nokogiri 1.6.7.2 → 1.6.8.rc1

data/test/xslt/test_exception_handling.rb

@@ -28,7 +28,7 @@ EOXSL
           xsl.transform xml
           fail('It should not get here')
         rescue RuntimeError => e
-          assert_match(/HIERARCHY_REQUEST_ERR/, e.to_s, 'The exception message does not contain the expected information')
+          assert_match(/Can't have more than one root/, e.to_s, 'The exception message does not contain the expected information')
         end
       end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nokogiri
 version: !ruby/object:Gem::Version
-  version: 1.6.7.2
+  version: 1.6.8.rc1
 platform: ruby
 authors:
 - Aaron Patterson
@@ -12,7 +12,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-20 00:00:00.000000000 Z
+date: 2015-12-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mini_portile2
@@ -20,14 +20,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0.rc2
+        version: 2.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.0.0.rc2
+        version: 2.0.0
 - !ruby/object:Gem::Dependency
   name: rdoc
   requirement: !ruby/object:Gem::Requirement
@@ -216,6 +216,7 @@ extensions:
 extra_rdoc_files:
 - CHANGELOG.ja.rdoc
 - CHANGELOG.rdoc
+- CONTRIBUTING.md
 - C_CODING_STYLE.rdoc
 - LICENSE.txt
 - Manifest.txt
@@ -266,6 +267,7 @@ files:
 - ".travis.yml"
 - CHANGELOG.ja.rdoc
 - CHANGELOG.rdoc
+- CONTRIBUTING.md
 - C_CODING_STYLE.rdoc
 - Gemfile
 - LICENSE.txt
@@ -411,27 +413,6 @@ files:
 - lib/nokogiri/xslt.rb
 - lib/nokogiri/xslt/stylesheet.rb
 - lib/xsd/xmlparser/nokogiri.rb
-- patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch
-- patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch
-- patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch
-- patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch
-- patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch
-- patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch
-- patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch
-- patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch
-- patches/libxml2/0009-Updated-config.guess.patch
-- patches/libxml2/0010-Fix-parsering-short-unclosed-comment-uninitialized-access.patch
-- patches/libxml2/0011-Avoid-extra-processing-of-MarkupDecl-when-EOF.patch
-- patches/libxml2/0012-Avoid-processing-entities-after-encoding-conversion-.patch
-- patches/libxml2/0013-CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch
-- patches/libxml2/0014-CVE-2015-5312-Another-entity-expansion-issue.patch
-- patches/libxml2/0015-Add-xmlHaltParser-to-stop-the-parser.patch
-- patches/libxml2/0016-Detect-incoherency-on-GROW.patch
-- patches/libxml2/0017-CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch
-- patches/libxml2/0018-CVE-2015-8242-Buffer-overead-with-HTML-parser-in-pus.patch
-- patches/libxml2/0019-Do-not-print-error-context-when-there-is-none.patch
-- patches/libxml2/0020-xmlStopParser-reset-errNo.patch
-- patches/libxml2/0021-Reuse-xmlHaltParser-where-it-makes-sense.patch
 - patches/libxslt/0001-Adding-doc-update-related-to-1.1.28.patch
 - patches/libxslt/0002-Fix-a-couple-of-places-where-f-printf-parameters-wer.patch
 - patches/libxslt/0003-Initialize-pseudo-random-number-generator-with-curre.patch
@@ -447,7 +428,7 @@ files:
 - patches/libxslt/0016-Fix-for-type-confusion-in-preprocessing-attributes.patch
 - patches/libxslt/0017-Updated-config.guess.patch
 - patches/sort-patches-by-date
-- ports/archives/libxml2-2.9.2.tar.gz
+- ports/archives/libxml2-2.9.3.tar.gz
 - ports/archives/libxslt-1.1.28.tar.gz
 - suppressions/README.txt
 - suppressions/nokogiri_ree-1.8.7.358.supp
@@ -461,6 +442,7 @@ files:
 - test/css/test_xpath_visitor.rb
 - test/decorators/test_slop.rb
 - test/files/2ch.html
+- test/files/GH_1042.html
 - test/files/address_book.rlx
 - test/files/address_book.xml
 - test/files/atom.xml
@@ -473,6 +455,7 @@ files:
 - test/files/exslt.xslt
 - test/files/foo/foo.xsd
 - test/files/metacharset.html
+- test/files/namespace_pressure_test.xml
 - test/files/noencoding.html
 - test/files/po.xml
 - test/files/po.xsd
@@ -579,9 +562,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 1.9.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.4.8

