RubyGems - nokogiri - Versions diffs - 1.8.5 → 1.13.9 - Mend

nokogiri 1.8.5 → 1.13.9

Potentially problematic release.

This version of nokogiri might be problematic. Click here for more details.

Files changed (353) hide show

checksums.yaml +4 -4
data/Gemfile +3 -21
data/LICENSE-DEPENDENCIES.md +1159 -868
data/LICENSE.md +5 -28
data/README.md +196 -90
data/bin/nokogiri +63 -50
data/dependencies.yml +13 -59
data/ext/nokogiri/depend +38 -358
data/ext/nokogiri/extconf.rb +765 -420
data/ext/nokogiri/gumbo.c +584 -0
data/ext/nokogiri/html4_document.c +166 -0
data/ext/nokogiri/html4_element_description.c +294 -0
data/ext/nokogiri/html4_entity_lookup.c +37 -0
data/ext/nokogiri/html4_sax_parser_context.c +119 -0
data/ext/nokogiri/html4_sax_push_parser.c +95 -0
data/ext/nokogiri/libxml2_backwards_compat.c +121 -0
data/ext/nokogiri/nokogiri.c +228 -91
data/ext/nokogiri/nokogiri.h +199 -88
data/ext/nokogiri/test_global_handlers.c +40 -0
data/ext/nokogiri/xml_attr.c +42 -37
data/ext/nokogiri/xml_attribute_decl.c +21 -21
data/ext/nokogiri/xml_cdata.c +14 -19
data/ext/nokogiri/xml_comment.c +19 -26
data/ext/nokogiri/xml_document.c +296 -217
data/ext/nokogiri/xml_document_fragment.c +12 -16
data/ext/nokogiri/xml_dtd.c +64 -58
data/ext/nokogiri/xml_element_content.c +31 -26
data/ext/nokogiri/xml_element_decl.c +25 -25
data/ext/nokogiri/xml_encoding_handler.c +43 -18
data/ext/nokogiri/xml_entity_decl.c +37 -35
data/ext/nokogiri/xml_entity_reference.c +16 -18
data/ext/nokogiri/xml_namespace.c +99 -54
data/ext/nokogiri/xml_node.c +1107 -658
data/ext/nokogiri/xml_node_set.c +178 -166
data/ext/nokogiri/xml_processing_instruction.c +17 -19
data/ext/nokogiri/xml_reader.c +277 -175
data/ext/nokogiri/xml_relax_ng.c +52 -28
data/ext/nokogiri/xml_sax_parser.c +112 -112
data/ext/nokogiri/xml_sax_parser_context.c +112 -86
data/ext/nokogiri/xml_sax_push_parser.c +36 -27
data/ext/nokogiri/xml_schema.c +114 -35
data/ext/nokogiri/xml_syntax_error.c +42 -21
data/ext/nokogiri/xml_text.c +14 -18
data/ext/nokogiri/xml_xpath_context.c +226 -115
data/ext/nokogiri/xslt_stylesheet.c +265 -173
data/gumbo-parser/CHANGES.md +63 -0
data/gumbo-parser/Makefile +101 -0
data/gumbo-parser/THANKS +27 -0
data/gumbo-parser/src/Makefile +34 -0
data/gumbo-parser/src/README.md +41 -0
data/gumbo-parser/src/ascii.c +75 -0
data/gumbo-parser/src/ascii.h +115 -0
data/gumbo-parser/src/attribute.c +42 -0
data/gumbo-parser/src/attribute.h +17 -0
data/gumbo-parser/src/char_ref.c +22225 -0
data/gumbo-parser/src/char_ref.h +29 -0
data/gumbo-parser/src/char_ref.rl +2154 -0
data/gumbo-parser/src/error.c +626 -0
data/gumbo-parser/src/error.h +148 -0
data/gumbo-parser/src/foreign_attrs.c +104 -0
data/gumbo-parser/src/foreign_attrs.gperf +27 -0
data/gumbo-parser/src/gumbo.h +943 -0
data/gumbo-parser/src/insertion_mode.h +33 -0
data/gumbo-parser/src/macros.h +91 -0
data/gumbo-parser/src/parser.c +4875 -0
data/gumbo-parser/src/parser.h +41 -0
data/gumbo-parser/src/replacement.h +33 -0
data/gumbo-parser/src/string_buffer.c +103 -0
data/gumbo-parser/src/string_buffer.h +68 -0
data/gumbo-parser/src/string_piece.c +48 -0
data/gumbo-parser/src/svg_attrs.c +174 -0
data/gumbo-parser/src/svg_attrs.gperf +77 -0
data/gumbo-parser/src/svg_tags.c +137 -0
data/gumbo-parser/src/svg_tags.gperf +55 -0
data/gumbo-parser/src/tag.c +222 -0
data/gumbo-parser/src/tag_lookup.c +382 -0
data/gumbo-parser/src/tag_lookup.gperf +169 -0
data/gumbo-parser/src/tag_lookup.h +13 -0
data/gumbo-parser/src/token_buffer.c +79 -0
data/gumbo-parser/src/token_buffer.h +71 -0
data/gumbo-parser/src/token_type.h +17 -0
data/gumbo-parser/src/tokenizer.c +3463 -0
data/gumbo-parser/src/tokenizer.h +112 -0
data/gumbo-parser/src/tokenizer_states.h +339 -0
data/gumbo-parser/src/utf8.c +245 -0
data/gumbo-parser/src/utf8.h +164 -0
data/gumbo-parser/src/util.c +68 -0
