summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* build: don't check for ansidecl.hrburton-master-patch-57542Ross Burton2019-04-021-1/+1
| | | | | This is an internal GCC header that serves no purpose being checked for. The same header has already been removed from libxml2: https://gitlab.gnome.org/GNOME/libxml2/commit/ff628d46a1301d76e0217c23c7ef53c5f1faed45.
* Fix security framework bypassNick Wellnhofer2019-03-294-20/+25
| | | | | | | | | | | | xsltCheckRead and xsltCheckWrite return -1 in case of error but callers don't check for this condition and allow access. With a specially crafted URL, xsltCheckRead could be tricked into returning an error because of a supposedly invalid URL that would still be loaded succesfully later on. Fixes #12. Thanks to Felix Wilhelm for the report.
* Use xmlNewTextChild in EXSLT dyn:mapNick Wellnhofer2019-03-133-9/+11
| | | | | | | xmlTextChild supports entities but dyn:map should create an element containing a literal string. Found with libFuzzer and UBSan.
* Fix float casts in exsltDateDurationNick Wellnhofer2019-03-133-2/+8
| | | | | | | Add range check before converting double to long to avoid undefined behavior. Found with libFuzzer and UBSan.
* Always set context node before calling XPath iteratorsNick Wellnhofer2019-02-204-11/+31
| | | | | | | | | | | | | | | | | | The xmlXPathNext* iterators rely on the XPath context node being set to the start node of the iteration. Some parts of the code base like the xsl:key functions also leave the context node in an unspecified state. Make sure that the context node is reset before invoking the XPath iterators. Also backup and restore the context node in xsltNumberFormatGetMultipleLevel for good measure. This bug could also lead to type confusion and invalid reads in connection with namespace nodes. Fixes #13. Also see the Chromium bug report: https://bugs.chromium.org/p/chromium/issues/detail?id=930663 Thanks to Nicolas Grégoire for the report.
* Change bug tracker URLNick Wellnhofer2019-02-153-7/+7
|
* Change git repo URLNick Wellnhofer2019-02-153-6/+6
|
* Fix attribute precedence with xsl:use-attribute-setsNick Wellnhofer2019-02-126-156/+191
| | | | | | | | | | | Commit 05f70130 broke the precedence of attributes on literal result elements and attributes from xsl:use-attribute-sets. Process xsl:use-attribute-sets first. Then if any attributes were added to the target node, use xmlSetNsProp to copy the remaining attributes, replacing the previous values. Thanks to Alexey Neyman for the report.
* Backup context node in exsltFuncFunctionFunctionNick Wellnhofer2019-02-124-1/+19
| | | | | | | | | | | | | exsltFuncFunctionFunction handles XPath extension functions and is called from the XPath engine. Since evaluation of function templates can change the XPath context node, it must be backed up to avoid corruption. Without proper backup, evaluating certain content in function templates could also result in use-after-free errors. It seems that libxml2 commit 029d0e96 helped to expose the error. Fixes #11.
* Initialize ctxt->output before evaluating global varsNick Wellnhofer2019-02-125-6/+22
| | | | | | | Otherwise, an xsl:element in an EXSLT function could lead to a null pointer dereference. Also initialize some other variables earlier. Fixes #10.
* Fix memory leak in EXSLT functions error pathNick Wellnhofer2019-02-121-0/+1
|
* Regenerate EXSLT websiteNick Wellnhofer2019-02-126-9/+19
|
* Regenerate NEWSNick Wellnhofer2019-02-121-0/+145
|
* Remove WIN32_EXTRA_* variablesNick Wellnhofer2019-02-126-10/+5
| | | | Simply use LDFLAGS and LIBS instead.
* Fix vsnprintf in Python bindings on WindowsNick Wellnhofer2019-02-121-2/+23
| | | | | - Fix vsnprintf on older MSVC versions - Stop using _vsnprintf on MinGW
* Build without winsockNick Wellnhofer2019-02-123-8/+3
| | | | | | Fixes bug #481434: https://bugzilla.gnome.org/show_bug.cgi?id=481434
* Stop redefining snprintf on MinGWNick Wellnhofer2019-02-121-2/+0
| | | | | Seems to fix compilation on MinGW-w64. A similar change was made to libxml2 in 2012.
* Fix misleading indentation in security.cNick Wellnhofer2019-02-121-8/+10
|
* Release of libxslt-1.1.33v1.1.33Daniel Veillard2019-01-0330-1833/+1700
| | | | * configure.ac doc/xslt.html libxslt/xsltwin32config.h: updated for the release
* Don't cache direct evaluation of patterns with variablesv1.1.33-rc2Nick Wellnhofer2018-11-214-1/+41
| | | | | | | | | | | | | | | | | The slow pattern matching path in xsltTestCompMatchDirect caches the result of evaluating the pattern. But this can't be done if the pattern contains variables which could evaluate to different values. Only enable the cache for patterns like template matches that don't allow variable references. Don't use the cache for "count" and "from" patterns in xsl:number. A more fine-grained approach would be nice, but most effort should be spent on eliminating the slow path completely. Thanks to Martin Honnen for the report. Fixes #6.
* Move function result RVTs to context variableNick Wellnhofer2018-09-268-25/+78
| | | | | | | | | | If a variable with a "select" expression calls an EXSLT func:function, the context variable must be restored before evaluating the function result. This makes sure that the RVTs in the result will be moved to the context variable's fragment list when they're released in xsltReleaseLocalRVTs or xsltReleaseLocalRVTs. Thanks to Nikolai Weibull for the report.
