RubyGems - nokogiri - Versions diffs - 1.6.7.2 → 1.6.8.rc1 - Mend

nokogiri 1.6.7.2 → 1.6.8.rc1

Potentially problematic release.

This version of nokogiri might be problematic. Click here for more details.

Files changed (74) hide show

checksums.yaml +4 -4
data/.travis.yml +12 -9
data/CHANGELOG.ja.rdoc +18 -0
data/CHANGELOG.rdoc +12 -7
data/CONTRIBUTING.md +42 -0
data/Gemfile +1 -1
data/Manifest.txt +6 -0
data/README.md +1 -1
data/Rakefile +1 -1
data/bin/nokogiri +2 -2
data/dependencies.yml +1 -1
data/ext/nokogiri/extconf.rb +3 -3
data/ext/nokogiri/nokogiri.c +0 -7
data/ext/nokogiri/nokogiri.h +1 -34
data/ext/nokogiri/xml_document.c +2 -4
data/ext/nokogiri/xml_namespace.c +56 -17
data/ext/nokogiri/xml_node.c +12 -36
data/ext/nokogiri/xml_node_set.c +169 -143
data/ext/nokogiri/xml_node_set.h +3 -4
data/ext/nokogiri/xml_sax_parser.c +2 -5
data/ext/nokogiri/xml_syntax_error.c +0 -4
data/ext/nokogiri/xml_syntax_error.h +0 -1
data/ext/nokogiri/xml_xpath_context.c +9 -18
data/lib/nokogiri.rb +3 -0
data/lib/nokogiri/css/parser.rb +8 -2
data/lib/nokogiri/css/parser.y +7 -2
data/lib/nokogiri/version.rb +1 -1
data/lib/nokogiri/xml/document.rb +7 -1
data/lib/nokogiri/xml/dtd.rb +4 -4
data/lib/nokogiri/xml/node.rb +2 -2
data/ports/archives/libxml2-2.9.3.tar.gz +0 -0
data/test/css/test_parser.rb +7 -1
data/test/files/GH_1042.html +18 -0
data/test/files/namespace_pressure_test.xml +1684 -0
data/test/files/tlm.html +2 -1
data/test/html/sax/test_parser.rb +2 -2
data/test/html/test_document.rb +18 -8
data/test/html/test_document_encoding.rb +46 -54
data/test/html/test_document_fragment.rb +21 -22
data/test/html/test_node.rb +16 -0
data/test/html/test_node_encoding.rb +12 -14
data/test/namespaces/test_namespaces_in_parsed_doc.rb +14 -0
data/test/test_reader.rb +19 -0
data/test/test_xslt_transforms.rb +5 -3
data/test/xml/sax/test_parser.rb +36 -39
data/test/xml/test_document.rb +7 -2
data/test/xml/test_document_encoding.rb +14 -16
data/test/xml/test_dtd_encoding.rb +0 -2
data/test/xml/test_node_encoding.rb +78 -80
data/test/xml/test_reader_encoding.rb +100 -102
data/test/xslt/test_exception_handling.rb +1 -1
metadata +11 -28
data/patches/libxml2/0001-Revert-Missing-initialization-for-the-catalog-module.patch +0 -29
data/patches/libxml2/0002-Fix-missing-entities-after-CVE-2014-3660-fix.patch +0 -31
data/patches/libxml2/0003-Stop-parsing-on-entities-boundaries-errors.patch +0 -32
data/patches/libxml2/0004-Cleanup-conditional-section-error-handling.patch +0 -49
data/patches/libxml2/0005-CVE-2015-1819-Enforce-the-reader-to-run-in-constant-.patch +0 -177
data/patches/libxml2/0006-Another-variation-of-overflow-in-Conditional-section.patch +0 -32
data/patches/libxml2/0007-Fix-an-error-in-previous-Conditional-section-patch.patch +0 -28
data/patches/libxml2/0008-CVE-2015-8035-Fix-XZ-compression-support-loop.patch +0 -31
data/patches/libxml2/0009-Updated-config.guess.patch +0 -397
data/patches/libxml2/0010-Fix-parsering-short-unclosed-comment-uninitialized-access.patch +0 -64
data/patches/libxml2/0011-Avoid-extra-processing-of-MarkupDecl-when-EOF.patch +0 -35
data/patches/libxml2/0012-Avoid-processing-entities-after-encoding-conversion-.patch +0 -83
data/patches/libxml2/0013-CVE-2015-7497-Avoid-an-heap-buffer-overflow-in-xmlDi.patch +0 -33
data/patches/libxml2/0014-CVE-2015-5312-Another-entity-expansion-issue.patch +0 -32
data/patches/libxml2/0015-Add-xmlHaltParser-to-stop-the-parser.patch +0 -81
data/patches/libxml2/0016-Detect-incoherency-on-GROW.patch +0 -36
data/patches/libxml2/0017-CVE-2015-7500-Fix-memory-access-error-due-to-incorre.patch +0 -105
data/patches/libxml2/0018-CVE-2015-8242-Buffer-overead-with-HTML-parser-in-pus.patch +0 -43
data/patches/libxml2/0019-Do-not-print-error-context-when-there-is-none.patch +0 -28
data/patches/libxml2/0020-xmlStopParser-reset-errNo.patch +0 -41
data/patches/libxml2/0021-Reuse-xmlHaltParser-where-it-makes-sense.patch +0 -175
data/ports/archives/libxml2-2.9.2.tar.gz +0 -0

