From 21646360426524eb6675d3506fc53aad2156313e Mon Sep 17 00:00:00 2001 From: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com> Date: Sat, 27 Sep 2025 03:44:36 +0100 Subject: [PATCH 1/2] gh-139312: Update bundled libexpat to 2.7.3 (GH-139319) + Blurb + Update sbom.spdx.json (cherry picked from commit 48d0d0dd9733eae4935f2ebd31bef786d8074fc8) Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com> --- ...-09-25-07-33-43.gh-issue-139312.ygE8AC.rst | 1 + Misc/sbom.spdx.json | 24 ++++----- Modules/expat/expat.h | 5 +- Modules/expat/internal.h | 6 +++ Modules/expat/refresh.sh | 6 +-- Modules/expat/xmlparse.c | 49 ++++++++++++------- Modules/expat/xmlrole.h | 2 +- 7 files changed, 58 insertions(+), 35 deletions(-) create mode 100644 Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst diff --git a/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst new file mode 100644 index 00000000000000..5178bda379b3e0 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst @@ -0,0 +1 @@ +Upgrade bundled libexpat to 2.7.3 diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json index 57a3d562410d65..bda26ba1ef4b53 100644 --- a/Misc/sbom.spdx.json +++ b/Misc/sbom.spdx.json @@ -48,11 +48,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "50f54bbbcb4ad6bf15ce98b5e5264ce7803dc6c2" + "checksumValue": "a4395dd0589a97aab0904f7a5f5dc5781a086aa2" }, { "algorithm": "SHA256", - "checksumValue": "7d719f40eaa1b82404b34d2da52b7cb2a829e043bdfd595de0927230948b4e68" + "checksumValue": "610b844bbfa3ec955772cc825db4d4db470827d57adcb214ad372d0eaf00e591" } ], "fileName": "Modules/expat/expat.h" @@ -90,11 +90,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "86256fc95cfa2e96ffb22381156eaea49448c3cd" + "checksumValue": "7dce7d98943c5db33ae05e54801dcafb4547b9dd" }, { "algorithm": "SHA256", - "checksumValue": "6379737f2830ca81df12288eef9bfcb9bed0eca04e0f45c9530e31d564257ea5" + "checksumValue": "6bfe307d52e7e4c71dbc30d3bd902a4905cdd83bbe4226a7e8dfa8e4c462a157" } ], "fileName": "Modules/expat/internal.h" @@ -188,11 +188,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "675858751f293dee641ecfa41e8b5ba7009686e5" + "checksumValue": "4c81a1f04fc653877c63c834145c18f93cd95f3e" }, { "algorithm": "SHA256", - "checksumValue": "6195b0847f6729cd938a1402543713f272a7a4559543c21554aaa7fb4b7bfc45" + "checksumValue": "04a379615f476d55f95ca1853107e20627b48ca4afe8d0fd5981ac77188bf0a6" } ], "fileName": "Modules/expat/xmlparse.c" @@ -216,11 +216,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "7dc9b1090b7cde1b4acc5fd14904e17ab6bfa1c5" + "checksumValue": "ac2964cca107f62dd133bfd4736a9a17defbc401" }, { "algorithm": "SHA256", - "checksumValue": "823ea41b18a2d78b60ba65f3af84da364b63f16cc4ed4869b4009a5f93cce874" + "checksumValue": "92e41f373b67f6e0dcd7735faef3c3f1e2c17fe59e007e6b74beef6a2e70fa88" } ], "fileName": "Modules/expat/xmlrole.h" @@ -1562,14 +1562,14 @@ "checksums": [ { "algorithm": "SHA256", - "checksumValue": "13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7" + "checksumValue": "821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732" } ], - "downloadLocation": "https://github.com/libexpat/libexpat/releases/download/R_2_7_2/expat-2.7.2.tar.gz", + "downloadLocation": "https://github.com/libexpat/libexpat/releases/download/R_2_7_3/expat-2.7.3.tar.gz", "externalRefs": [ { "referenceCategory": "SECURITY", - "referenceLocator": "cpe:2.3:a:libexpat_project:libexpat:2.7.2:*:*:*:*:*:*:*", + "referenceLocator": "cpe:2.3:a:libexpat_project:libexpat:2.7.3:*:*:*:*:*:*:*", "referenceType": "cpe23Type" } ], @@ -1577,7 +1577,7 @@ "name": "expat", "originator": "Organization: Expat development team", "primaryPackagePurpose": "SOURCE", - "versionInfo": "2.7.2" + "versionInfo": "2.7.3" }, { "SPDXID": "SPDXRef-PACKAGE-hacl-star", diff --git a/Modules/expat/expat.h b/Modules/expat/expat.h index bb9cdedbac7d3e..290dfeb0f6dd6a 100644 --- a/Modules/expat/expat.h +++ b/Modules/expat/expat.h @@ -19,6 +19,7 @@ Copyright (c) 2023 Hanno Böck Copyright (c) 2023 Sony Corporation / Snild Dolkow Copyright (c) 2024 Taichi Haradaguchi <20001722@ymail.ne.jp> + Copyright (c) 2025 Matthew Fernandez Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -276,7 +277,7 @@ XML_ParserCreate_MM(const XML_Char *encoding, /* Prepare a parser object to be reused. This is particularly valuable when memory allocation overhead is disproportionately high, - such as when a large number of small documnents need to be parsed. + such as when a large number of small documents need to be parsed. All handlers are cleared from the parser, except for the unknownEncodingHandler. The parser's external state is re-initialized except for the values of ns and ns_triplets. @@ -1081,7 +1082,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled); */ # define XML_MAJOR_VERSION 2 # define XML_MINOR_VERSION 7 -# define XML_MICRO_VERSION 2 +# define XML_MICRO_VERSION 3 # ifdef __cplusplus } diff --git a/Modules/expat/internal.h b/Modules/expat/internal.h index 6e087858ebbe92..8f5edf48ef7c00 100644 --- a/Modules/expat/internal.h +++ b/Modules/expat/internal.h @@ -108,6 +108,7 @@ #endif #include // ULONG_MAX +#include // size_t #if defined(_WIN32) \ && (! defined(__USE_MINGW_ANSI_STDIO) \ @@ -153,6 +154,11 @@ #define EXPAT_ALLOC_TRACKER_ACTIVATION_THRESHOLD_DEFAULT \ 67108864 // 64 MiB, 2^26 +// NOTE: If function expat_alloc was user facing, EXPAT_MALLOC_ALIGNMENT would +// have to take sizeof(long double) into account +#define EXPAT_MALLOC_ALIGNMENT sizeof(long long) // largest parser (sub)member +#define EXPAT_MALLOC_PADDING ((EXPAT_MALLOC_ALIGNMENT) - sizeof(size_t)) + /* NOTE END */ #include "expat.h" // so we can use type XML_Parser below diff --git a/Modules/expat/refresh.sh b/Modules/expat/refresh.sh index 5207ef2f88d40d..a8cca16a7a41f5 100755 --- a/Modules/expat/refresh.sh +++ b/Modules/expat/refresh.sh @@ -12,9 +12,9 @@ fi # Update this when updating to a new version after verifying that the changes # the update brings in are good. These values are used for verifying the SBOM, too. -expected_libexpat_tag="R_2_7_2" -expected_libexpat_version="2.7.2" -expected_libexpat_sha256="13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7" +expected_libexpat_tag="R_2_7_3" +expected_libexpat_version="2.7.3" +expected_libexpat_sha256="821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732" expat_dir="$(realpath "$(dirname -- "${BASH_SOURCE[0]}")")" cd ${expat_dir} diff --git a/Modules/expat/xmlparse.c b/Modules/expat/xmlparse.c index de159493490061..a187a3a18f1994 100644 --- a/Modules/expat/xmlparse.c +++ b/Modules/expat/xmlparse.c @@ -1,4 +1,4 @@ -/* 60e137abb91af642d6c3988f8f133d23329b32638659c74d47125fc0faf6ddd5 (2.7.2+) +/* 