data/gumbo-parser/src/util.h +30 -0
data/gumbo-parser/src/vector.c +111 -0
data/gumbo-parser/src/vector.h +45 -0
data/lib/nokogiri/class_resolver.rb +67 -0
data/lib/nokogiri/css/node.rb +10 -8
data/lib/nokogiri/css/parser.rb +397 -377
data/lib/nokogiri/css/parser.y +250 -245
data/lib/nokogiri/css/parser_extras.rb +54 -49
data/lib/nokogiri/css/syntax_error.rb +3 -1
data/lib/nokogiri/css/tokenizer.rb +107 -104
data/lib/nokogiri/css/tokenizer.rex +3 -2
data/lib/nokogiri/css/xpath_visitor.rb +218 -91
data/lib/nokogiri/css.rb +50 -17
data/lib/nokogiri/decorators/slop.rb +9 -7
data/lib/nokogiri/extension.rb +31 -0
data/lib/nokogiri/gumbo.rb +15 -0
data/lib/nokogiri/html.rb +38 -27
data/lib/nokogiri/{html → html4}/builder.rb +4 -2
data/lib/nokogiri/{html → html4}/document.rb +103 -105
data/lib/nokogiri/html4/document_fragment.rb +54 -0
data/lib/nokogiri/{html → html4}/element_description.rb +3 -1
data/lib/nokogiri/html4/element_description_defaults.rb +578 -0
data/lib/nokogiri/{html → html4}/entity_lookup.rb +4 -2
data/lib/nokogiri/{html → html4}/sax/parser.rb +17 -16
data/lib/nokogiri/html4/sax/parser_context.rb +20 -0
data/lib/nokogiri/{html → html4}/sax/push_parser.rb +12 -11
data/lib/nokogiri/html4.rb +46 -0
data/lib/nokogiri/html5/document.rb +91 -0
data/lib/nokogiri/html5/document_fragment.rb +83 -0
data/lib/nokogiri/html5/node.rb +100 -0
data/lib/nokogiri/html5.rb +478 -0
data/lib/nokogiri/jruby/dependencies.rb +21 -0
data/lib/nokogiri/syntax_error.rb +2 -0
data/lib/nokogiri/version/constant.rb +6 -0
data/lib/nokogiri/version/info.rb +222 -0
data/lib/nokogiri/version.rb +3 -108
data/lib/nokogiri/xml/attr.rb +6 -3
data/lib/nokogiri/xml/attribute_decl.rb +3 -1
data/lib/nokogiri/xml/builder.rb +97 -53
data/lib/nokogiri/xml/cdata.rb +3 -1
data/lib/nokogiri/xml/character_data.rb +2 -0
data/lib/nokogiri/xml/document.rb +224 -86
data/lib/nokogiri/xml/document_fragment.rb +57 -44
data/lib/nokogiri/xml/dtd.rb +4 -2
data/lib/nokogiri/xml/element_content.rb +2 -0
data/lib/nokogiri/xml/element_decl.rb +3 -1
data/lib/nokogiri/xml/entity_decl.rb +4 -2
data/lib/nokogiri/xml/entity_reference.rb +2 -0
data/lib/nokogiri/xml/namespace.rb +3 -0
data/lib/nokogiri/xml/node/save_options.rb +10 -5
data/lib/nokogiri/xml/node.rb +895 -377
data/lib/nokogiri/xml/node_set.rb +92 -65
data/lib/nokogiri/xml/notation.rb +13 -0
data/lib/nokogiri/xml/parse_options.rb +22 -8
data/lib/nokogiri/xml/pp/character_data.rb +9 -6
data/lib/nokogiri/xml/pp/node.rb +25 -26
data/lib/nokogiri/xml/pp.rb +4 -2
data/lib/nokogiri/xml/processing_instruction.rb +3 -1
data/lib/nokogiri/xml/reader.rb +21 -28
data/lib/nokogiri/xml/relax_ng.rb +8 -2
data/lib/nokogiri/xml/sax/document.rb +45 -49
data/lib/nokogiri/xml/sax/parser.rb +38 -34
data/lib/nokogiri/xml/sax/parser_context.rb +8 -3
data/lib/nokogiri/xml/sax/push_parser.rb +6 -5
data/lib/nokogiri/xml/sax.rb +6 -4
data/lib/nokogiri/xml/schema.rb +19 -9
data/lib/nokogiri/xml/searchable.rb +112 -72
data/lib/nokogiri/xml/syntax_error.rb +6 -4
data/lib/nokogiri/xml/text.rb +2 -0
data/lib/nokogiri/xml/xpath/syntax_error.rb +4 -2
data/lib/nokogiri/xml/xpath.rb +15 -4
data/lib/nokogiri/xml/xpath_context.rb +3 -3
data/lib/nokogiri/xml.rb +38 -37
data/lib/nokogiri/xslt/stylesheet.rb +3 -1
data/lib/nokogiri/xslt.rb +29 -20
data/lib/nokogiri.rb +49 -65
data/lib/xsd/xmlparser/nokogiri.rb +26 -24
data/patches/libxml2/0001-Remove-script-macro-support.patch +40 -0
data/patches/libxml2/0002-Update-entities-to-remove-handling-of-ssi.patch +44 -0
data/patches/libxml2/0003-libxml2.la-is-in-top_builddir.patch +25 -0
data/patches/libxml2/0005-avoid-isnan-isinf.patch +81 -0
data/patches/libxml2/0009-allow-wildcard-namespaces.patch +77 -0
data/patches/libxslt/0001-update-automake-files-for-arm64.patch +3037 -0
data/ports/archives/libxml2-2.10.3.tar.xz +0 -0