data/patches/libxml2/0018-CVE-2015-8242-Buffer-overead-with-HTML-parser-in-pus.patch DELETED

@@ -1,43 +0,0 @@
-From 37bc5395ae2489db988b37b4dba070c584b516ca Mon Sep 17 00:00:00 2001
-From: Hugh Davenport <hugh@allthethings.co.nz>
-Date: Fri, 20 Nov 2015 17:16:06 +0800
-Subject: [PATCH 18/18] CVE-2015-8242 Buffer overead with HTML parser in push
- mode
-For https://bugzilla.gnome.org/show_bug.cgi?id=756372
-Error in the code pointing to the codepoint in the stack for the
-current char value instead of the pointer in the input that the SAX
-callback expects
-Reported and fixed by Hugh Davenport
----
- HTMLparser.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-diff --git a/HTMLparser.c b/HTMLparser.c
-index bdf7807..b729197 100644
---- a/HTMLparser.c
-+++ b/HTMLparser.c
-@@ -5735,17 +5735,17 @@ htmlParseTryOrFinish(htmlParserCtxtPtr ctxt, int terminate) {
- 				if (ctxt->keepBlanks) {
- 				    if (ctxt->sax->characters != NULL)
- 					ctxt->sax->characters(
--						ctxt->userData, &cur, 1);
-+						ctxt->userData, &in->cur[0], 1);
- 				} else {
- 				    if (ctxt->sax->ignorableWhitespace != NULL)
- 					ctxt->sax->ignorableWhitespace(
--						ctxt->userData, &cur, 1);
-+						ctxt->userData, &in->cur[0], 1);
- 				}
- 			    } else {
- 				htmlCheckParagraph(ctxt);
- 				if (ctxt->sax->characters != NULL)
- 				    ctxt->sax->characters(
--					    ctxt->userData, &cur, 1);
-+					    ctxt->userData, &in->cur[0], 1);
- 			    }
- 			}
- 			ctxt->token = 0;
---
-2.5.0

data/patches/libxml2/0019-Do-not-print-error-context-when-there-is-none.patch DELETED

@@ -1,28 +0,0 @@
-From ce0b0d0d81fdbb5f722a890432b52d363e4de57b Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 20 Nov 2015 15:01:22 +0800
-Subject: Do not print error context when there is none
-Which now happens more frequently du to xmlHaltParser use
----
- error.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-diff --git a/error.c b/error.c
-index cbcf5c9..9c45040 100644
---- a/error.c
-+++ b/error.c
-@@ -177,7 +177,9 @@ xmlParserPrintFileContextInternal(xmlParserInputPtr input ,
-     xmlChar  content[81]; /* space for 80 chars + line terminator */
-     xmlChar *ctnt;
--    if (input == NULL) return;
-+    if ((input == NULL) || (input->cur == NULL) ||
-+        (*input->cur == 0)) return;
-+
-     cur = input->cur;
-     base = input->base;
-     /* skip backwards over any end-of-lines */
---
-cgit v0.11.2

data/patches/libxml2/0020-xmlStopParser-reset-errNo.patch DELETED

@@ -1,41 +0,0 @@
-From 53ac9c9649fa091377dfea9511f012171f08972d Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Mon, 9 Nov 2015 18:16:00 +0800
-Subject: xmlStopParser reset errNo
-I had used it in contexts where that information ought to be preserved
----
- parser.c | 3 +++
- 1 file changed, 3 insertions(+)
-diff --git a/parser.c b/parser.c
-index c79b4e8..b7b6668 100644
---- a/parser.c
-+++ b/parser.c
-@@ -6782,6 +6782,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
- 	    xmlStopParser(ctxt);
-+	    ctxt->errNo = XML_ERR_CONDSEC_INVALID;
- 	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
-@@ -6844,6 +6845,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
- 	    xmlStopParser(ctxt);
-+	    ctxt->errNo = XML_ERR_CONDSEC_INVALID;
- 	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
-@@ -6901,6 +6903,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
-     } else {
- 	xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL);
- 	xmlStopParser(ctxt);
-+	ctxt->errNo = XML_ERR_CONDSEC_INVALID_KEYWORD;
- 	return;
-     }
---
-cgit v0.11.2