28bcd8b1ba7eb595d82822908257fd9c3589b4243e3c922d0369f35bfcd7b506 (2.7.3+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -41,6 +41,7 @@ Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow Copyright (c) 2024-2025 Berkay Eren Ürün Copyright (c) 2024 Hanno Böck + Copyright (c) 2025 Matthew Fernandez Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -850,14 +851,14 @@ static void * # endif expat_malloc(XML_Parser parser, size_t size, int sourceLine) { // Detect integer overflow - if (SIZE_MAX - size < sizeof(size_t)) { + if (SIZE_MAX - size < sizeof(size_t) + EXPAT_MALLOC_PADDING) { return NULL; } const XML_Parser rootParser = getRootParserOf(parser, NULL); assert(rootParser->m_parentParser == NULL); - const size_t bytesToAllocate = sizeof(size_t) + size; + const size_t bytesToAllocate = sizeof(size_t) + EXPAT_MALLOC_PADDING + size; if ((XmlBigCount)-1 - rootParser->m_alloc_tracker.bytesAllocated < bytesToAllocate) { @@ -894,7 +895,7 @@ expat_malloc(XML_Parser parser, size_t size, int sourceLine) { rootParser->m_alloc_tracker.peakBytesAllocated, sourceLine); } - return (char *)mallocedPtr + sizeof(size_t); + return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING; } # if defined(XML_TESTING) @@ -914,8 +915,9 @@ expat_free(XML_Parser parser, void *ptr, int sourceLine) { // Extract size (to the eyes of malloc_fcn/realloc_fcn) and // the original pointer returned by malloc/realloc - void *const mallocedPtr = (char *)ptr - sizeof(size_t); - const size_t bytesAllocated = sizeof(size_t) + *(size_t *)mallocedPtr; + void *const mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t); + const size_t bytesAllocated + = sizeof(size_t) + EXPAT_MALLOC_PADDING + *(size_t *)mallocedPtr; // Update accounting assert(rootParser->m_alloc_tracker.bytesAllocated >= bytesAllocated); @@ -954,7 +956,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) { // Extract original size (to the eyes of the caller) and the original // pointer returned by malloc/realloc - void *mallocedPtr = (char *)ptr - sizeof(size_t); + void *mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t); const size_t prevSize = *(size_t *)mallocedPtr; // Classify upcoming change @@ -969,8 +971,13 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) { } } + // NOTE: Integer overflow detection has already been done for us + // by expat_heap_increase_tolerable(..) above + assert(SIZE_MAX - sizeof(size_t) - EXPAT_MALLOC_PADDING >= size); + // Actually allocate - mallocedPtr = parser->m_mem.realloc_fcn(mallocedPtr, sizeof(size_t) + size); + mallocedPtr = parser->m_mem.realloc_fcn( + mallocedPtr, sizeof(size_t) + EXPAT_MALLOC_PADDING + size); if (mallocedPtr == NULL) { return NULL; @@ -1001,7 +1008,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) { // Update in-block recorded size *(size_t *)mallocedPtr = size; - return (char *)mallocedPtr + sizeof(size_t); + return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING; } #endif // XML_GE == 1 @@ -1337,7 +1344,8 @@ parserCreate(const XML_Char *encodingName, XML_Parser parser = NULL; #if XML_GE == 1 - const size_t increase = sizeof(size_t) + sizeof(struct XML_ParserStruct); + const size_t increase + = sizeof(size_t) + EXPAT_MALLOC_PADDING + sizeof(struct XML_ParserStruct); if (parentParser != NULL) { const XML_Parser rootParser = getRootParserOf(parentParser, NULL); @@ -1352,11 +1360,13 @@ parserCreate(const XML_Char *encodingName, if (memsuite) { XML_Memory_Handling_Suite *mtemp; #if XML_GE == 1 - void *const sizeAndParser = memsuite->malloc_fcn( - sizeof(size_t) + sizeof(struct XML_ParserStruct)); + void *const sizeAndParser + = memsuite->malloc_fcn(sizeof(size_t) + EXPAT_MALLOC_PADDING + + sizeof(struct XML_ParserStruct)); if (sizeAndParser != NULL) { *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct); - parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)); + parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t) + + EXPAT_MALLOC_PADDING); #else parser = memsuite->malloc_fcn(sizeof(struct XML_ParserStruct)); if (parser != NULL) { @@ -1369,11 +1379,12 @@ parserCreate(const XML_Char *encodingName, } else { XML_Memory_Handling_Suite *mtemp; #if XML_GE == 1 - void *const sizeAndParser - = malloc(sizeof(size_t) + sizeof(struct XML_ParserStruct)); + void *const sizeAndParser = malloc(sizeof(size_t) + EXPAT_MALLOC_PADDING + + sizeof(struct XML_ParserStruct)); if (sizeAndParser != NULL) { *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct); - parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)); + parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t) + + EXPAT_MALLOC_PADDING); #else parser = malloc(sizeof(struct XML_ParserStruct)); if (parser != NULL) { @@ -6437,6 +6448,10 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end, // process its possible inner entities (which are added to the // m_openInternalEntities during doProlog or doContent calls above) entity->hasMore = XML_FALSE; + if (! entity->is_param + && (openEntity->startTagLevel != parser->m_tagLevel)) { + return XML_ERROR_ASYNC_ENTITY; + } triggerReenter(parser); return result; } // End of entity processing, "if" block will return here @@ -8135,7 +8150,7 @@ poolGrow(STRING_POOL *pool) { if (bytesToAllocate == 0) return XML_FALSE; - temp = REALLOC(pool->parser, pool->blocks, (unsigned)bytesToAllocate); + temp = REALLOC(pool->parser, pool->blocks, bytesToAllocate); if (temp == NULL) return XML_FALSE; pool->blocks = temp; diff --git a/Modules/expat/xmlrole.h b/Modules/expat/xmlrole.h index 67bdd3dd5160fc..9d0d4ff11b7f98 100644 --- a/Modules/expat/xmlrole.h +++ b/Modules/expat/xmlrole.h @@ -10,7 +10,7 @@ Copyright (c) 2000 Clark Cooper Copyright (c) 2002 Karl Waclawek Copyright (c) 2002 Fred L. Drake, Jr. - Copyright (c) 2017-2024 Sebastian Pipping + Copyright (c) 2017-2025 Sebastian Pipping Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining From 5565be106ec88d1d5f14d6766e9f30eba481a78b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?B=C3=A9n=C3=A9dikt=20Tran?= <10796600+picnixz@users.noreply.github.com> Date: Sat, 27 Sep 2025 09:56:05 +0200 Subject: [PATCH 2/2] regen sbom --- Misc/sbom.spdx.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json index bda26ba1ef4b53..7b0976df65fe3d 100644 --- a/Misc/sbom.spdx.json +++ b/Misc/sbom.spdx.json @@ -132,11 +132,11 @@ "checksums": [ { "algorithm": "SHA1", - "checksumValue": "3989510a52c14ed8de4201dacd2fbd30ef2dc9b9" + "checksumValue": "32a10fbb8027cea3134674912b896abca516b085" }, { "algorithm": "SHA256", - "checksumValue": "1e1a803db6762925f5e9241c82560f2a0d782a227ed57d0b8842c489db04584c" + "checksumValue": "51d08c697d1e409f5ce0749c1a136a0e1618d3069cf544d86005f966f43a8f97" } ], "fileName": "Modules/expat/refresh.sh"