data/ports/archives/libxslt-1.1.37.tar.xz +0 -0
metadata +211 -266
data/.autotest +0 -22
data/.cross_rubies +0 -8
data/.editorconfig +0 -17
data/.gemtest +0 -0
data/.travis.yml +0 -63
data/CHANGELOG.md +0 -1368
data/CONTRIBUTING.md +0 -42
data/C_CODING_STYLE.rdoc +0 -33
data/Gemfile-libxml-ruby +0 -3
data/Manifest.txt +0 -370
data/ROADMAP.md +0 -111
data/Rakefile +0 -348
data/SECURITY.md +0 -19
data/STANDARD_RESPONSES.md +0 -47
data/Y_U_NO_GEMSPEC.md +0 -155
data/appveyor.yml +0 -29
data/build_all +0 -44
data/ext/nokogiri/html_document.c +0 -170
data/ext/nokogiri/html_document.h +0 -10
data/ext/nokogiri/html_element_description.c +0 -279
data/ext/nokogiri/html_element_description.h +0 -10
data/ext/nokogiri/html_entity_lookup.c +0 -32
data/ext/nokogiri/html_entity_lookup.h +0 -8
data/ext/nokogiri/html_sax_parser_context.c +0 -116
data/ext/nokogiri/html_sax_parser_context.h +0 -11
data/ext/nokogiri/html_sax_push_parser.c +0 -87
data/ext/nokogiri/html_sax_push_parser.h +0 -9
data/ext/nokogiri/xml_attr.h +0 -9
data/ext/nokogiri/xml_attribute_decl.h +0 -9
data/ext/nokogiri/xml_cdata.h +0 -9
data/ext/nokogiri/xml_comment.h +0 -9
data/ext/nokogiri/xml_document.h +0 -23
data/ext/nokogiri/xml_document_fragment.h +0 -10
data/ext/nokogiri/xml_dtd.h +0 -10
data/ext/nokogiri/xml_element_content.h +0 -10
data/ext/nokogiri/xml_element_decl.h +0 -9
data/ext/nokogiri/xml_encoding_handler.h +0 -8
data/ext/nokogiri/xml_entity_decl.h +0 -10
data/ext/nokogiri/xml_entity_reference.h +0 -9
data/ext/nokogiri/xml_io.c +0 -61
data/ext/nokogiri/xml_io.h +0 -11
data/ext/nokogiri/xml_libxml2_hacks.c +0 -112
data/ext/nokogiri/xml_libxml2_hacks.h +0 -12
data/ext/nokogiri/xml_namespace.h +0 -15
data/ext/nokogiri/xml_node.h +0 -13
data/ext/nokogiri/xml_node_set.h +0 -12
data/ext/nokogiri/xml_processing_instruction.h +0 -9
data/ext/nokogiri/xml_reader.h +0 -10
data/ext/nokogiri/xml_relax_ng.h +0 -9
data/ext/nokogiri/xml_sax_parser.h +0 -39
data/ext/nokogiri/xml_sax_parser_context.h +0 -10
data/ext/nokogiri/xml_sax_push_parser.h +0 -9
data/ext/nokogiri/xml_schema.h +0 -9
data/ext/nokogiri/xml_syntax_error.h +0 -13
data/ext/nokogiri/xml_text.h +0 -9
data/ext/nokogiri/xml_xpath_context.h +0 -10
data/ext/nokogiri/xslt_stylesheet.h +0 -14
data/lib/nokogiri/html/document_fragment.rb +0 -49
data/lib/nokogiri/html/element_description_defaults.rb +0 -671
data/lib/nokogiri/html/sax/parser_context.rb +0 -16
data/patches/libxml2/0001-Revert-Do-not-URI-escape-in-server-side-includes.patch +0 -78
data/patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch +0 -54
data/patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch +0 -50
data/patches/sort-patches-by-date +0 -25
data/ports/archives/libxml2-2.9.8.tar.gz +0 -0
data/ports/archives/libxslt-1.1.32.tar.gz +0 -0
data/suppressions/README.txt +0 -1
data/suppressions/nokogiri_ruby-2.supp +0 -10
data/tasks/test.rb +0 -100
data/test/css/test_nthiness.rb +0 -226
data/test/css/test_parser.rb +0 -386
data/test/css/test_tokenizer.rb +0 -215
data/test/css/test_xpath_visitor.rb +0 -96
data/test/decorators/test_slop.rb +0 -23
data/test/files/2ch.html +0 -108
data/test/files/GH_1042.html +0 -18
data/test/files/address_book.rlx +0 -12
data/test/files/address_book.xml +0 -10
data/test/files/atom.xml +0 -344
data/test/files/bar/bar.xsd +0 -4
data/test/files/bogus.xml +0 -0
data/test/files/dont_hurt_em_why.xml +0 -422
data/test/files/encoding.html +0 -82
data/test/files/encoding.xhtml +0 -84
data/test/files/exslt.xml +0 -8
data/test/files/exslt.xslt +0 -35
data/test/files/foo/foo.xsd +0 -4
data/test/files/metacharset.html +0 -10
data/test/files/namespace_pressure_test.xml +0 -1684
data/test/files/noencoding.html +0 -47
data/test/files/po.xml +0 -32
data/test/files/po.xsd +0 -66
data/test/files/saml/saml20assertion_schema.xsd +0 -283