data/patches/libxml2/0021-Reuse-xmlHaltParser-where-it-makes-sense.patch DELETED

@@ -1,175 +0,0 @@
-From e3b1597421ad7cbeb5939fc3b54f43f141c82366 Mon Sep 17 00:00:00 2001
-From: Daniel Veillard <veillard@redhat.com>
-Date: Fri, 20 Nov 2015 14:59:30 +0800
-Subject: Reuse xmlHaltParser() where it makes sense
-Unify the various place where either xmlStopParser was called
-(which resets the error as a side effect) and places where we
-used ctxt->instate = XML_PARSER_EOF to stop further processing
----
- parser.c | 37 +++++++++++++++++--------------------
- 1 file changed, 17 insertions(+), 20 deletions(-)
-diff --git a/parser.c b/parser.c
-index b6e99b1..1810f99 100644
---- a/parser.c
-+++ b/parser.c
-@@ -1773,7 +1773,7 @@ nodePush(xmlParserCtxtPtr ctxt, xmlNodePtr value)
- 	xmlFatalErrMsgInt(ctxt, XML_ERR_INTERNAL_ERROR,
- 		 "Excessive depth in document: %d use XML_PARSE_HUGE option\n",
- 			  xmlParserMaxDepth);
--	ctxt->instate = XML_PARSER_EOF;
-+	xmlHaltParser(ctxt);
- 	return(-1);
-     }
-     ctxt->nodeTab[ctxt->nodeNr] = value;
-@@ -5675,7 +5675,7 @@ xmlParseEntityDecl(xmlParserCtxtPtr ctxt) {
- 	if (RAW != '>') {
- 	    xmlFatalErrMsgStr(ctxt, XML_ERR_ENTITY_NOT_FINISHED,
- 	            "xmlParseEntityDecl: entity %s not terminated\n", name);
--	    xmlStopParser(ctxt);
-+	    xmlHaltParser(ctxt);
- 	} else {
- 	    if (input != ctxt->input) {
- 		xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_BOUNDARY,
-@@ -6787,8 +6787,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	SKIP_BLANKS;
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
--	    xmlStopParser(ctxt);
--	    ctxt->errNo = XML_ERR_CONDSEC_INVALID;
-+	    xmlHaltParser(ctxt);
- 	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
-@@ -6850,8 +6849,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
- 	SKIP_BLANKS;
- 	if (RAW != '[') {
- 	    xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID, NULL);
--	    xmlStopParser(ctxt);
--	    ctxt->errNo = XML_ERR_CONDSEC_INVALID;
-+	    xmlHaltParser(ctxt);
- 	    return;
- 	} else {
- 	    if (ctxt->input->id != id) {
-@@ -6908,8 +6906,7 @@ xmlParseConditionalSections(xmlParserCtxtPtr ctxt) {
-     } else {
- 	xmlFatalErr(ctxt, XML_ERR_CONDSEC_INVALID_KEYWORD, NULL);
--	xmlStopParser(ctxt);
--	ctxt->errNo = XML_ERR_CONDSEC_INVALID_KEYWORD;
-+	xmlHaltParser(ctxt);
- 	return;
-     }
-@@ -7120,7 +7117,7 @@ xmlParseExternalSubset(xmlParserCtxtPtr ctxt, const xmlChar *ExternalID,
- 	    /*
- 	     * The XML REC instructs us to stop parsing right here
- 	     */
--	    ctxt->instate = XML_PARSER_EOF;
-+	    xmlHaltParser(ctxt);
- 	    return;
- 	}
-     }
-@@ -8107,7 +8104,7 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
- 		     * The XML REC instructs us to stop parsing
- 		     * right here
- 		     */
--		    ctxt->instate = XML_PARSER_EOF;
-+		    xmlHaltParser(ctxt);
- 		    return;
- 		}
- 	    }
-@@ -10047,7 +10044,7 @@ xmlParseContent(xmlParserCtxtPtr ctxt) {
- 	if ((cons == ctxt->input->consumed) && (test == CUR_PTR)) {
- 	    xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR,
- 	                "detected an error in element content\n");
--	    ctxt->instate = XML_PARSER_EOF;
-+	    xmlHaltParser(ctxt);
-             break;
- 	}
-     }
