nokogiri 1.6.3.1-java → 1.6.4-java
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of nokogiri might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/.travis.yml +7 -2
- data/CHANGELOG.ja.rdoc +16 -0
- data/CHANGELOG.rdoc +16 -0
- data/Gemfile +2 -2
- data/Manifest.txt +2 -11
- data/README.ja.rdoc +2 -2
- data/README.rdoc +2 -2
- data/Rakefile +1 -1
- data/build_all +17 -17
- data/dependencies.yml +1 -1
- data/ext/nokogiri/extconf.rb +115 -82
- data/ext/nokogiri/nokogiri.c +4 -0
- data/ext/nokogiri/xml_io.c +10 -6
- data/ext/nokogiri/xml_syntax_error.c +2 -1
- data/lib/nokogiri/css/parser.rb +175 -165
- data/lib/nokogiri/css/parser.y +8 -2
- data/lib/nokogiri/css/tokenizer.rb +1 -1
- data/lib/nokogiri/css/tokenizer.rex +1 -1
- data/lib/nokogiri/nokogiri.jar +0 -0
- data/lib/nokogiri/version.rb +3 -1
- data/ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch +29 -0
- data/ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch +31 -0
- data/test/css/test_parser.rb +5 -0
- data/test/css/test_tokenizer.rb +17 -0
- data/test/html/test_document.rb +5 -5
- data/test/html/test_document_fragment.rb +5 -0
- data/test/xml/test_builder.rb +1 -1
- data/test/xml/test_document.rb +1 -9
- data/test/xml/test_entity_reference.rb +9 -3
- data/test/xml/test_node.rb +1 -1
- data/test/xml/test_syntax_error.rb +18 -0
- data/test/xml/test_xpath.rb +2 -0
- data/test_all +2 -2
- metadata +9 -18
- data/ports/patches/libxml2/0001-Fix-parser-local-buffers-size-problems.patch +0 -265
- data/ports/patches/libxml2/0002-Fix-entities-local-buffers-size-problems.patch +0 -102
- data/ports/patches/libxml2/0003-Fix-an-error-in-previous-commit.patch +0 -26
- data/ports/patches/libxml2/0004-Fix-potential-out-of-bound-access.patch +0 -26
- data/ports/patches/libxml2/0005-Detect-excessive-entities-expansion-upon-replacement.patch +0 -158
- data/ports/patches/libxml2/0006-Do-not-fetch-external-parsed-entities.patch +0 -78
- data/ports/patches/libxml2/0007-Enforce-XML_PARSER_EOF-state-handling-through-the-pa.patch +0 -480
- data/ports/patches/libxml2/0008-Improve-handling-of-xmlStopParser.patch +0 -315
- data/ports/patches/libxml2/0009-Fix-a-couple-of-return-without-value.patch +0 -37
- data/ports/patches/libxml2/0010-Keep-non-significant-blanks-node-in-HTML-parser.patch +0 -2006
- data/ports/patches/libxml2/0011-Do-not-fetch-external-parameter-entities.patch +0 -39
data/lib/nokogiri/css/parser.y
CHANGED
@@ -10,13 +10,12 @@ rule
|
|
10
10
|
result = [val.first, val.last].flatten
|
11
11
|
}
|
12
12
|
| prefixless_combinator_selector { result = val.flatten }
|
13
|
-
| simple_selector_1toN { result = val.flatten }
|
13
|
+
| optional_S simple_selector_1toN { result = [val.last].flatten }
|
14
14
|
;
|
15
15
|
combinator
|
16
16
|
: PLUS { result = :DIRECT_ADJACENT_SELECTOR }
|
17
17
|
| GREATER { result = :CHILD_SELECTOR }
|
18
18
|
| TILDE { result = :FOLLOWING_SELECTOR }
|
19
|
-
| S { result = :DESCENDANT_SELECTOR }
|
20
19
|
| DOUBLESLASH { result = :DESCENDANT_SELECTOR }
|
21
20
|
| SLASH { result = :CHILD_SELECTOR }
|
22
21
|
;
|
@@ -50,6 +49,9 @@ rule
|
|
50
49
|
: simple_selector combinator simple_selector_1toN {
|
51
50
|
result = Node.new(val[1], [val.first, val.last])
|
52
51
|
}
|
52
|
+
| simple_selector S simple_selector_1toN {
|
53
|
+
result = Node.new(:DESCENDANT_SELECTOR, [val.first, val.last])
|
54
|
+
}
|
53
55
|
| simple_selector
|
54
56
|
;
|
55
57
|
class
|
@@ -241,6 +243,10 @@ rule
|
|
241
243
|
| element_name hcap_1toN
|
242
244
|
| hcap_1toN
|
243
245
|
;
|
246
|
+
optional_S
|
247
|
+
: S
|
248
|
+
|
|
249
|
+
;
|
244
250
|
end
|
245
251
|
|
246
252
|
---- header
|
data/lib/nokogiri/nokogiri.jar
CHANGED
Binary file
|
data/lib/nokogiri/version.rb
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
module Nokogiri
|
2
2
|
# The version of Nokogiri you are using
|
3
|
-
VERSION = '1.6.