data/test/files/saml/saml20protocol_schema.xsd +0 -302
data/test/files/saml/xenc_schema.xsd +0 -146
data/test/files/saml/xmldsig_schema.xsd +0 -318
data/test/files/shift_jis.html +0 -10
data/test/files/shift_jis.xml +0 -5
data/test/files/shift_jis_no_charset.html +0 -9
data/test/files/slow-xpath.xml +0 -25509
data/test/files/snuggles.xml +0 -3
data/test/files/staff.dtd +0 -10
data/test/files/staff.xml +0 -59
data/test/files/staff.xslt +0 -32
data/test/files/test_document_url/bar.xml +0 -2
data/test/files/test_document_url/document.dtd +0 -4
data/test/files/test_document_url/document.xml +0 -6
data/test/files/tlm.html +0 -851
data/test/files/to_be_xincluded.xml +0 -2
data/test/files/valid_bar.xml +0 -2
data/test/files/xinclude.xml +0 -4
data/test/helper.rb +0 -271
data/test/html/sax/test_parser.rb +0 -168
data/test/html/sax/test_parser_context.rb +0 -46
data/test/html/sax/test_parser_text.rb +0 -163
data/test/html/sax/test_push_parser.rb +0 -87
data/test/html/test_attributes.rb +0 -85
data/test/html/test_builder.rb +0 -164
data/test/html/test_document.rb +0 -712
data/test/html/test_document_encoding.rb +0 -143
data/test/html/test_document_fragment.rb +0 -310
data/test/html/test_element_description.rb +0 -105
data/test/html/test_named_characters.rb +0 -14
data/test/html/test_node.rb +0 -212
data/test/html/test_node_encoding.rb +0 -91
data/test/namespaces/test_additional_namespaces_in_builder_doc.rb +0 -14
data/test/namespaces/test_namespaces_aliased_default.rb +0 -24
data/test/namespaces/test_namespaces_in_builder_doc.rb +0 -75
data/test/namespaces/test_namespaces_in_cloned_doc.rb +0 -31
data/test/namespaces/test_namespaces_in_created_doc.rb +0 -75
data/test/namespaces/test_namespaces_in_parsed_doc.rb +0 -80
data/test/namespaces/test_namespaces_preservation.rb +0 -31
data/test/test_convert_xpath.rb +0 -135
data/test/test_css_cache.rb +0 -47
data/test/test_encoding_handler.rb +0 -48
data/test/test_memory_leak.rb +0 -156
data/test/test_nokogiri.rb +0 -138
data/test/test_soap4r_sax.rb +0 -52
data/test/test_xslt_transforms.rb +0 -314
data/test/xml/node/test_save_options.rb +0 -28
data/test/xml/node/test_subclass.rb +0 -44
data/test/xml/sax/test_parser.rb +0 -402
data/test/xml/sax/test_parser_context.rb +0 -115
data/test/xml/sax/test_parser_text.rb +0 -202
data/test/xml/sax/test_push_parser.rb +0 -265
data/test/xml/test_attr.rb +0 -74
data/test/xml/test_attribute_decl.rb +0 -86
data/test/xml/test_builder.rb +0 -341
data/test/xml/test_c14n.rb +0 -180
data/test/xml/test_cdata.rb +0 -54
data/test/xml/test_comment.rb +0 -40
data/test/xml/test_document.rb +0 -982
data/test/xml/test_document_encoding.rb +0 -31
data/test/xml/test_document_fragment.rb +0 -298
data/test/xml/test_dtd.rb +0 -187
data/test/xml/test_dtd_encoding.rb +0 -31
data/test/xml/test_element_content.rb +0 -56
data/test/xml/test_element_decl.rb +0 -73
data/test/xml/test_entity_decl.rb +0 -122
data/test/xml/test_entity_reference.rb +0 -262
data/test/xml/test_namespace.rb +0 -96
data/test/xml/test_node.rb +0 -1325
data/test/xml/test_node_attributes.rb +0 -115
data/test/xml/test_node_encoding.rb +0 -75
data/test/xml/test_node_inheritance.rb +0 -32
data/test/xml/test_node_reparenting.rb +0 -592
data/test/xml/test_node_set.rb +0 -809
data/test/xml/test_parse_options.rb +0 -64
data/test/xml/test_processing_instruction.rb +0 -30
data/test/xml/test_reader.rb +0 -620
data/test/xml/test_reader_encoding.rb +0 -134
data/test/xml/test_relax_ng.rb +0 -60
data/test/xml/test_schema.rb +0 -142
data/test/xml/test_syntax_error.rb +0 -36
data/test/xml/test_text.rb +0 -60
data/test/xml/test_unparented_node.rb +0 -483
data/test/xml/test_xinclude.rb +0 -83
data/test/xml/test_xpath.rb +0 -470
data/test/xslt/test_custom_functions.rb +0 -133
data/test/xslt/test_exception_handling.rb +0 -37