* Variables need 'extern' in static lib on CygwinNick Wellnhofer2018-09-222-2/+2
|
* Really declare dllexport/dllimport for CygwinMichael Haubenwallner2018-08-312-4/+4
| | | | | | Cygwin does not define _WIN32, but still requires dllexport/dllimport tags for when applications use the --disable-auto-import linker flag, probably set by the gl_WOE32_DLL autoconf macro in woe32-dll.m4 file.
* Fix EXSLT functions returning RVTs from outer scopesNick Wellnhofer2018-07-2410-30/+89
| | | | | | | | | | | | | | The RVTs referenced from function results must not be blindly registered as local, as they might be part of variables from an outer scope. Remove LOCAL/VARIABLE distinction for RVTs. Don't register as local RVT unconditionally when reflagging as LOCAL. Instead, register function result RVTs from inner variables as local RVTs when they're released in xsltFreeStackElem. Keep local function result RVTs xsltReleaseLocalRVTs instead of reregistering. Closes: https://gitlab.gnome.org/GNOME/libxslt/issues/2 Thanks to Daniel Mendler and Martin Gieseking for the reports.
* Run Travis ASan tests with "sudo: required"Nick Wellnhofer2018-07-241-1/+1
| | | | See https://github.com/travis-ci/travis-ci/issues/9033
* Fix callback signatures in Python bindingsv1.1.33-rc1Nick Wellnhofer2018-01-161-2/+2
|
* Fix handling of RVTs returned from nested EXSLT functionsNick Wellnhofer2018-01-164-0/+28
| | | | | | | | | Set the context variable to NULL when evaluating EXSLT functions. Fixes potential use-after-free errors or memory leaks. Fixes bug 792580. Thanks to Clemens Gutweiler for the report. https://bugzilla.gnome.org/show_bug.cgi?id=792580
* Fix transform callback signaturesNick Wellnhofer2017-11-298-106/+113
|
* Fix extension callback signaturesNick Wellnhofer2017-11-293-16/+20
|
* Fix deallocator signaturesNick Wellnhofer2017-11-293-5/+16
|
* Fix XPath callback signaturesNick Wellnhofer2017-11-292-3/+4
|
* Fix hash callback signaturesNick Wellnhofer2017-11-299-56/+110
|
* Remove doc/libxslt-decl.txtNick Wellnhofer2017-11-041-1449/+0
| | | | | This file seems to be unused since 2003 when the API doc generator was reworked in commit 0d9855d9.
* Fix typosNick Wellnhofer2017-11-0422-54/+54
| | | | Fixes bug 788668.
* Docs for 1.1.32 releaseDaniel Veillard2017-11-021-0/+19
| | | | Forgot it <grin/>
* Release of libxslt-1.1.32v1.1.32Daniel Veillard2017-11-0214-17/+71
| | | | | * configure.ac: update for release * doc/* : regenerated
* Add missing limits.h includeNick Wellnhofer2017-11-021-0/+1
| | | | Fixes bug 789829.
* Also run Windows tests with --maxdepth 200v1.1.32-rc2Nick Wellnhofer2017-10-311-1/+1
| | | | Fixes segfault in recursion tests.
* Disable some MSVC warningsNick Wellnhofer2017-10-311-1/+1
| | | | | Disable "possible loss of data" warnings when casting 64-bit to smaller types.
* Fix deprecated Travis compiler flagv1.1.32-rc1Nick Wellnhofer2017-10-251-1/+1
|
* Run general tests with maxdepth=200Nick Wellnhofer2017-10-251-2/+2
| | | | | Otherwise, the stack could overflow on platforms with a small default stack size like Windows or with sanitizers that increase stack usage.
* Use _WIN32 macro instead of WIN32Nick Wellnhofer2017-10-2517-27/+27
| | | | _WIN32 is defined automatically by the compiler.
* Fix xsltproc newlines on WindowsNick Wellnhofer2017-10-251-0/+7
| | | | Set stdout and stderr to binary.
* Fix Windows compiler warningsNick Wellnhofer2017-10-258-34/+33
| | | | Fixes bug 788317. Thanks to J. Peter Mugaas for the initial patch.
* Rework locale feature testsNick Wellnhofer2017-10-086-109/+24
| | | | | | | | | | | | | Support glibc 2.26 which removes xlocale.h. Fixes bug 788264. Thanks to Quentin Minster for the report. Drop support for ancient glibc 2.2.x. This allows to replace the test program in configure.ac with a simple check for strxfrm_l. Always use WinAPI locales on Windows. Define macros in xsltlocale.h and rename XSLT_LOCALE_XLOCALE to XSLT_LOCALE_POSIX.
* Rebuild win32/libxslt.def.srcNick Wellnhofer2017-10-081-0/+2
|
* Fix compiler warnings in Python bindingsNick Wellnhofer2017-10-082-3/+3
|
* Reconfigure.aclease of libxslt-1.1.31v1.1.31Daniel Veillard2017-10-065-105/+113
| | | | * configure.ac doc/news.html doc/xslt.html: updated for the release
* Fix win32/configure.jsNick Wellnhofer2017-10-031-10/+10
| | | | Adjust for recent config changes.
* Adjust expected error output for libxml2 changesv1.1.31-rc2Nick Wellnhofer2017-09-294-0/+5
|
View Lorry Controller Status