|
3
|
+
VERSION = '1.6.4'
|
4
4
|
|
5
5
|
class VersionInfo # :nodoc:
|
6
6
|
def jruby?
|
@@ -61,6 +61,8 @@ module Nokogiri
|
|
61
61
|
hash_info['libxml']['source'] = "packaged"
|
62
62
|
hash_info['libxml']['libxml2_path'] = NOKOGIRI_LIBXML2_PATH
|
63
63
|
hash_info['libxml']['libxslt_path'] = NOKOGIRI_LIBXSLT_PATH
|
64
|
+
hash_info['libxml']['libxml2_patches'] = NOKOGIRI_LIBXML2_PATCHES
|
65
|
+
hash_info['libxml']['libxslt_patches'] = NOKOGIRI_LIBXSLT_PATCHES
|
64
66
|
else
|
65
67
|
hash_info['libxml']['source'] = "system"
|
66
68
|
end
|
@@ -0,0 +1,29 @@
|
|
1
|
+
From f65128f38289d77ff322d63aef2858cc0a819c34 Mon Sep 17 00:00:00 2001
|
2
|
+
From: Daniel Veillard <veillard@redhat.com>
|
3
|
+
Date: Fri, 17 Oct 2014 17:13:41 +0800
|
4
|
+
Subject: [PATCH] Revert "Missing initialization for the catalog module"
|
5
|
+
|
6
|
+
This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7.
|
7
|
+
As this break xmlcatalog command
|
8
|
+
https://bugzilla.redhat.com/show_bug.cgi?id=1153753
|
9
|
+
---
|
10
|
+
parser.c | 3 ---
|
11
|
+
1 file changed, 3 deletions(-)
|
12
|
+
|
13
|
+
diff --git a/parser.c b/parser.c
|
14
|
+
index 1d93967..67c9dfd 100644
|
15
|
+
--- a/parser.c
|
16
|
+
+++ b/parser.c
|
17
|
+
@@ -14830,9 +14830,6 @@ xmlInitParser(void) {
|
18
|
+
#ifdef LIBXML_XPATH_ENABLED
|
19
|
+
xmlXPathInit();
|
20
|
+
#endif
|
21
|
+
-#ifdef LIBXML_CATALOG_ENABLED
|
22
|
+
- xmlInitializeCatalog();
|
23
|
+
-#endif
|
24
|
+
xmlParserInitialized = 1;
|
25
|
+
#ifdef LIBXML_THREAD_ENABLED
|
26
|
+
}
|
27
|
+
--
|
28
|
+
2.1.2
|
29
|
+
|
@@ -0,0 +1,31 @@
|
|
1
|
+
From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001
|
2
|
+
From: Daniel Veillard <veillard@redhat.com>
|
3
|
+
Date: Thu, 23 Oct 2014 11:35:36 +0800
|
4
|
+
Subject: [PATCH] Fix missing entities after CVE-2014-3660 fix
|
5
|
+
|
6
|
+
For https://bugzilla.gnome.org/show_bug.cgi?id=738805
|
7
|
+
|
8
|
+
The fix for CVE-2014-3660 introduced a regression in some case
|
9
|
+
where entity substitution is required and the entity is used
|
10
|
+
first in anotther entity referenced from an attribute value
|
11
|
+
---
|
12
|
+
parser.c | 3 ++-
|
13
|
+
1 file changed, 2 insertions(+), 1 deletion(-)
|
14
|
+
|
15
|
+
diff --git a/parser.c b/parser.c
|
16
|
+
index 67c9dfd..a8d1b67 100644
|
17
|
+
--- a/parser.c
|
18
|
+
+++ b/parser.c
|
19
|
+
@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
|
20
|
+
* far more secure as the parser will only process data coming from
|
21
|
+
* the document entity by default.
