Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

JDK-8286256 : Update libxml2 to 2.9.14 #797

Closed
wants to merge 13 commits into from
Closed
Show file tree
Hide file tree
Changes from 10 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
@@ -1,4 +1,4 @@
## xmlsoft.org: libxml2 v2.9.13
## xmlsoft.org: libxml2 v2.9.14

### libxml2 License
```
@@ -1,4 +1,4 @@
## xmlsoft.org: libxslt v1.1.34
## xmlsoft.org: libxslt v1.1.35

### libxslt License
```
@@ -241,7 +241,7 @@
#define PACKAGE_NAME "libxml2"

/* Define to the full name and version of this package. */
#define PACKAGE_STRING "libxml2 2.9.13"
#define PACKAGE_STRING "libxml2 2.9.14"

/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "libxml2"
@@ -250,7 +250,7 @@
#define PACKAGE_URL ""

/* Define to the version of this package. */
#define PACKAGE_VERSION "2.9.13"
#define PACKAGE_VERSION "2.9.14"

/* Type cast for the send() function 2nd arg */
#define SEND_ARG2_CAST /**/
@@ -265,7 +265,7 @@
#define VA_LIST_IS_ARRAY 1

/* Version number of package */
#define VERSION "2.9.13"
#define VERSION "2.9.14"

/* Determine what socket length (socklen_t) data type is */
#define XML_SOCKLEN_T socklen_t
@@ -29,21 +29,21 @@ XMLPUBFUN void XMLCALL xmlCheckVersion(int version);
*
* the version string like "1.2.3"
*/
#define LIBXML_DOTTED_VERSION "2.9.13"
#define LIBXML_DOTTED_VERSION "2.9.14"

/**
* LIBXML_VERSION:
*
* the version number: 1.2.3 value is 10203
*/
#define LIBXML_VERSION 20913
#define LIBXML_VERSION 20914

/**
* LIBXML_VERSION_STRING:
*
* the version number string, 1.2.3 value is "10203"
*/
#define LIBXML_VERSION_STRING "20913"
#define LIBXML_VERSION_STRING "20914"

/**
* LIBXML_VERSION_EXTRA:
@@ -58,7 +58,7 @@ XMLPUBFUN void XMLCALL xmlCheckVersion(int version);
* Macro to check that the libxml version in use is compatible with
* the version the software has been compiled against
*/
#define LIBXML_TEST_VERSION xmlCheckVersion(20913);
#define LIBXML_TEST_VERSION xmlCheckVersion(20914);

#ifndef VMS
#if 0
@@ -22,14 +22,15 @@
/* Define to 1 if you have the <ctype.h> header file. */
#define HAVE_CTYPE_H 1

/* Define to 1 if you have the <dirent.h> header file. */
/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
*/
#define HAVE_DIRENT_H 1

/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1

/* Have dlopen based dso */
/* #undef HAVE_DLOPEN */
#define HAVE_DLOPEN /**/

/* Define to 1 if you have the <dl.h> header file. */
/* #undef HAVE_DL_H */
@@ -61,18 +62,9 @@
/* Define to 1 if you have the `isascii' function. */
#define HAVE_ISASCII 1

/* Define if isinf is there */
#define HAVE_ISINF /**/

/* Define if isnan is there */
#define HAVE_ISNAN /**/

/* Define if history library is there (-lhistory) */
/* #undef HAVE_LIBHISTORY */

/* Define if pthread library is there (-lpthread) */
#define HAVE_LIBPTHREAD /**/

/* Define if readline library is there (-lreadline) */
/* #undef HAVE_LIBREADLINE */

@@ -91,9 +83,6 @@
/* Define to 1 if you have the <math.h> header file. */
#define HAVE_MATH_H 1

/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1

/* Define to 1 if you have the `mmap' function. */
#define HAVE_MMAP 1

@@ -130,7 +119,7 @@
#define HAVE_RAND 1

/* Define to 1 if you have the `rand_r' function. */
/* #undef HAVE_RAND_R 1 */
#define HAVE_RAND_R 1