-@@ -10082,7 +10079,7 @@ xmlParseElement(xmlParserCtxtPtr ctxt) {
- 	xmlFatalErrMsgInt(ctxt, XML_ERR_INTERNAL_ERROR,
- 		 "Excessive depth in document: %d use XML_PARSE_HUGE option\n",
- 			  xmlParserMaxDepth);
--	ctxt->instate = XML_PARSER_EOF;
-+	xmlHaltParser(ctxt);
- 	return;
-     }
-@@ -11412,7 +11409,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) {
- 			ctxt->sax->setDocumentLocator(ctxt->userData,
- 						      &xmlDefaultSAXLocator);
- 		    xmlFatalErr(ctxt, XML_ERR_DOCUMENT_EMPTY, NULL);
--		    ctxt->instate = XML_PARSER_EOF;
-+		    xmlHaltParser(ctxt);
- #ifdef DEBUG_PUSH
- 		    xmlGenericError(xmlGenericErrorContext,
- 			    "PP: entering EOF\n");
-@@ -11445,7 +11442,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) {
- 			     * The XML REC instructs us to stop parsing right
- 			     * here
- 			     */
--			    ctxt->instate = XML_PARSER_EOF;
-+			    xmlHaltParser(ctxt);
- 			    return(0);
- 			}
- 			ctxt->standalone = ctxt->input->standalone;
-@@ -11501,7 +11498,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) {
- 		cur = ctxt->input->cur[0];
- 	        if (cur != '<') {
- 		    xmlFatalErr(ctxt, XML_ERR_DOCUMENT_EMPTY, NULL);
--		    ctxt->instate = XML_PARSER_EOF;
-+		    xmlHaltParser(ctxt);
- 		    if ((ctxt->sax) && (ctxt->sax->endDocument != NULL))
- 			ctxt->sax->endDocument(ctxt->userData);
- 		    goto done;
-@@ -11533,7 +11530,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) {
- 		    goto done;
- 		if (name == NULL) {
- 		    spacePop(ctxt);
--		    ctxt->instate = XML_PARSER_EOF;
-+		    xmlHaltParser(ctxt);
- 		    if ((ctxt->sax) && (ctxt->sax->endDocument != NULL))
- 			ctxt->sax->endDocument(ctxt->userData);
- 		    goto done;
-@@ -11700,7 +11697,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) {
- 		if ((cons == ctxt->input->consumed) && (test == CUR_PTR)) {
- 		    xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR,
- 		                "detected an error in element content\n");
--		    ctxt->instate = XML_PARSER_EOF;
-+		    xmlHaltParser(ctxt);
- 		    break;
- 		}
- 		break;
-@@ -12021,7 +12018,7 @@ xmlParseTryOrFinish(xmlParserCtxtPtr ctxt, int terminate) {
- 		    goto done;
- 		} else {
- 		    xmlFatalErr(ctxt, XML_ERR_DOCUMENT_END, NULL);
--		    ctxt->instate = XML_PARSER_EOF;
-+		    xmlHaltParser(ctxt);
- #ifdef DEBUG_PUSH
- 		    xmlGenericError(xmlGenericErrorContext,
- 			    "PP: entering EOF\n");
-@@ -12385,7 +12382,7 @@ xmldecl_done:
- 	res = xmlParserInputBufferPush(ctxt->input->buf, size, chunk);
- 	if (res < 0) {
- 	    ctxt->errNo = XML_PARSER_EOF;
--	    ctxt->disableSAX = 1;
-+	    xmlHaltParser(ctxt);
- 	    return (XML_PARSER_EOF);
- 	}
-         xmlBufSetInputBaseCur(ctxt->input->buf->buffer, ctxt->input, base, cur);
-@@ -12439,7 +12436,7 @@ xmldecl_done:
-          ((ctxt->input->cur - ctxt->input->base) > XML_MAX_LOOKUP_LIMIT)) &&
-         ((ctxt->options & XML_PARSE_HUGE) == 0)) {
-         xmlFatalErr(ctxt, XML_ERR_INTERNAL_ERROR, "Huge input lookup");
--        ctxt->instate = XML_PARSER_EOF;
-+        xmlHaltParser(ctxt);
-     }
-     if ((ctxt->errNo != XML_ERR_OK) && (ctxt->disableSAX == 1))
-         return(ctxt->errNo);
---
-cgit v0.11.2

data/ports/archives/libxml2-2.9.2.tar.gz DELETED

Binary file