data/patches/libxml2/0001-Revert-Do-not-URI-escape-in-server-side-includes.patch DELETED Viewed

@@ -1,78 +0,0 @@
-From c5538465c08a8ea248a370bf55bc39cd3385e4af Mon Sep 17 00:00:00 2001
-From: Mike Dalessio <mike.dalessio@gmail.com>
-Date: Thu, 29 Mar 2018 14:09:00 -0400
-Subject: [PATCH] Revert "Do not URI escape in server side includes"
-This reverts commit 960f0e275616cadc29671a218d7fb9b69eb35588.
----
- HTMLtree.c | 49 +++++++++++--------------------------------------
- 1 file changed, 11 insertions(+), 38 deletions(-)
-diff --git a/HTMLtree.c b/HTMLtree.c
-index 2fd0c9c..67160c5 100644
---- a/HTMLtree.c
-+++ b/HTMLtree.c
-@@ -717,49 +717,22 @@ htmlAttrDumpOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, xmlAttrPtr cur,
- 		 (!xmlStrcasecmp(cur->name, BAD_CAST "src")) ||
- 		 ((!xmlStrcasecmp(cur->name, BAD_CAST "name")) &&
- 		  (!xmlStrcasecmp(cur->parent->name, BAD_CAST "a"))))) {
-+		xmlChar *escaped;
- 		xmlChar *tmp = value;
--		/* xmlURIEscapeStr() escapes '"' so it can be safely used. */
--		xmlBufCCat(buf->buffer, "\"");
- 		while (IS_BLANK_CH(*tmp)) tmp++;
--		/* URI Escape everything, except server side includes. */
--		for ( ; ; ) {
--		    xmlChar *escaped;
--		    xmlChar endChar;
--		    xmlChar *end = NULL;
--		    xmlChar *start = (xmlChar *)xmlStrstr(tmp, BAD_CAST "<!--");
--		    if (start != NULL) {
--			end = (xmlChar *)xmlStrstr(tmp, BAD_CAST "-->");
--			if (end != NULL) {
--			    *start = '\0';
--			}
--		    }
--
--		    /* Escape the whole string, or until start (set to '\0'). */
--		    escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+");
--		    if (escaped != NULL) {
--		        xmlBufCat(buf->buffer, escaped);
--		        xmlFree(escaped);
--		    } else {
--		        xmlBufCat(buf->buffer, tmp);
--		    }
--
--		    if (end == NULL) { /* Everything has been written. */
--			break;
--		    }
--
--		    /* Do not escape anything within server side includes. */
--		    *start = '<'; /* Restore the first character of "<!--". */
--		    end += 3; /* strlen("-->") */
--		    endChar = *end;
--		    *end = '\0';
--		    xmlBufCat(buf->buffer, start);
--		    *end = endChar;
--		    tmp = end;
-+		/*
-+		 * the < and > have already been escaped at the entity level
-+		 * And doing so here breaks server side includes
-+		 */
-+		escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+<>");
-+		if (escaped != NULL) {
-+		    xmlBufWriteQuotedString(buf->buffer, escaped);
-+		    xmlFree(escaped);
-+		} else {
-+		    xmlBufWriteQuotedString(buf->buffer, value);
- 		}
--
--		xmlBufCCat(buf->buffer, "\"");
- 	    } else {
- 		xmlBufWriteQuotedString(buf->buffer, value);
- 	    }
---
-2.9.5

data/patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch DELETED Viewed

@@ -1,54 +0,0 @@
-From a436374994c47b12d5de1b8b1d191a098fa23594 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 12:54:38 +0200
-Subject: [PATCH] Fix nullptr deref with XPath logic ops
-If the XPath stack is corrupted, for example by a misbehaving extension
-function, the "and" and "or" XPath operators could dereference NULL
-pointers. Check that the XPath stack isn't empty and optimize the
-logic operators slightly.
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
-Also see
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
-https://bugzilla.redhat.com/show_bug.cgi?id=1595985
-This is CVE-2018-14404.
-Thanks to Guy Inbar for the report.
----
- xpath.c | 10 ++++------
- 1 file changed, 4 insertions(+), 6 deletions(-)
-diff --git a/xpath.c b/xpath.c
-index 3fae0bf..5e3bb9f 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -13234,9 +13234,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- 		return(0);
- 	    }
-             xmlXPathBooleanFunction(ctxt, 1);
--            arg1 = valuePop(ctxt);
--            arg1->boolval &= arg2->boolval;
--            valuePush(ctxt, arg1);
-+            if (ctxt->value != NULL)
-+                ctxt->value->boolval &= arg2->boolval;
- 	    xmlXPathReleaseObject(ctxt->context, arg2);
-             return (total);
-         case XPATH_OP_OR:
-@@ -13252,9 +13251,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- 		return(0);
- 	    }
-             xmlXPathBooleanFunction(ctxt, 1);
--            arg1 = valuePop(ctxt);
--            arg1->boolval |= arg2->boolval;
--            valuePush(ctxt, arg1);
-+            if (ctxt->value != NULL)
-+                ctxt->value->boolval |= arg2->boolval;
- 	    xmlXPathReleaseObject(ctxt->context, arg2);
-             return (total);
-         case XPATH_OP_EQUAL:
---
-2.17.1