data/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch

@@ -1,29 +0,0 @@
-From f65128f38289d77ff322d63aef2858cc0a819c34 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 17 Oct 2014 17:13:41 +0800
-Subject: [PATCH] Revert "Missing initialization for the catalog module"
-
-This reverts commit 054c716ea1bf001544127a4ab4f4346d1b9947e7.
-As this break xmlcatalog command
-https://bugzilla.redhat.com/show_bug.cgi?id=1153753
----
- parser.c | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/parser.c b/parser.c
-index 1d93967..67c9dfd 100644
---- a/parser.c
-+++ b/parser.c
-@@ -14830,9 +14830,6 @@ xmlInitParser(void) {
- #ifdef LIBXML_XPATH_ENABLED
- 	xmlXPathInit();
- #endif
--#ifdef LIBXML_CATALOG_ENABLED
--        xmlInitializeCatalog();
--#endif
- 	xmlParserInitialized = 1;
- #ifdef LIBXML_THREAD_ENABLED
-     }
--- 
-2.1.2
-

data/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch

@@ -1,31 +0,0 @@
-From 72a46a519ce7326d9a00f0b6a7f2a8e958cd1675 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Thu, 23 Oct 2014 11:35:36 +0800
-Subject: [PATCH] Fix missing entities after CVE-2014-3660 fix
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=738805
-
-The fix for CVE-2014-3660 introduced a regression in some case
-where entity substitution is required and the entity is used
-first in anotther entity referenced from an attribute value
----
- parser.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/parser.c b/parser.c
-index 67c9dfd..a8d1b67 100644
---- a/parser.c
-+++ b/parser.c
-@@ -7235,7 +7235,8 @@ xmlParseReference(xmlParserCtxtPtr ctxt) {
-      * far more secure as the parser will only process data coming from
-      * the document entity by default.
-      */
--    if ((ent->checked == 0) &&
-+    if (((ent->checked == 0) ||
-+         ((ent->children == NULL) && (ctxt->options & XML_PARSE_NOENT))) &&
-         ((ent->etype != XML_EXTERNAL_GENERAL_PARSED_ENTITY) ||
-          (ctxt->options & (XML_PARSE_NOENT | XML_PARSE_DTDVALID)))) {
- 	unsigned long oldnbent = ctxt->nbentities;
--- 
-2.1.2
-

data/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch

@@ -1,32 +0,0 @@
-From 99d99063ae5c4b6bd2b58324273401f3ce42a550 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Mon, 23 Feb 2015 11:17:35 +0800
-Subject: [PATCH 3/8] Stop parsing on entities boundaries errors
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=744980
-
-There are times, like on unterminated entities that it's preferable to
-stop parsing, even if that means less error reporting. Entities are
-feeding the parser on further processing, and if they are ill defined
-then it's possible to get the parser to bug. Also do the same on
-Conditional Sections if the input is broken, as the structure of
-the document can't be guessed.
----
- parser.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/parser.c b/parser.c
-index 1d93967..7b0380c 100644
---- a/parser.c
-+++ b/parser.c
-@@ -5658,6 +5658,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) {
- 	if (RAW != '>') {
- 	    xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED,
- 	            "xmlParseEntityDecl: entity %s not terminated\n", name);
-+	    xmlStopParser(ctxt);
- 	} else {
- 	    if (input != ctxt->input) {
- 		xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY,
--- 
-2.5.0
-

data/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch

@@ -1,49 +0,0 @@
-From c8d3950c5532c2e3d954bacdb8c479bb9fdacf89 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Mon, 23 Feb 2015 11:29:20 +0800
-Subject: [PATCH 4/8] Cleanup conditional section error handling
-
-For https://bugzilla.gnome.org/show_bug.cgi?id=744980
-
-The error handling of Conditional Section also need to be
-straightened as the structure of the document can't be
-guessed on a failure there and it's better to stop parsing
-as further errors are likely to be irrelevant.
----
- parser.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/parser.c b/parser.c
-index 7b0380c..1e714e7 100644
---- a/parser.c
-+++ b/parser.c
-@@ -6770,6 +6770,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	SKIP_BLANKS;
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
-+	    xmlStopParser(ctxt);
-+	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
- 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
-@@ -6830,6 +6832,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	SKIP_BLANKS;
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
-+	    xmlStopParser(ctxt);
-+	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
- 		xmlValidityError(ctxt, XML_ERR_ENTITY_BOUNDARY,
-@@ -6885,6 +6889,8 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 
-     } else {
- 	xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL);
-+	xmlStopParser(ctxt);
-+	return;
-     }
- 
-     if (RAW == 0)
--- 
-2.5.0
-