/* Define to 1 if you have the <resolv.h> header file. */
#define HAVE_RESOLV_H 1
@@ -165,6 +154,9 @@
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1

/* Define to 1 if you have the <stdio.h> header file. */
#define HAVE_STDIO_H 1

/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1

@@ -234,7 +226,7 @@
/* #undef HAVE___VA_COPY */

/* Define as const if the declaration of iconv() needs const. */
/* #undef ICONV_CONST */
#define ICONV_CONST

/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"
@@ -246,24 +238,26 @@
#define PACKAGE_BUGREPORT ""

/* Define to the full name of this package. */
#define PACKAGE_NAME ""
#define PACKAGE_NAME "libxml2"

/* Define to the full name and version of this package. */
#define PACKAGE_STRING ""
#define PACKAGE_STRING "libxml2 2.9.14"

/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME ""
#define PACKAGE_TARNAME "libxml2"

/* Define to the home page for this package. */
#define PACKAGE_URL ""

/* Define to the version of this package. */
#define PACKAGE_VERSION ""
#define PACKAGE_VERSION "2.9.14"

/* Type cast for the send() function 2nd arg */
#define SEND_ARG2_CAST /**/

/* Define to 1 if you have the ANSI C header files. */
/* Define to 1 if all of the C90 standard headers exist (not just the ones
required in a freestanding environment). This macro is provided for
backward compatibility; new code need not use it. */
#define STDC_HEADERS 1

/* Support for IPv6 */
@@ -273,7 +267,7 @@
#define VA_LIST_IS_ARRAY 1

/* Version number of package */
#define VERSION "2.9.12"
#define VERSION "2.9.14"

/* Determine what socket length (socklen_t) data type is */
#define XML_SOCKLEN_T socklen_t
@@ -29,21 +29,21 @@ XMLPUBFUN void XMLCALL xmlCheckVersion(int version);
*
* the version string like "1.2.3"
*/
#define LIBXML_DOTTED_VERSION "2.9.13"
#define LIBXML_DOTTED_VERSION "2.9.14"

/**
* LIBXML_VERSION:
*
* the version number: 1.2.3 value is 10203
*/
#define LIBXML_VERSION 20913
#define LIBXML_VERSION 20914

/**
* LIBXML_VERSION_STRING:
*
* the version number string, 1.2.3 value is "10203"
*/
#define LIBXML_VERSION_STRING "20913"
#define LIBXML_VERSION_STRING "20914"

/**
* LIBXML_VERSION_EXTRA:
@@ -58,7 +58,7 @@ XMLPUBFUN void XMLCALL xmlCheckVersion(int version);
* Macro to check that the libxml version in use is compatible with
* the version the software has been compiled against
*/
#define LIBXML_TEST_VERSION xmlCheckVersion(20913);
#define LIBXML_TEST_VERSION xmlCheckVersion(20914);

#ifndef VMS
#if 0
@@ -614,7 +614,8 @@ htmlSkipBlankChars(xmlParserCtxtPtr ctxt) {
if (*ctxt->input->cur == 0)
xmlParserInputGrow(ctxt->input, INPUT_CHUNK);
}
res++;
if (res < INT_MAX)
res++;
}
return(res);
}
@@ -3960,26 +3961,6 @@ htmlParseStartTag(htmlParserCtxtPtr ctxt) {
htmlParseErr(ctxt, XML_ERR_NAME_REQUIRED,
"htmlParseStartTag: invalid element name\n",
NULL, NULL);
/*
* The recovery code is disabled for now as it can result in
* quadratic behavior with the push parser. htmlParseStartTag
* must consume all content up to the final '>' in order to avoid
* rescanning for this terminator.
*
* For a proper fix in line with HTML5, htmlParseStartTag and
* htmlParseElement should only be called when there's an ASCII
* alpha character following the initial '<'. Otherwise, the '<'
* should be emitted as text (unless followed by '!', '/' or '?').
*/
#if 0
/* if recover preserve text on classic misconstructs */
if ((ctxt->recovery) && ((IS_BLANK_CH(CUR)) || (CUR == '<') ||
(CUR == '=') || (CUR == '>') || (((CUR >= '0') && (CUR <= '9'))))) {
htmlParseCharDataInternal(ctxt, '<');
return(-1);
}
#endif