|
22
|
+
*/
|
23
|
+
- if ((ent->checked == 0) &&
|
24
|
+
+ if (((ent->checked == 0) ||
|
25
|
+
+ ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) &&
|
26
|
+
((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) ||
|
27
|
+
(ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) {
|
28
|
+
unsigned long oldnbent = ctxt->nbentities;
|
29
|
+
--
|
30
|
+
2.1.2
|
31
|
+
|
data/test/css/test_parser.rb
CHANGED
@@ -274,6 +274,11 @@ module Nokogiri
|
|
274
274
|
@parser.parse('a:active.foo')
|
275
275
|
end
|
276
276
|
|
277
|
+
def test_significant_space
|
278
|
+
assert_xpath "//x//*[count(preceding-sibling::*) = 0]//*[@a]//*[@b]", @parser.parse("x :first-child [a] [b]")
|
279
|
+
assert_xpath "//*[@a]//*[@b]", @parser.parse(" [a] [b]")
|
280
|
+
end
|
281
|
+
|
277
282
|
def test_star
|
278
283
|
assert_xpath "//*", @parser.parse('*')
|
279
284
|
assert_xpath "//*[contains(concat(' ', normalize-space(@class), ' '), ' pastoral ')]",
|
data/test/css/test_tokenizer.rb
CHANGED
@@ -186,6 +186,23 @@ module Nokogiri
|
|
186
186
|
], @scanner)
|
187
187
|
end
|
188
188
|
|
189
|
+
def test_significant_space
|
190
|
+
@scanner.scan('x :first-child [a] [b]')
|
191
|
+
assert_tokens([ [:IDENT, 'x'],
|
192
|
+
[:S, ' '],
|
193
|
+
[':', ':'],
|
194
|
+
[:IDENT, 'first-child'],
|
195
|
+
[:S, ' '],
|
196
|
+
[:LSQUARE, '['],
|
197
|
+
[:IDENT, 'a'],
|
198
|
+
[:RSQUARE, ']'],
|
199
|
+
[:S, ' '],
|
200
|
+
[:LSQUARE, '['],
|
201
|
+
[:IDENT, 'b'],
|
202
|
+
[:RSQUARE, ']'],
|
203
|
+
], @scanner)
|
204
|
+
end
|
205
|
+
|
189
206
|
def assert_tokens(tokens, scanner)
|
190
207
|
toks = []
|
191
208
|
while tok = @scanner.next_token
|
data/test/html/test_document.rb
CHANGED
@@ -221,7 +221,7 @@ eohtml
|
|
221
221
|
title = doc.at('/html/head/title')
|
222
222
|
assert_not_nil title
|
223
223
|
assert_equal 'new', title.text
|
224
|
-
assert_equal
|
224
|
+
assert_equal(-1, doc.at('meta[@http-equiv]') <=> title)
|
225
225
|
|
226
226
|
doc = Nokogiri::HTML(<<eohtml)
|
227
227
|
<html>
|
@@ -236,7 +236,7 @@ eohtml
|
|
236
236
|
title = doc.at('/html//title')
|
237
237
|
assert_not_nil title
|
238
238
|
assert_equal 'new', title.text
|
239
|
-
assert_equal
|
239
|
+
assert_equal(-1, title <=> doc.at('body'))
|
240
240
|
|
241
241
|
doc = Nokogiri::HTML(<<eohtml)
|
242
242
|
<html>
|
@@ -248,14 +248,14 @@ eohtml
|
|
248
248
|
eohtml
|
249
249
|
doc.title = 'new'
|
250
250
|
assert_equal 'new', doc.title
|
251
|
-
assert_equal
|
252
|
-
assert_equal
|
251
|
+
assert_equal(-1, doc.at('meta[@charset]') <=> doc.at('title'))
|
252
|
+
assert_equal(-1, doc.at('title') <=> doc.at('body'))
|
253
253
|
|
254
254
|
doc = Nokogiri::HTML('<!DOCTYPE html><p>hello')
|
255
255
|
doc.title = 'new'
|
256
256
|
assert_equal 'new', doc.title
|
257
257
|
assert_instance_of Nokogiri::XML::DTD, doc.children.first
|
258
|
-
assert_equal
|
258
|
+
assert_equal(-1, doc.at('title') <=> doc.at('p'))
|
259
259
|
|
260
260
|
doc = Nokogiri::HTML('')
|
261
261
|
doc.title = 'new'
|
@@ -230,6 +230,11 @@ module Nokogiri
|
|
230
230
|
fragment.to_s)
|
231
231
|
end
|
232
232
|
|
233
|
+
def test_element_children_counts
|
234
|
+
doc = Nokogiri::HTML::DocumentFragment.parse(" <div> </div>\n ")
|
235
|
+
assert doc.element_children.count == 1
|
236
|
+
end
|
237
|
+
|