data/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch

@@ -1,177 +0,0 @@
-From 12f31177b0d9be57ed8fb3467b501606fb145286 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Tue, 14 Apr 2015 17:41:48 +0800
-Subject: [PATCH 5/8] CVE-2015-1819 Enforce the reader to run in constant
- memory
-
-One of the operation on the reader could resolve entities
-leading to the classic expansion issue. Make sure the
-buffer used for xmlreader operation is bounded.
-Introduce a new allocation type for the buffers for this effect.
----
- buf.c                 | 43 ++++++++++++++++++++++++++++++++++++++++++-
- include/libxml/tree.h |  3 ++-
- xmlreader.c           | 20 +++++++++++++++++++-
- 3 files changed, 63 insertions(+), 3 deletions(-)
-
-diff --git a/buf.c b/buf.c
-index 6efc7b6..07922ff 100644
---- a/buf.c
-+++ b/buf.c
-@@ -27,6 +27,7 @@
- #include <libxml/tree.h>
- #include <libxml/globals.h>
- #include <libxml/tree.h>
-+#include <libxml/parserInternals.h> /* for XML_MAX_TEXT_LENGTH */
- #include "buf.h"
- 
- #define WITH_BUFFER_COMPAT
-@@ -299,7 +300,8 @@ xmlBufSetAllocationScheme(xmlBufPtr buf,
-     if ((scheme == XML_BUFFER_ALLOC_DOUBLEIT) ||
-         (scheme == XML_BUFFER_ALLOC_EXACT) ||
-         (scheme == XML_BUFFER_ALLOC_HYBRID) ||
--        (scheme == XML_BUFFER_ALLOC_IMMUTABLE)) {
-+        (scheme == XML_BUFFER_ALLOC_IMMUTABLE) ||
-+	(scheme == XML_BUFFER_ALLOC_BOUNDED)) {
- 	buf->alloc = scheme;
-         if (buf->buffer)
-             buf->buffer->alloc = scheme;
-@@ -458,6 +460,18 @@ xmlBufGrowInternal(xmlBufPtr buf, size_t len) {
-     size = buf->use + len + 100;
- #endif
- 
-+    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+        /*
-+	 * Used to provide parsing limits
-+	 */
-+        if ((buf->use + len >= XML_MAX_TEXT_LENGTH) ||
-+	    (buf->size >= XML_MAX_TEXT_LENGTH)) {
-+	    xmlBufMemoryError(buf, "buffer error: text too long\n");
-+	    return(0);
-+	}
-+	if (size >= XML_MAX_TEXT_LENGTH)
-+	    size = XML_MAX_TEXT_LENGTH;
-+    }
-     if ((buf->alloc == XML_BUFFER_ALLOC_IO) && (buf->contentIO != NULL)) {
-         size_t start_buf = buf->content - buf->contentIO;
- 
-@@ -739,6 +753,15 @@ xmlBufResize(xmlBufPtr buf, size_t size)
-     CHECK_COMPAT(buf)
- 
-     if (buf->alloc == XML_BUFFER_ALLOC_IMMUTABLE) return(0);
-+    if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+        /*
-+	 * Used to provide parsing limits
-+	 */
-+        if (size >= XML_MAX_TEXT_LENGTH) {
-+	    xmlBufMemoryError(buf, "buffer error: text too long\n");
-+	    return(0);
-+	}
-+    }
- 
-     /* Don't resize if we don't have to */
-     if (size < buf->size)
-@@ -867,6 +890,15 @@ xmlBufAdd(xmlBufPtr buf, const xmlChar *str, int len) {
- 
-     needSize = buf->use + len + 2;
-     if (needSize > buf->size){
-+	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+	    /*
-+	     * Used to provide parsing limits
-+	     */
-+	    if (needSize >= XML_MAX_TEXT_LENGTH) {
-+		xmlBufMemoryError(buf, "buffer error: text too long\n");
-+		return(-1);
-+	    }
-+	}
-         if (!xmlBufResize(buf, needSize)){
- 	    xmlBufMemoryError(buf, "growing buffer");
-             return XML_ERR_NO_MEMORY;
-@@ -938,6 +970,15 @@ xmlBufAddHead(xmlBufPtr buf, const xmlChar *str, int len) {
-     }
-     needSize = buf->use + len + 2;
-     if (needSize > buf->size){
-+	if (buf->alloc == XML_BUFFER_ALLOC_BOUNDED) {
-+	    /*
-+	     * Used to provide parsing limits
-+	     */
-+	    if (needSize >= XML_MAX_TEXT_LENGTH) {
-+		xmlBufMemoryError(buf, "buffer error: text too long\n");
-+		return(-1);
-+	    }
-+	}
-         if (!xmlBufResize(buf, needSize)){
- 	    xmlBufMemoryError(buf, "growing buffer");
-             return XML_ERR_NO_MEMORY;
-diff --git a/include/libxml/tree.h b/include/libxml/tree.h
-index 2f90717..4a9b3bc 100644
