else { 6137 6295 ent->owner = 0; … … 6150 6308 } 6151 6309 } else { 6152 ent->owner = 1; 6310 if (ent->owner == 0) 6311 ent->owner = 1; 6153 6312 while (list != NULL) { 6154 6313 list->parent = (xmlNodePtr) ent; … … 6169 6328 xmlFreeNodeList(list); 6170 6329 list = NULL; 6330 } else if (ent->owner != 1) { 6331 ctxt->nbentities += ent->owner; 6171 6332 } 6172 6333 } … … 6327 6488 cur = next; 6328 6489 } 6329 ent->owner = 1; 6490 if (ent->owner == 0) 6491 ent->owner = 1; 6330 6492 #ifdef LIBXML_LEGACY_ENABLED 6331 6493 if (ent->etype == XML_EXTERNAL_GENERAL_PARSED_ENTITY) … … 6416 6578 if (RAW == ';') { 6417 6579 NEXT; 6580 /* 6581 * Increase the number of entity references parsed 6582 */ 6583 ctxt->nbentities++; 6584 6418 6585 /* 6419 6586 * Ask first SAX for entity resolution, otherwise try the … … 6588 6755 ptr++; 6589 6756 /* 6757 * Increase the number of entity references parsed 6758 */ 6759 ctxt->nbentities++; 6760 /* 6590 6761 * Ask first SAX for entity resolution, otherwise try the 6591 6762 * predefined set. … … 6749 6920 if (RAW == ';') { 6750 6921 NEXT; 6922 /* 6923 * Increase the number of entity references parsed 6924 */ 6925 ctxt->nbentities++; 6926 6751 6927 if ((ctxt->sax != NULL) && 6752 6928 (ctxt->sax->getParameterEntity != NULL)) … … 6879 7055 ptr++; 6880 7056 cur = *ptr; 7057 /* 7058 * Increase the number of entity references parsed 7059 */ 7060 ctxt->nbentities++; 7061 6881 7062 if ((ctxt->sax != NULL) && 6882 7063 (ctxt->sax->getParameterEntity != NULL)) … … 8610 8791 name = xmlParseStartTag(ctxt); 8611 8792 #endif /* LIBXML_SAX1_ENABLED */ 8793 if (ctxt->instate == XML_PARSER_EOF) 8794 return; 8612 8795 if (name == NULL) { 8613 8796 spacePop(ctxt); … … 9932 10115 name = xmlParseStartTag(ctxt); 9933 10116 #endif /* LIBXML_SAX1_ENABLED */ 10117 if (ctxt->instate == XML_PARSER_EOF) 10118 goto done; 9934 10119 if (name == NULL) { 9935 10120 spacePop(ctxt); … … 10118 10303 xmlParseEndTag1(ctxt, 0); 10119 10304 #endif /* LIBXML_SAX1_ENABLED */ 10120 if (ctxt->nameNr == 0) { 10305 if (ctxt->instate == XML_PARSER_EOF) { 10306 /* Nothing */ 10307 } else if (ctxt->nameNr == 0) { 10121 10308 ctxt->instate = XML_PARSER_EPILOG; 10122 10309 } else { … … 11538 11725 ret = XML_ERR_OK; 11539 11726 } 11727 11728 /* 11729 * Record in the parent context the number of entities replacement 11730 * done when parsing that reference. 11731 */ 11732 oldctxt->nbentities += ctxt->nbentities; 11733 /* 11734 * Also record the size of the entity parsed 11735 */ 11736 if (ctxt->input != NULL) { 11737 oldctxt->sizeentities += ctxt->input->consumed; 11738 oldctxt->sizeentities += (ctxt->input->cur - ctxt->input->base); 11739 } 11740 /* 11741 * And record the last error if any 11742 */ 11743 if (ctxt->lastError.code != XML_ERR_OK) 11744 xmlCopyError(&ctxt->lastError, &oldctxt->lastError); 11745 11540 11746 if (sax != NULL) 11541 11747 ctxt->sax = oldsax; … … 11543 11749 oldctxt->node_seq.length = ctxt->node_seq.length; 11544 11750 oldctxt->node_seq.buffer = ctxt->node_seq.buffer; 11751 oldctxt->nbentities += ctxt->nbentities; 11545 11752 ctxt->node_seq.maximum = 0; 11546 11753 ctxt->node_seq.length = 0; … … 11767 11974 } 11768 11975 11976 /* 11977 * Record in the parent context the number of entities replacement 11978 * done when parsing that reference. 11979 */ 11980 oldctxt->nbentities += ctxt->nbentities; 11981 /* 11982 * Also record the last error if any 11983 */ 11984 if (ctxt->lastError.code != XML_ERR_OK) 11985 xmlCopyError(&ctxt->lastError, &oldctxt->lastError); 11986 11769 11987 ctxt->sax = oldsax; 11770 11988 ctxt->dict = NULL; … … 13078 13296 ctxt->charset = XML_CHAR_ENCODING_UTF8; 13079 13297 ctxt->catalogs = NULL; 13298 ctxt->nbentities = 0; 13299 ctxt->sizeentities = 0; 13080 13300 xmlInitNodeInfoSeq(&ctxt->node_seq); 13081 13301 -