233
238
|
def test_malformed_fragment_is_corrected
|
234
239
|
fragment = HTML::DocumentFragment.parse("<div </div>")
|
235
240
|
assert_equal "<div></div>", fragment.to_s
|
data/test/xml/test_builder.rb
CHANGED
data/test/xml/test_document.rb
CHANGED
@@ -54,7 +54,7 @@ module Nokogiri
|
|
54
54
|
root << txt
|
55
55
|
root << ent
|
56
56
|
d << root
|
57
|
-
assert_match
|
57
|
+
assert_match(/’/, d.to_html)
|
58
58
|
end
|
59
59
|
|
60
60
|
def test_document_with_initial_space
|
@@ -376,14 +376,6 @@ module Nokogiri
|
|
376
376
|
end
|
377
377
|
end
|
378
378
|
|
379
|
-
def test_prepend_child_fragment_with_multiple_nodes
|
380
|
-
doc = Nokogiri::XML::Document.new
|
381
|
-
fragment = doc.fragment('<hello /><goodbye />')
|
382
|
-
assert_raises(RuntimeError) do
|
383
|
-
doc.prepend_child fragment
|
384
|
-
end
|
385
|
-
end
|
386
|
-
|
387
379
|
def test_prepend_child_with_multiple_roots
|
388
380
|
assert_raises(RuntimeError) do
|
389
381
|
@xml.prepend_child Node.new('foo', @xml)
|
@@ -26,7 +26,7 @@ EOF
|
|
26
26
|
doc = Nokogiri::XML xml
|
27
27
|
lf_node = Nokogiri::XML::EntityReference.new(doc, "#xa")
|
28
28
|
doc.xpath('/item').first.add_child(lf_node)
|
29
|
-
assert_match
|
29
|
+
assert_match(/
/, doc.to_xml)
|
30
30
|
end
|
31
31
|
end
|
32
32
|
|
@@ -236,9 +236,15 @@ EOF
|
|
236
236
|
reader = Nokogiri::XML::Reader html, path do |cfg|
|
237
237
|
cfg.default_xml
|
238
238
|
end
|
239
|
-
|
240
|
-
|
239
|
+
if Nokogiri.uses_libxml? && Nokogiri::LIBXML_PARSER_VERSION.to_i >= 20900
|
240
|
+
# Unknown entity is not fatal in libxml2 >= 2.9
|
241
|
+
assert_equal 8, reader.count
|
242
|
+
else
|
243
|
+
assert_raises(Nokogiri::XML::SyntaxError) {
|
244
|
+
assert_equal 5, reader.count
|
245
|
+
}
|
241
246
|
end
|
247
|
+
assert_operator reader.errors.size, :>, 0
|
242
248
|
end
|
243
249
|
end
|
244
250
|
end
|
data/test/xml/test_node.rb
CHANGED
@@ -858,7 +858,7 @@ b"></div>
|
|
858
858
|
ne = d1.root.xpath('//a').first.dup(1)
|
859
859
|
ne.content += "& < & > \" &"
|
860
860
|
d2.root << ne
|
861
|
-
assert_match
|
861
|
+
assert_match(/<a>&& < & > \" &<\/a>/, d2.to_s)
|
862
862
|
end
|
863
863
|
|
864
864
|
def test_content_after_appending_text
|
@@ -7,6 +7,24 @@ module Nokogiri
|
|
7
7
|
error = Nokogiri::XML::SyntaxError.new 'hello'
|
8
8
|
assert_equal 'hello', error.message
|
9
9
|
end
|
10
|
+
|
11
|
+
def test_pushing_to_array
|
12
|
+
reader = Nokogiri::XML::Reader(StringIO.new('&bogus;'))
|
13
|
+
assert_raises(SyntaxError) {
|
14
|
+
reader.read
|
15
|
+
}
|
16
|
+
assert_equal [SyntaxError], reader.errors.map(&:class) unless Nokogiri.jruby? # needs investigation
|
17
|
+
end
|
18
|
+
|
19
|
+
def test_pushing_to_non_array
|
20
|
+
reader = Nokogiri::XML::Reader(StringIO.new('&bogus;'))
|
21
|
+
def reader.errors
|
22
|
+
1
|
23
|
+
end
|
24
|
+
assert_raises(TypeError) {
|
25
|
+
reader.read
|
26
|
+
}
|
27
|
+
end unless Nokogiri.jruby? # which does not internally call `errors`
|
10
28
|
end
|
11
29
|
end
|
12
30
|
end
|
data/test/xml/test_xpath.rb
CHANGED
@@ -156,6 +156,8 @@ module Nokogiri
|
|
156
156
|
|
157
157
|
# issue #741 (xpath() around 10x slower in JRuby)
|
158
158
|
def test_slow_jruby_xpath
|
159
|
+
skip("MRI will exceed this timeout when running under valgrind") unless Nokogiri.jruby?