---- a/include/libxml/tree.h
-+++ b/include/libxml/tree.h
-@@ -76,7 +76,8 @@ typedef enum {
-     XML_BUFFER_ALLOC_EXACT,	/* grow only to the minimal size */
-     XML_BUFFER_ALLOC_IMMUTABLE, /* immutable buffer */
-     XML_BUFFER_ALLOC_IO,	/* special allocation scheme used for I/O */
--    XML_BUFFER_ALLOC_HYBRID	/* exact up to a threshold, and doubleit thereafter */
-+    XML_BUFFER_ALLOC_HYBRID,	/* exact up to a threshold, and doubleit thereafter */
-+    XML_BUFFER_ALLOC_BOUNDED	/* limit the upper size of the buffer */
- } xmlBufferAllocationScheme;
- 
- /**
-diff --git a/xmlreader.c b/xmlreader.c
-index f19e123..471e7e2 100644
---- a/xmlreader.c
-+++ b/xmlreader.c
-@@ -2091,6 +2091,9 @@ xmlNewTextReader(xmlParserInputBufferPtr input, const char *URI) {
- 		"xmlNewTextReader : malloc failed\n");
- 	return(NULL);
-     }
-+    /* no operation on a reader should require a huge buffer */
-+    xmlBufSetAllocationScheme(ret->buffer,
-+			      XML_BUFFER_ALLOC_BOUNDED);
-     ret->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
-     if (ret->sax == NULL) {
- 	xmlBufFree(ret->buffer);
-@@ -3616,6 +3619,7 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
- 	    return(((xmlNsPtr) node)->href);
-         case XML_ATTRIBUTE_NODE:{
- 	    xmlAttrPtr attr = (xmlAttrPtr) node;
-+	    const xmlChar *ret;
- 
- 	    if ((attr->children != NULL) &&
- 	        (attr->children->type == XML_TEXT_NODE) &&
-@@ -3629,10 +3633,21 @@ xmlTextReaderConstValue(xmlTextReaderPtr reader) {
-                                         "xmlTextReaderSetup : malloc failed\n");
-                         return (NULL);
-                     }
-+		    xmlBufSetAllocationScheme(reader->buffer,
-+		                              XML_BUFFER_ALLOC_BOUNDED);
-                 } else
-                     xmlBufEmpty(reader->buffer);
- 	        xmlBufGetNodeContent(reader->buffer, node);
--		return(xmlBufContent(reader->buffer));
-+		ret = xmlBufContent(reader->buffer);
-+		if (ret == NULL) {
-+		    /* error on the buffer best to reallocate */
-+		    xmlBufFree(reader->buffer);
-+		    reader->buffer = xmlBufCreateSize(100);
-+		    xmlBufSetAllocationScheme(reader->buffer,
-+		                              XML_BUFFER_ALLOC_BOUNDED);
-+		    ret = BAD_CAST "";
-+		}
-+		return(ret);
- 	    }
- 	    break;
- 	}
-@@ -5131,6 +5146,9 @@ xmlTextReaderSetup(xmlTextReaderPtr reader,
-                         "xmlTextReaderSetup : malloc failed\n");
-         return (-1);
-     }
-+    /* no operation on a reader should require a huge buffer */
-+    xmlBufSetAllocationScheme(reader->buffer,
-+			      XML_BUFFER_ALLOC_BOUNDED);
-     if (reader->sax == NULL)
- 	reader->sax = (xmlSAXHandler *) xmlMalloc(sizeof(xmlSAXHandler));
-     if (reader->sax == NULL) {
--- 
-2.5.0
-

data/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch

@@ -1,32 +0,0 @@
-From 9ee30e69f63379b3caf451aa7ae4058a1fa2fa73 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 23 Oct 2015 19:02:28 +0800
-Subject: [PATCH 6/8] Another variation of overflow in Conditional sections
-
-Which happen after the previous fix to
-https://bugzilla.gnome.org/show_bug.cgi?id=756456
-
-But stopping the parser and exiting we didn't pop the intermediary entities
-and doing the SKIP there applies on an input which may be too small
----
- parser.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/parser.c b/parser.c
-index 1e714e7..0b8d633 100644
---- a/parser.c
-+++ b/parser.c
-@@ -6904,7 +6904,9 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	"All markup of the conditional section is not in the same entity\n",
- 				 NULL, NULL);
- 	}
--        SKIP(3);
-+	if ((ctxt-> instate != XML_PARSER_EOF) &&
-+	    ((ctxt->input->cur + 3) < ctxt->input->end))
-+	    SKIP(3);
-     }
- }
- 
--- 
-2.5.0
-