/* Dump the bogus tag like browsers do */
while ((CUR != 0) && (CUR != '>') &&
(ctxt->instate != XML_PARSER_EOF))
@@ -4432,9 +4413,15 @@ htmlParseContent(htmlParserCtxtPtr ctxt) {
/*
* Third case : a sub-element.
*/
else if (CUR == '<') {
else if ((CUR == '<') && IS_ASCII_LETTER(NXT(1))) {
htmlParseElement(ctxt);
}
else if (CUR == '<') {
if ((ctxt->sax != NULL) && (!ctxt->disableSAX) &&
(ctxt->sax->characters != NULL))
ctxt->sax->characters(ctxt->userData, BAD_CAST "<", 1);
NEXT;
}

/*
* Fourth case : a reference. If if has not been resolved,
@@ -4831,13 +4818,19 @@ htmlParseContentInternal(htmlParserCtxtPtr ctxt) {
/*
* Third case : a sub-element.
*/
else if (CUR == '<') {
else if ((CUR == '<') && IS_ASCII_LETTER(NXT(1))) {
htmlParseElementInternal(ctxt);
if (currentNode != NULL) xmlFree(currentNode);

currentNode = xmlStrdup(ctxt->name);
depth = ctxt->nameNr;
}
else if (CUR == '<') {
if ((ctxt->sax != NULL) && (!ctxt->disableSAX) &&
(ctxt->sax->characters != NULL))
ctxt->sax->characters(ctxt->userData, BAD_CAST "<", 1);
NEXT;
}

/*
* Fourth case : a reference. If if has not been resolved,
@@ -6004,7 +5997,7 @@ htmlParseTryOrFinish(htmlParserCtxtPtr ctxt, int terminate) {
"HPP: entering END_TAG\n");
#endif
break;
} else if (cur == '<') {
} else if ((cur == '<') && IS_ASCII_LETTER(next)) {
if ((!terminate) && (next == 0))
goto done;
ctxt->instate = XML_PARSER_START_TAG;
@@ -6014,6 +6007,12 @@ htmlParseTryOrFinish(htmlParserCtxtPtr ctxt, int terminate) {
"HPP: entering START_TAG\n");
#endif
break;
} else if (cur == '<') {
if ((ctxt->sax != NULL) && (!ctxt->disableSAX) &&
(ctxt->sax->characters != NULL))
ctxt->sax->characters(ctxt->userData,
BAD_CAST "<", 1);
NEXT;
} else {
/*
* check that the text sequence is complete
@@ -1,12 +1,36 @@

NEWS file for libxml2

The change log at
ChangeLog.html
describes the recents commits
to the GIT at
https://gitlab.gnome.org/GNOME/libxml2
code base.Here is the list of public releases:
v2.9.14: May 02 2022:
- Security:
[CVE-2022-29824] Integer overflow in xmlBuf and xmlBuffer
Fix potential double-free in xmlXPtrStringRangeFunction
Fix memory leak in xmlFindCharEncodingHandler
Normalize XPath strings in-place
Prevent integer-overflow in htmlSkipBlankChars() and xmlSkipBlankChars()
(David Kilzer)
Fix leak of xmlElementContent (David Kilzer)

- Bug fixes:
Fix parsing of subtracted regex character classes
Fix recursion check in xinclude.c
Reset last error in xmlCleanupGlobals
Fix certain combinations of regex range quantifiers
Fix range quantifier on subregex

- Improvements:
Fix recovery from invalid HTML start tags

- Build system, portability:
Define LFS macros before including system headers
Initialize XPath floating-point globals
configure: check for icu DEFS (James Hilliard)
configure.ac: produce tar.xz only (GNOME policy) (David Seifert)
CMakeLists.txt: Fix LIBXML_VERSION_NUMBER
Fix build with older Python versions
Fix --without-valid build


v2.9.13: Feb 19 2022:
- Security:
[CVE-2022-23308] Use-after-free of ID and IDREF attributes