|
160
|
+
|
159
161
|
doc = Nokogiri::XML(File.open(XPATH_FILE))
|
160
162
|
start = Time.now
|
161
163
|
|
data/test_all
CHANGED
@@ -10,7 +10,7 @@
|
|
10
10
|
# (e.g., 1.9.3's glob_helper). ["rake test:valgrind:suppression"]
|
11
11
|
#
|
12
12
|
|
13
|
-
RUBIES="ruby-
|
13
|
+
RUBIES="ruby-2.2.0-preview1 ruby-2.1 ruby-2.0.0-p481 ruby-1.9.3 jruby-1.7.15"
|
14
14
|
TEST_LOG=test.log
|
15
15
|
VALGRIND_LOG=valgrind.log
|
16
16
|
|
@@ -29,7 +29,7 @@ set -o errexit
|
|
29
29
|
|
30
30
|
function rvm_use {
|
31
31
|
current_ruby=$1
|
32
|
-
rvm use "${1}@nokogiri" --create
|
32
|
+
rvm use "${1}@nokogiri" --create
|
33
33
|
}
|
34
34
|
|
35
35
|
function generate_parser_and_tokenizer {
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nokogiri
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.6.
|
4
|
+
version: 1.6.4
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Aaron Patterson
|
@@ -12,7 +12,7 @@ authors:
|
|
12
12
|
autorequire:
|
13
13
|
bindir: bin
|
14
14
|
cert_chain: []
|
15
|
-
date: 2014-
|
15
|
+
date: 2014-11-05 00:00:00.000000000 Z
|
16
16
|
dependencies:
|
17
17
|
- !ruby/object:Gem::Dependency
|
18
18
|
name: rdoc
|
@@ -160,12 +160,12 @@ dependencies:
|
|
160
160
|
requirements:
|
161
161
|
- - ~>
|
162
162
|
- !ruby/object:Gem::Version
|
163
|
-
version: '3.
|
163
|
+
version: '3.13'
|
164
164
|
requirement: !ruby/object:Gem::Requirement
|
165
165
|
requirements:
|
166
166
|
- - ~>
|
167
167
|
- !ruby/object:Gem::Version
|
168
|
-
version: '3.
|
168
|
+
version: '3.13'
|
169
169
|
prerelease: false
|
170
170
|
type: :development
|
171
171
|
description: |-
|
@@ -429,7 +429,6 @@ files:
|
|
429
429
|
- lib/nokogiri/html/sax/parser.rb
|
430
430
|
- lib/nokogiri/html/sax/parser_context.rb
|
431
431
|
- lib/nokogiri/html/sax/push_parser.rb
|
432
|
-
- lib/nokogiri/nokogiri.jar
|
433
432
|
- lib/nokogiri/syntax_error.rb
|
434
433
|
- lib/nokogiri/version.rb
|
435
434
|
- lib/nokogiri/xml.rb
|
@@ -471,17 +470,8 @@ files:
|
|
471
470
|
- lib/nokogiri/xslt/stylesheet.rb
|
472
471
|
- lib/xercesImpl.jar
|
473
472
|
- lib/xsd/xmlparser/nokogiri.rb
|
474
|
-
- ports/patches/libxml2/0001-
|
475
|
-
- ports/patches/libxml2/0002-Fix-entities-
|
476
|
-
- ports/patches/libxml2/0003-Fix-an-error-in-previous-commit.patch
|
477
|
-
- ports/patches/libxml2/0004-Fix-potential-out-of-bound-access.patch
|
478
|
-
- ports/patches/libxml2/0005-Detect-excessive-entities-expansion-upon-replacement.patch
|
479
|
-
- ports/patches/libxml2/0006-Do-not-fetch-external-parsed-entities.patch
|
480
|
-
- ports/patches/libxml2/0007-Enforce-XML_PARSER_EOF-state-handling-through-the-pa.patch
|
481
|
-
- ports/patches/libxml2/0008-Improve-handling-of-xmlStopParser.patch
|
482
|
-
- ports/patches/libxml2/0009-Fix-a-couple-of-return-without-value.patch
|
483
|
-
- ports/patches/libxml2/0010-Keep-non-significant-blanks-node-in-HTML-parser.patch
|
484
|
-
- ports/patches/libxml2/0011-Do-not-fetch-external-parameter-entities.patch
|
473
|
+
- ports/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch
|
474
|
+
- ports/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch
|
485
475
|
- ports/patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
|
486
476
|
- ports/patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
|
487
477
|
- ports/patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
|
@@ -607,6 +597,7 @@ files:
|
|
607
597
|
- test/xslt/test_custom_functions.rb
|
608
598
|
- test/xslt/test_exception_handling.rb
|
609
599
|
- test_all
|
600
|
+
- lib/nokogiri/nokogiri.jar
|
610
601
|
homepage: http://nokogiri.org
|
611
602
|
licenses:
|
612
603
|
- MIT
|
@@ -628,8 +619,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
628
619
|
- !ruby/object:Gem::Version
|
629
620
|
version: '0'
|
630
621
|
requirements: []
|
631
|
-
rubyforge_project:
|
632
|
-
rubygems_version: 2.