data/patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch DELETED Viewed

@@ -1,50 +0,0 @@
-From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 13:14:11 +0200
-Subject: [PATCH] Fix infinite loop in LZMA decompression
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Check the liblzma error code more thoroughly to avoid infinite loops.
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
-Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
-This is CVE-2018-9251 and CVE-2018-14567.
-Thanks to Dongliang Mu and Simon Wörner for the reports.
----
- xzlib.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-diff --git a/xzlib.c b/xzlib.c
-index a839169..0ba88cf 100644
---- a/xzlib.c
-+++ b/xzlib.c
-@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
-                          "internal error: inflate stream corrupt");
-                 return -1;
-             }
-+            /*
-+             * FIXME: Remapping a couple of error codes and falling through
-+             * to the LZMA error handling looks fragile.
-+             */
-             if (ret == Z_MEM_ERROR)
-                 ret = LZMA_MEM_ERROR;
-             if (ret == Z_DATA_ERROR)
-@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
-             xz_error(state, LZMA_PROG_ERROR, "compression error");
-             return -1;
-         }
-+        if ((state->how != GZIP) &&
-+            (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
-+            xz_error(state, ret, "lzma error");
-+            return -1;
-+        }
-     } while (strm->avail_out && ret != LZMA_STREAM_END);
-     /* update available output and crc check value */
---
-2.17.1

data/patches/sort-patches-by-date DELETED Viewed

@@ -1,25 +0,0 @@
-#! /usr/bin/env ruby
-require "date"
-dir = ARGV[0] || raise("ERROR: arg1 must be dir")
-Dir.chdir dir
-files_and_times = {}
-Dir["*.patch"].sort.each do |filename|
-  dateline = `cat #{filename} | grep "Date:"`
-  datestr = dateline.split("Date:").last.strip
-  time = DateTime.parse datestr
-  files_and_times[filename] = time
-end
-count = 0
-files_and_times.sort_by {|k,v| v}.each do |filename, time|
-  count += 1
-  _, patch_name = filename.split("-", 2)
-  new_filename = sprintf("%4.4d-%s", count, patch_name)
-  printf "mv -f %s %s # %s\n", filename, new_filename, time
-end
-STDERR.print "\n**\n** REMEMBER TO UPDATE THE Manifest.txt FILE\n**\n"

data/ports/archives/libxml2-2.9.8.tar.gz DELETED Viewed

Binary file

data/ports/archives/libxslt-1.1.32.tar.gz DELETED Viewed

Binary file

data/suppressions/README.txt DELETED Viewed

	@@ -1 +0,0 @@
1	- This directory contains valgrind suppression files generated by the hoe-debugging gem.

data/suppressions/nokogiri_ruby-2.supp DELETED Viewed

@@ -1,10 +0,0 @@
-{
-   <insert_a_suppression_name_here>
-   Memcheck:Free
-   fun:free
-   fun:__libc_freeres
-   fun:_vgnU_freeres
-   fun:__run_exit_handlers
-   fun:exit
-   fun:(below main)
-}

data/tasks/test.rb DELETED Viewed

@@ -1,100 +0,0 @@
-namespace :test do
-  desc "run test suite with aggressive GC"
-  task :gc => :build do
-    ENV['NOKOGIRI_GC'] = "true"
-    Rake::Task["test"].invoke
-  end
-  task :installed do
-    ENV['RUBY_FLAGS'] = "-w -Itest:."
-    sh 'rake test'
-  end
-  desc "find call-seq in the rdoc"
-  task :rdoc_call_seq => 'docs' do
-    Dir['doc/**/*.html'].each { |docfile|
-      next if docfile =~ /\.src/
-      puts "FAIL: #{docfile}" if File.read(docfile) =~ /call-seq/
-    }
-  end
-  desc "find all undocumented things"
-  task :rdoc => 'docs' do
-    base = File.expand_path(File.join(File.dirname(__FILE__), '..', 'doc'))
-    require 'test/unit'
-    test = Class.new(Test::Unit::TestCase)
-    Dir["#{base}/**/*.html"].each { |docfile|
-      test.class_eval(<<-eotest)
-        def test_#{docfile.sub("#{base}/", '').gsub(/[\/\.-]/, '_')}
-          assert_no_match(
-            /Not documented/,
-            File.read('#{docfile}'),
-            '#{docfile} has undocumented things'
-          )
-        end
-      eotest
-    }
-  end
-  desc "Test against multiple versions of libxml2 (MULTIXML2_DIR=directory)"
-  task :multixml2 do
-    MULTI_XML = File.join(ENV['HOME'], '.multixml2')
-    unless File.exists?(MULTI_XML)
-      %w{ versions install build }.each { |x|
-        FileUtils.mkdir_p(File.join(MULTI_XML, x))
-      }
-      Dir.chdir File.join(MULTI_XML, 'versions') do
-        require 'net/ftp'
-        puts "Contacting xmlsoft.org ..."
-        ftp = Net::FTP.new('xmlsoft.org')
-        ftp.login('anonymous', 'anonymous')
-        ftp.chdir('libxml2')
-        ftp.list('libxml2-2.*.tar.gz').each do |x|
-          file = x[/[^\s]*$/]
-          puts "Downloading #{file}"
-          ftp.getbinaryfile(file)
-        end
-      end
-    end
-    # Build any libxml2 versions in $HOME/.multixml2/versions that
-    # haven't been built yet
-    Dir[File.join(MULTI_XML, 'versions','*.tar.gz')].each do |f|
-      filename = File.basename(f, '.tar.gz')
-      install_dir = File.join(MULTI_XML, 'install', filename)
-      next if File.exists?(install_dir)
-      Dir.chdir File.join(MULTI_XML, 'versions') do
-        system "tar zxvf #{f} -C #{File.join(MULTI_XML, 'build')}"
-      end
-      Dir.chdir File.join(MULTI_XML, 'build', filename) do
-        system "./configure --without-http --prefix=#{install_dir}"
-        system "make && make install"
-      end
-    end
-    test_results = {}
-    libxslt = Dir[File.join(MULTI_XML, 'install', 'libxslt*')].first
-    directories = ENV['MULTIXML2_DIR'] ? [ENV['MULTIXML2_DIR']] : Dir[File.join(MULTI_XML, 'install', '*')]
-    directories.sort.reverse_each do |xml2_version|
-      next unless xml2_version =~ /libxml2/
-      extopts = "--with-xml2-include=#{xml2_version}/include/libxml2 --with-xml2-lib=#{xml2_version}/lib --with-xslt-dir=#{libxslt} --with-iconv-dir=/usr"
-      cmd = "#{$0} clean test EXTOPTS='#{extopts}' LD_LIBRARY_PATH='#{xml2_version}/lib'"
-      version = File.basename(xml2_version)
-      result = system(cmd)
-      test_results[version] = {
-        :result => result,
-        :cmd    => cmd
-      }
-    end
-    test_results.sort_by { |k,v| k }.each do |k,v|
-      passed = v[:result]
-      puts "#{k}: #{passed ? 'PASS' : 'FAIL'}"
-      puts "repro: #{v[:cmd]}" unless passed
-    end
-  end
-end