trunk/src/libs/libxml2-2.6.31/parserInternals.c
r39915 r39921 1400 1400 return(NULL); 1401 1401 } 1402 input->filename = (char *) entity->URI; 1402 if (entity->URI != NULL) 1403 input->filename = (char *) xmlStrdup((xmlChar *) entity->URI); 1403 1404 input->base = entity->content; 1404 1405 input->cur = entity->content; … … 1670 1671 ctxt->charset = XML_CHAR_ENCODING_UTF8; 1671 1672 ctxt->catalogs = NULL; 1673 ctxt->nbentities = 0; 1672 1674 xmlInitNodeInfoSeq(&ctxt->node_seq); 1673 1675 return(0); -
trunk/src/libs/libxml2-2.6.31/tree.c
r39915 r39921 15 15 16 16 #include <string.h> /* for memset() only ! */ 17 17 #include <limits.h> 18 18 #ifdef HAVE_CTYPE_H 19 19 #include <ctype.h> … … 6899 6899 /*take care of empty case*/ 6900 6900 newSize = (buf->size ? buf->size*2 : size + 10); 6901 while (size > newSize) newSize *= 2; 6901 while (size > newSize) { 6902 if (newSize > UINT_MAX / 2) { 6903 xmlTreeErrMemory("growing buffer"); 6904 return 0; 6905 } 6906 newSize *= 2; 6907 } 6902 6908 break; 6903 6909 case XML_BUFFER_ALLOC_EXACT: -
trunk/src/libs/libxml2-2.6.31/xmllint.c
r39915 r39921 2835 2835 printf("\t--noent : substitute entity references by their value\n"); 2836 2836 printf("\t--noout : don't output the result tree\n"); 2837 printf("\t--path 'paths' : provide a set of paths for resources\n");2837 printf("\t--path 'paths' : provide a set of paths for resources\n"); 2838 2838 printf("\t--load-trace : print trace of all external entites loaded\n"); 2839 2839 printf("\t--nonet : refuse to fetch DTDs or entities over network\n"); … … 2885 2885 printf("\t otherwise XML Catalogs starting from \n"); 2886 2886 printf("\t %s are activated by default\n", XML_XML_DEFAULT_CATALOG); 2887 printf("\t--nocatalogs : deactivate all catalogs\n");2887 printf("\t--nocatalogs : deactivate all catalogs\n"); 2888 2888 #endif 2889 2889 printf("\t--auto : generate a small doc on the fly\n"); … … 2910 2910 #endif 2911 2911 #ifdef LIBXML_SAX1_ENABLED 2912 printf("\t--sax1 : use the old SAX1 interfaces for processing\n");2913 #endif 2914 printf("\t--sax : do not build a tree but work just at the SAX level\n");2912 printf("\t--sax1 : use the old SAX1 interfaces for processing\n"); 2913 #endif 2914 printf("\t--sax : do not build a tree but work just at the SAX level\n"); 2915 2915 2916 2916 printf("\nLibxml project home page: http://xmlsoft.org/\n"); -
trunk/src/libs/libxml2-2.6.31/xpath.c
r39915 r39921 2443 2443 if (tmp == NULL) { 2444 2444 xmlGenericError(xmlGenericErrorContext, "realloc failed !\n"); 2445 ctxt->error = XPATH_MEMORY_ERROR; 2445 2446 return (0); 2446 2447 } … … 3523 3524 xmlNodePtr *temp; 3524 3525 3525 cur->nodeMax *= 2; 3526 temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 3526 temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * 3527 3527 sizeof(xmlNodePtr)); 3528 3528 if (temp == NULL) { … … 3530 3530 return; 3531 3531 } 3532 cur->nodeMax *= 2; 3532 3533 cur->nodeTab = temp; 3533 3534 } … … 3628 3629 xmlNodePtr *temp; 3629 3630 3630 cur->nodeMax *= 2; 3631 temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 3631 temp = (xmlNodePtr *) xmlRealloc(cur->nodeTab, cur->nodeMax * 2 * 3632 3632 sizeof(xmlNodePtr)); 3633 3633 if (temp == NULL) { … … 3636 3636 } 3637 3637 cur->nodeTab = temp; 3638 cur->nodeMax *= 2; 3638 3639 } 3639 3640 if (val->type == XML_NAMESPACE_DECL) { … … 3737 3738 xmlNodePtr *temp; 3738 3739 3739 val1->nodeMax *= 2; 3740 temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 3740 temp = (xmlNodePtr *) xmlRealloc(val1->nodeTab, val1->nodeMax * 2 * 3741 3741 sizeof(xmlNodePtr)); 3742 3742 if (temp == NULL) { … … 3745 3745 } 3746 3746 val1->nodeTab = temp; 3747 val1->nodeMax *= 2; 3747 3748 } 3748 3749 if (n2->type == XML_NAMESPACE_DECL) { … … 3902 3903 xmlNodePtr *temp; 3903 3904 3904 set1->nodeMax *= 2;3905 3905 temp = (xmlNodePtr *) xmlRealloc( 3906 set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr));3906 set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); 3907 3907 if (temp == NULL) { 3908 3908 xmlXPathErrMemory(NULL, "merging nodeset\n"); … … 3910 3910 } 3911 3911 set1->nodeTab = temp; 3912 set1->nodeMax *= 2; 3912 3913 } 3913 3914 if (n2->type == XML_NAMESPACE_DECL) { … … 3984 3985 xmlNodePtr *temp; 3985 3986 3986 set1->nodeMax *= 2;3987 3987 temp = (xmlNodePtr *) xmlRealloc( 3988 set1->nodeTab, set1->nodeMax * sizeof(xmlNodePtr));3988 set1->nodeTab, set1->nodeMax * 2 * sizeof(xmlNodePtr)); 3989 3989 if (temp == NULL) { 3990 3990 xmlXPathErrMemory(NULL, "merging nodeset\n"); … … 3992 3992 } 3993 3993 set1->nodeTab = temp; 3994 set1->nodeMax *= 2; 3994 3995 } 3995 3996 set1->nodeTab[set1->nodeNr++] = n2; … … 8088 8089 xmlXPathNextFollowing(xmlXPathParserContextPtr ctxt, xmlNodePtr cur) { 8089 8090 if ((ctxt == NULL) || (ctxt->context == NULL)) return(NULL); 8090 if (cur != NULL && cur->children != NULL) 8091 return cur->children ; 8092 if (cur == NULL) cur = ctxt->context->node; 8091 if ((cur != NULL) && (cur->type != XML_ATTRIBUTE_NODE) && 8092 (cur->type != XML_NAMESPACE_DECL) && (cur->children != NULL)) 8093 return(cur->children); 8094 8095 if (cur == NULL) { 8096 cur = ctxt->context->node; 8097 if (cur->type == XML_NAMESPACE_DECL) 8098 return(NULL); 8099 if (cur->type == XML_ATTRIBUTE_NODE) 8100 cur = cur->parent; 8101 } 8093 8102 if (cur == NULL) return(NULL) ; /* ERROR */ 8094 8103 if (cur->next != NULL) return(cur->next) ; … … 8144 8153 { 8145 8154 if ((ctxt == NULL) || (ctxt->context == NULL)) return(NULL); 8146 if (cur == NULL) 8155 if (cur == NULL) { 8147 8156 cur = ctxt->context->node; 8157 if (cur->type == XML_NAMESPACE_DECL) 8158 return(NULL); 8159 if (cur->type == XML_ATTRIBUTE_NODE) 8160 return(cur->parent); 8161 } 8148 8162 if (cur == NULL) 8149 8163 return (NULL); … … 8189 8203 if (cur == NULL) 8190 8204 return (NULL); 8191 8192 cur = (xmlNodePtr)((xmlNsPtr)cur)->next;8205 if (cur->type == XML_NAMESPACE_DECL) 8206 return (NULL); 8193 8207 ctxt->ancestor = cur->parent; 8194 8208 } … … 9258 9272 xmlGenericError(xmlGenericErrorContext, 9259 9273 "xmlXPathTranslateFunction: Invalid UTF8 string\n"); 9274 /* not asserting an XPath error is probably better */ 9260 9275 break; 9261 9276 } … … 9265 9280 xmlGenericError(xmlGenericErrorContext, 9266 9281 "xmlXPathTranslateFunction: Invalid UTF8 string\n"); 9282 /* not asserting an XPath error is probably better */ 9267 9283 break; 9268 9284 } … … 13302 13318 "xmlXPathCompOpEval: variable %s bound to undefined prefix %s\n", 13303 13319 op->value4, op->value5); 13320 ctxt->error = XPATH_UNDEF_PREFIX_ERROR; 13304 13321 return (total); 13305 13322 } … … 13350 13367 "xmlXPathCompOpEval: function %s bound to undefined prefix %s\n", 13351 13368 op->value4, op->value5); 13369 ctxt->error = XPATH_UNDEF_PREFIX_ERROR; 13352 13370 return (total); 13353 13371 } … … 13927 13945 xmlGenericError(xmlGenericErrorContext, 13928 13946 "XPath: unknown precompiled operation %d\n", op->op); 13947 ctxt->error = XPATH_INVALID_OPERAND; 13929 13948 return (total); 13930 13949 }
Note:
See TracChangeset
for help on using the changeset viewer.