|
622
|
+
rubyforge_project:
|
623
|
+
rubygems_version: 2.1.9
|
633
624
|
signing_key:
|
634
625
|
specification_version: 4
|
635
626
|
summary: Nokogiri (鋸) is an HTML, XML, SAX, and Reader parser
|
@@ -1,265 +0,0 @@
|
|
1
|
-
From bc168aab5749acbe6630a29be4dcfabf0a81e2da Mon Sep 17 00:00:00 2001
|
2
|
-
From: Daniel Veillard <veillard@redhat.com>
|
3
|
-
Date: Tue, 17 Jul 2012 16:19:17 +0800
|
4
|
-
Subject: [PATCH 1/9] Fix parser local buffers size problems
|
5
|
-
|
6
|
-
[Origin: 459eeb9dc752d5185f57ff6b135027f11981a626]
|
7
|
-
---
|
8
|
-
parser.c | 74 +++++++++++++++++++++++++++++++++++++---------------------------
|
9
|
-
1 file changed, 43 insertions(+), 31 deletions(-)
|
10
|
-
|
11
|
-
diff --git a/parser.c b/parser.c
|
12
|
-
index 2c38fae..9863275 100644
|
13
|
-
--- a/parser.c
|
14
|
-
+++ b/parser.c
|
15
|
-
@@ -40,6 +40,7 @@
|
16
|
-
#endif
|
17
|
-
|
18
|
-
#include <stdlib.h>
|
19
|
-
+#include <limits.h>
|
20
|
-
#include <string.h>
|
21
|
-
#include <stdarg.h>
|
22
|
-
#include <libxml/xmlmemory.h>
|
23
|
-
@@ -117,10 +118,10 @@ xmlCreateEntityParserCtxtInternal(const xmlChar *URL, const xmlChar *ID,
|
24
|
-
* parser option.
|
25
|
-
*/
|
26
|
-
static int
|
27
|
-
-xmlParserEntityCheck(xmlParserCtxtPtr ctxt, unsigned long size,
|
28
|
-
+xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
|
29
|
-
xmlEntityPtr ent)
|
30
|
-
{
|
31
|
-
- unsigned long consumed = 0;
|
32
|
-
+ size_t consumed = 0;
|
33
|
-
|
34
|
-
if ((ctxt == NULL) || (ctxt->options & XML_PARSE_HUGE))
|
35
|
-
return (0);
|
36
|
-
@@ -2589,15 +2590,17 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
|
37
|
-
|
38
|
-
/*
|
39
|
-
* Macro used to grow the current buffer.
|
40
|
-
+ * buffer##_size is expected to be a size_t
|
41
|
-
+ * mem_error: is expected to handle memory allocation failures
|
42
|
-
*/
|
43
|
-
#define growBuffer(buffer, n) { \
|
44
|
-
xmlChar *tmp; \
|
45
|
-
- buffer##_size *= 2; \
|
46
|
-
- buffer##_size += n; \
|
47
|
-
- tmp = (xmlChar *) \
|
48
|
-
- xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \
|
49
|
-
+ size_t new_size = buffer##_size * 2 + n; \
|
50
|
-
+ if (new_size < buffer##_size) goto mem_error; \
|
51
|
-
+ tmp = (xmlChar *) xmlRealloc(buffer, new_size); \
|
52
|
-
if (tmp == NULL) goto mem_error; \
|
53
|
-
buffer = tmp; \
|
54
|
-
+ buffer##_size = new_size; \
|
55
|
-
}
|
56
|
-
|
57
|
-
/**
|
58
|
-
@@ -2623,14 +2626,14 @@ xmlChar *
|
59
|
-
xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
60
|
-
int what, xmlChar end, xmlChar end2, xmlChar end3) {
|
61
|
-
xmlChar *buffer = NULL;
|
62
|
-
- int buffer_size = 0;
|
63
|
-
+ size_t buffer_size = 0;
|
64
|
-
+ size_t nbchars = 0;
|
65
|
-
|
66
|
-
xmlChar *current = NULL;
|
67
|
-
xmlChar *rep = NULL;
|
68
|
-
const xmlChar *last;
|
69
|
-
xmlEntityPtr ent;
|
70
|
-
int c,l;
|
71
|
-
- int nbchars = 0;
|
72
|
-
|
73
|
-
if ((ctxt == NULL) || (str == NULL) || (len < 0))
|
74
|
-
return(NULL);
|
75
|
-
@@ -2647,7 +2650,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
76
|
-
* allocate a translation buffer.