data/test/css/test_nthiness.rb DELETED Viewed

@@ -1,226 +0,0 @@
-require "helper"
-module Nokogiri
-  module CSS
-    class TestNthiness < Nokogiri::TestCase
-      def setup
-        super
-        doc = <<EOF
-<html>
-<table>
-  <tr><td>row1 </td></tr>
-  <tr><td>row2 </td></tr>
-  <tr><td>row3 </td></tr>
-  <tr><td>row4 </td></tr>
-  <tr><td>row5 </td></tr>
-  <tr><td>row6 </td></tr>
-  <tr><td>row7 </td></tr>
-  <tr><td>row8 </td></tr>
-  <tr><td>row9 </td></tr>
-  <tr><td>row10 </td></tr>
-  <tr><td>row11 </td></tr>
-  <tr><td>row12 </td></tr>
-  <tr><td>row13 </td></tr>
-  <tr><td>row14 </td></tr>
-</table>
-<div>
-  <b>bold1 </b>
-  <i>italic1 </i>
-  <b class="a">bold2 </b>
-  <em class="a">emphasis1 </em>
-  <i>italic2 </i>
-  <p>para1 </p>
-  <b class="a">bold3 </b>
-</div>
-<div>
-  <i class="b">italic3 </i>
-  <em>emphasis2 </em>
-  <i class="b">italic4 </i>
-  <em>emphasis3 </em>
-  <i class="c">italic5 </i>
-  <span><i class="b">italic6 </i></span>
-  <i>italic7 </i>
-</div>
-<div>
-  <p>para2 </p>
-  <p>para3 </p>
-</div>
-<div>
-  <p>para4 </p>
-</div>
-<div>
-  <h2></h2>
-  <h1 class='c'>header1 </h1>
-  <h2></h2>
-</div>
-<div>
-  <h1 class='c'>header2 </h1>
-  <h1 class='c'>header3 </h1>
-</div>
-<div>
-  <h1 class='c'>header4</h1>
-</div>
-<p class='empty'></p>
-<p class='not-empty'><b></b></p>
-</html>
-EOF
-        @parser = Nokogiri.HTML doc
-      end
-      def test_even
-        assert_result_rows [2,4,6,8,10,12,14], @parser.search("table//tr:nth(even)")
-      end
-      def test_odd
-        assert_result_rows [1,3,5,7,9,11,13], @parser.search("table//tr:nth(odd)")
-      end
-      def test_n
-        assert_result_rows((1..14).to_a, @parser.search("table//tr:nth(n)"))
-      end
-      def test_2n
-        assert_equal @parser.search("table//tr:nth(even)").inner_text, @parser.search("table//tr:nth(2n)").inner_text
-      end
-      def test_2np1
-        assert_equal @parser.search("table//tr:nth(odd)").inner_text, @parser.search("table//tr:nth(2n+1)").inner_text
-      end
-      def test_4np3
-        assert_result_rows [3,7,11], @parser.search("table//tr:nth(4n+3)")
-      end
-      def test_3np4
-        assert_result_rows [4,7,10,13], @parser.search("table//tr:nth(3n+4)")
-      end
-      def test_mnp3
-        assert_result_rows [1,2,3], @parser.search("table//tr:nth(-n+3)")
-      end
-      def test_4nm1
-        assert_result_rows [3,7,11], @parser.search("table//tr:nth(4n-1)")
-      end
-      def test_np3
-        assert_result_rows [3,4,5,6,7,8,9,10,11,12,13,14], @parser.search("table//tr:nth(n+3)")
-      end
-      def test_first
-        assert_result_rows [1], @parser.search("table//tr:first")
-        assert_result_rows [1], @parser.search("table//tr:first()")
-      end
-      def test_last
-        assert_result_rows [14], @parser.search("table//tr:last")
-        assert_result_rows [14], @parser.search("table//tr:last()")
-      end
-      def test_first_child
-        assert_result_rows [1], @parser.search("div/b:first-child"), "bold"
-        assert_result_rows [1], @parser.search("table//tr:first-child")
-        assert_result_rows [2,4],  @parser.search("div/h1.c:first-child"), "header"
-      end
-      def test_last_child
-        assert_result_rows [3], @parser.search("div/b:last-child"), "bold"
-        assert_result_rows [14], @parser.search("table//tr:last-child")
-        assert_result_rows [3,4], @parser.search("div/h1.c:last-child"), "header"
-      end
-      def test_nth_child
-        assert_result_rows [2], @parser.search("div/b:nth-child(3)"), "bold"
-        assert_result_rows [5], @parser.search("table//tr:nth-child(5)")
-        assert_result_rows [1,3], @parser.search("div/h1.c:nth-child(2)"), "header"
-        assert_result_rows [3,4], @parser.search("div/i.b:nth-child(2n+1)"), "italic"