|
77
|
-
*/
|
78
|
-
buffer_size = XML_PARSER_BIG_BUFFER_SIZE;
|
79
|
-
- buffer = (xmlChar *) xmlMallocAtomic(buffer_size * sizeof(xmlChar));
|
80
|
-
+ buffer = (xmlChar *) xmlMallocAtomic(buffer_size);
|
81
|
-
if (buffer == NULL) goto mem_error;
|
82
|
-
|
83
|
-
/*
|
84
|
-
@@ -2667,7 +2670,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
85
|
-
if (val != 0) {
|
86
|
-
COPY_BUF(0,buffer,nbchars,val);
|
87
|
-
}
|
88
|
-
- if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
|
89
|
-
+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
|
90
|
-
growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
|
91
|
-
}
|
92
|
-
} else if ((c == '&') && (what & XML_SUBSTITUTE_REF)) {
|
93
|
-
@@ -2685,7 +2688,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
94
|
-
(ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
|
95
|
-
if (ent->content != NULL) {
|
96
|
-
COPY_BUF(0,buffer,nbchars,ent->content[0]);
|
97
|
-
- if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
|
98
|
-
+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
|
99
|
-
growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
|
100
|
-
}
|
101
|
-
} else {
|
102
|
-
@@ -2702,8 +2705,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
103
|
-
current = rep;
|
104
|
-
while (*current != 0) { /* non input consuming loop */
|
105
|
-
buffer[nbchars++] = *current++;
|
106
|
-
- if (nbchars >
|
107
|
-
- buffer_size - XML_PARSER_BUFFER_SIZE) {
|
108
|
-
+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
|
109
|
-
if (xmlParserEntityCheck(ctxt, nbchars, ent))
|
110
|
-
goto int_error;
|
111
|
-
growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
|
112
|
-
@@ -2717,7 +2719,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
113
|
-
const xmlChar *cur = ent->name;
|
114
|
-
|
115
|
-
buffer[nbchars++] = '&';
|
116
|
-
- if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) {
|
117
|
-
+ if (nbchars + i + XML_PARSER_BUFFER_SIZE > buffer_size) {
|
118
|
-
growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE);
|
119
|
-
}
|
120
|
-
for (;i > 0;i--)
|
121
|
-
@@ -2745,8 +2747,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
122
|
-
current = rep;
|
123
|
-
while (*current != 0) { /* non input consuming loop */
|
124
|
-
buffer[nbchars++] = *current++;
|
125
|
-
- if (nbchars >
|
126
|
-
- buffer_size - XML_PARSER_BUFFER_SIZE) {
|
127
|
-
+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
|
128
|
-
if (xmlParserEntityCheck(ctxt, nbchars, ent))
|
129
|
-
goto int_error;
|
130
|
-
growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
|
131
|
-
@@ -2759,8 +2760,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
|
132
|
-
} else {
|
133
|
-
COPY_BUF(l,buffer,nbchars,c);
|
134
|
-
str += l;
|
135
|
-
- if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
|
136
|
-
- growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
|
137
|
-
+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
|
138
|
-
+ growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
|
139
|
-
}
|
140
|
-
}
|
141
|
-
if (str < last)
|
142
|
-
@@ -3764,8 +3765,8 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
143
|
-
xmlChar limit = 0;
|
144
|
-
xmlChar *buf = NULL;
|
145
|
-
xmlChar *rep = NULL;
|
146
|
-
- int len = 0;
|
147
|
-
- int buf_size = 0;
|
148
|
-
+ size_t len = 0;
|
149
|
-
+ size_t buf_size = 0;
|
150
|
-
int c, l, in_space = 0;
|
151
|
-
xmlChar *current = NULL;
|
152
|
-
xmlEntityPtr ent;
|
153
|
-
@@ -3787,7 +3788,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
154
|
-
* allocate a translation buffer.
|
155
|
-
*/
|
156
|
-
buf_size = XML_PARSER_BUFFER_SIZE;
|
157
|
-
- buf = (xmlChar *) xmlMallocAtomic(buf_size * sizeof(xmlChar));
|
158
|
-
+ buf = (xmlChar *) xmlMallocAtomic(buf_size);
|
159
|
-
if (buf == NULL) goto mem_error;
|
160
|
-
|
161
|
-
/*
|
162
|
-
@@ -3804,7 +3805,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
163
|
-
|
164
|
-
if (val == '&') {
|
165
|
-
if (ctxt->replaceEntities) {
|
166
|
-
- if (len > buf_size - 10) {
|
167
|
-
+ if (len + 10 > buf_size) {
|
168
|
-
growBuffer(buf, 10);
|
169
|
-
}
|
170
|
-
buf[len++] = '&';
|
171
|
-
@@ -3813,7 +3814,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
172
|
-
* The reparsing will be done in xmlStringGetNodeList()
|
173
|
-
* called by the attribute() function in SAX.c
|
174
|
-
*/
|
175
|
-
- if (len > buf_size - 10) {
|
176
|
-
+ if (len + 10 > buf_size) {
|
177
|
-
growBuffer(buf, 10);
|
178
|
-
}
|
179
|
-
buf[len++] = '&';
|
180
|
-
@@ -3823,7 +3824,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
181
|
-
buf[len++] = ';';
|
182
|
-
}
|
183
|
-
} else if (val != 0) {
|
184
|
-
- if (len > buf_size - 10) {
|
185
|
-
+ if (len + 10 > buf_size) {
|
186
|
-
growBuffer(buf, 10);
|
187
|
-
}
|
188
|
-
len += xmlCopyChar(0, &buf[len], val);
|
189
|
-
@@ -3835,7 +3836,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
190
|
-
ctxt->nbentities += ent->owner;
|
191
|
-
if ((ent != NULL) &&
|
192
|
-
(ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
|
193
|
-
- if (len > buf_size - 10) {
|
194
|
-
+ if (len + 10 > buf_size) {
|
195
|
-
growBuffer(buf, 10);
|
196
|
-
}
|
197
|
-
if ((ctxt->replaceEntities == 0) &&
|
198
|
-
@@ -3863,7 +3864,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
199
|
-
current++;
|
200
|
-
} else
|
201
|
-
buf[len++] = *current++;
|
202
|
-
- if (len > buf_size - 10) {
|
203
|
-
+ if (len + 10 > buf_size) {
|
204
|
-
growBuffer(buf, 10);
|
205
|
-
}
|
206
|
-
}
|
207
|
-
@@ -3871,7 +3872,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
208
|
-
rep = NULL;
|
209
|
-
}
|
210
|
-
} else {
|
211
|
-
- if (len > buf_size - 10) {
|
212
|
-
+ if (len + 10 > buf_size) {
|
213
|
-
growBuffer(buf, 10);
|
214
|
-
}
|
215
|
-
if (ent->content != NULL)
|
216
|
-
@@ -3899,7 +3900,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
217
|
-
* Just output the reference
|
218
|
-
*/
|
219
|
-
buf[len++] = '&';
|
220
|
-
- while (len > buf_size - i - 10) {
|
221
|
-
+ while (len + i + 10 > buf_size) {
|
222
|
-
growBuffer(buf, i + 10);
|
223
|
-
}
|
224
|
-
for (;i > 0;i--)
|
225
|
-
@@ -3912,7 +3913,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
226
|
-
if ((len != 0) || (!normalize)) {
|
227
|
-
if ((!normalize) || (!in_space)) {
|
228
|
-
COPY_BUF(l,buf,len,0x20);
|
229
|
-
- while (len > buf_size - 10) {
|
230
|
-
+ while (len + 10 > buf_size) {
|
231
|
-
growBuffer(buf, 10);
|
232
|
-
}
|
233
|
-
}
|
234
|
-
@@ -3921,7 +3922,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
235
|
-
} else {
|
236
|
-
in_space = 0;
|
237
|
-
COPY_BUF(l,buf,len,c);
|
238
|
-
- if (len > buf_size - 10) {
|
239
|
-
+ if (len + 10 > buf_size) {
|
240
|
-
growBuffer(buf, 10);
|
241
|
-
}
|
242
|
-
}
|
243
|
-
@@ -3946,7 +3947,18 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
|
244
|
-
}
|
245
|
-
} else
|
246
|
-
NEXT;
|
247
|
-
- if (attlen != NULL) *attlen = len;
|
248
|
-
+
|
249
|
-
+ /*
|
250
|
-
+ * There we potentially risk an overflow, don't allow attribute value of
|
251
|
-
+ * lenght more than INT_MAX it is a very reasonnable assumption !
|
252
|
-
+ */
|
253
|
-
+ if (len >= INT_MAX) {
|
254
|
-
+ xmlFatalErrMsg(ctxt, XML_ERR_ATTRIBUTE_NOT_FINISHED,
|
255
|
-
+ "AttValue lenght too long\n");
|
256
|
-
+ goto mem_error;
|
257
|
-
+ }
|
258
|
-
+
|
259
|
-
+ if (attlen != NULL) *attlen = (int) len;
|
260
|
-
return(buf);
|
261
|
-
|
262
|
-
mem_error:
|
263
|
-
--
|
264
|
-
1.8.4.1
|
265
|
-
|