-      end
-      def test_first_of_type
-        assert_result_rows [1], @parser.search("table//tr:first-of-type")
-        assert_result_rows [1], @parser.search("div/b:first-of-type"), "bold"
-        assert_result_rows [2], @parser.search("div/b.a:first-of-type"), "bold"
-        assert_result_rows [3], @parser.search("div/i.b:first-of-type"), "italic"
-      end
-      def test_last_of_type
-        assert_result_rows [14], @parser.search("table//tr:last-of-type")
-        assert_result_rows [3], @parser.search("div/b:last-of-type"), "bold"
-        assert_result_rows [2,7], @parser.search("div/i:last-of-type"), "italic"
-        assert_result_rows [2,6,7], @parser.search("div i:last-of-type"), "italic"
-        assert_result_rows [4], @parser.search("div/i.b:last-of-type"), "italic"
-      end
-      def test_nth_of_type
-        assert_result_rows [1], @parser.search("div/b:nth-of-type(1)"), "bold"
-        assert_result_rows [2], @parser.search("div/b:nth-of-type(2)"), "bold"
-        assert_result_rows [2], @parser.search("div/.a:nth-of-type(1)"), "bold"
-        assert_result_rows [2,4,7], @parser.search("div i:nth-of-type(2n)"), "italic"
-        assert_result_rows [1,3,5,6], @parser.search("div i:nth-of-type(2n+1)"), "italic"
-        assert_result_rows [1], @parser.search("div .a:nth-of-type(2n)"), "emphasis"
-        assert_result_rows [2,3], @parser.search("div .a:nth-of-type(2n+1)"), "bold"
-      end
-      def test_nth_last_of_type
-        assert_result_rows [14], @parser.search("table//tr:nth-last-of-type(1)")
-        assert_result_rows [12], @parser.search("table//tr:nth-last-of-type(3)")
-        assert_result_rows [2,6,7], @parser.search("div i:nth-last-of-type(1)"), "italic"
-        assert_result_rows [1,5], @parser.search("div i:nth-last-of-type(2)"), "italic"
-        assert_result_rows [4], @parser.search("div/i.b:nth-last-of-type(1)"), "italic"
-        assert_result_rows [3], @parser.search("div/i.b:nth-last-of-type(2)"), "italic"
-      end
-      def test_only_of_type
-        assert_result_rows [1,4], @parser.search("div/p:only-of-type"), "para"
-        assert_result_rows [5], @parser.search("div/i.c:only-of-type"), "italic"
-      end
-      def test_only_child
-        assert_result_rows [4], @parser.search("div/p:only-child"), "para"
-        assert_result_rows [4], @parser.search("div/h1.c:only-child"), "header"
-      end
-      def test_empty
-        result = @parser.search("p:empty")
-        assert_equal 1, result.size, "unexpected number of rows returned: '#{result.inner_text}'"
-        assert_equal 'empty', result.first['class']
-      end
-      def test_parent
-        result = @parser.search("p:parent")
-        assert_equal 5, result.size
-        0.upto(3) do |j|
-          assert_equal "para#{j+1} ", result[j].inner_text
-        end
-        assert_equal "not-empty", result[4]['class']
-      end
-      def test_siblings
-        doc = <<-EOF
-<html><body><div>
-<p id="1">p1 </p>
-<p id="2">p2 </p>
-<p id="3">p3 </p>
-<p id="4">p4 </p>
-<p id="5">p5 </p>
-EOF
-        parser = Nokogiri.HTML doc
-        assert_equal 2, parser.search("#3 ~ p").size
-        assert_equal "p4 p5 ", parser.search("#3 ~ p").inner_text
-        assert_equal 0, parser.search("#5 ~ p").size
-        assert_equal 1, parser.search("#3 + p").size
-        assert_equal "p4 ", parser.search("#3 + p").inner_text
-        assert_equal 0, parser.search("#5 + p").size
-      end
-      def assert_result_rows intarray, result, word="row"
-        assert_equal intarray.size, result.size, "unexpected number of rows returned: '#{result.inner_text}'"
-        assert_equal intarray.map{|j| "#{word}#{j}"}.join(' '), result.inner_text.strip, result.inner_text
-      end
-    end
-  end
-end