RubyGems - nokogiri - Versions diffs - 1.9.1 → 1.15.3 - Mend

nokogiri 1.9.1 → 1.15.3

Potentially problematic release.

This version of nokogiri might be problematic. Click here for more details.

Files changed (226) hide show

checksums.yaml +4 -4
data/Gemfile +45 -0
data/LICENSE-DEPENDENCIES.md +1636 -1024
data/LICENSE.md +5 -28
data/README.md +203 -89
data/bin/nokogiri +63 -50
data/dependencies.yml +33 -61
data/ext/nokogiri/depend +38 -358
data/ext/nokogiri/extconf.rb +864 -418
data/ext/nokogiri/gumbo.c +594 -0
data/ext/nokogiri/html4_document.c +165 -0
data/ext/nokogiri/html4_element_description.c +299 -0
data/ext/nokogiri/html4_entity_lookup.c +37 -0
data/ext/nokogiri/html4_sax_parser_context.c +108 -0
data/ext/nokogiri/html4_sax_push_parser.c +95 -0
data/ext/nokogiri/libxml2_backwards_compat.c +121 -0
data/ext/nokogiri/nokogiri.c +251 -105
data/ext/nokogiri/nokogiri.h +215 -90
data/ext/nokogiri/test_global_handlers.c +40 -0
data/ext/nokogiri/xml_attr.c +17 -17
data/ext/nokogiri/xml_attribute_decl.c +22 -22
data/ext/nokogiri/xml_cdata.c +40 -31
data/ext/nokogiri/xml_comment.c +20 -27
data/ext/nokogiri/xml_document.c +401 -240
data/ext/nokogiri/xml_document_fragment.c +13 -17
data/ext/nokogiri/xml_dtd.c +64 -58
data/ext/nokogiri/xml_element_content.c +63 -55
data/ext/nokogiri/xml_element_decl.c +31 -31
data/ext/nokogiri/xml_encoding_handler.c +54 -21
data/ext/nokogiri/xml_entity_decl.c +37 -35
data/ext/nokogiri/xml_entity_reference.c +17 -19
data/ext/nokogiri/xml_namespace.c +135 -61
data/ext/nokogiri/xml_node.c +1346 -677
data/ext/nokogiri/xml_node_set.c +246 -216
data/ext/nokogiri/xml_processing_instruction.c +18 -20
data/ext/nokogiri/xml_reader.c +347 -212
data/ext/nokogiri/xml_relax_ng.c +86 -77
data/ext/nokogiri/xml_sax_parser.c +149 -124
data/ext/nokogiri/xml_sax_parser_context.c +145 -103
data/ext/nokogiri/xml_sax_push_parser.c +64 -36
data/ext/nokogiri/xml_schema.c +138 -81
data/ext/nokogiri/xml_syntax_error.c +42 -21
data/ext/nokogiri/xml_text.c +36 -26
data/ext/nokogiri/xml_xpath_context.c +366 -178
data/ext/nokogiri/xslt_stylesheet.c +335 -189
data/gumbo-parser/CHANGES.md +63 -0
data/gumbo-parser/Makefile +111 -0
data/gumbo-parser/THANKS +27 -0
data/gumbo-parser/src/Makefile +34 -0
data/gumbo-parser/src/README.md +41 -0
data/gumbo-parser/src/ascii.c +75 -0
data/gumbo-parser/src/ascii.h +115 -0
data/gumbo-parser/src/attribute.c +42 -0
data/gumbo-parser/src/attribute.h +17 -0
data/gumbo-parser/src/char_ref.c +22225 -0
data/gumbo-parser/src/char_ref.h +29 -0
data/gumbo-parser/src/char_ref.rl +2154 -0
data/gumbo-parser/src/error.c +630 -0
data/gumbo-parser/src/error.h +148 -0
data/gumbo-parser/src/foreign_attrs.c +103 -0
data/gumbo-parser/src/foreign_attrs.gperf +27 -0
data/gumbo-parser/src/insertion_mode.h +33 -0
data/gumbo-parser/src/macros.h +91 -0
data/gumbo-parser/src/nokogiri_gumbo.h +944 -0
data/gumbo-parser/src/parser.c +4891 -0
data/gumbo-parser/src/parser.h +41 -0
data/gumbo-parser/src/replacement.h +33 -0
data/gumbo-parser/src/string_buffer.c +103 -0
data/gumbo-parser/src/string_buffer.h +68 -0
data/gumbo-parser/src/string_piece.c +48 -0
data/gumbo-parser/src/svg_attrs.c +174 -0
data/gumbo-parser/src/svg_attrs.gperf +77 -0
data/gumbo-parser/src/svg_tags.c +137 -0
data/gumbo-parser/src/svg_tags.gperf +55 -0
data/gumbo-parser/src/tag.c +223 -0
data/gumbo-parser/src/tag_lookup.c +382 -0
data/gumbo-parser/src/tag_lookup.gperf +170 -0
data/gumbo-parser/src/tag_lookup.h +13 -0
data/gumbo-parser/src/token_buffer.c +79 -0
data/gumbo-parser/src/token_buffer.h +71 -0
data/gumbo-parser/src/token_type.h +17 -0
data/gumbo-parser/src/tokenizer.c +3463 -0
data/gumbo-parser/src/tokenizer.h +112 -0
data/gumbo-parser/src/tokenizer_states.h +339 -0
data/gumbo-parser/src/utf8.c +245 -0
data/gumbo-parser/src/utf8.h +164 -0
data/gumbo-parser/src/util.c +66 -0
data/gumbo-parser/src/util.h +34 -0
data/gumbo-parser/src/vector.c +111 -0
data/gumbo-parser/src/vector.h +45 -0
data/lib/nokogiri/class_resolver.rb +67 -0
data/lib/nokogiri/css/node.rb +10 -8
data/lib/nokogiri/css/parser.rb +397 -377
data/lib/nokogiri/css/parser.y +250 -245
data/lib/nokogiri/css/parser_extras.rb +54 -49
data/lib/nokogiri/css/syntax_error.rb +3 -1
data/lib/nokogiri/css/tokenizer.rb +107 -104
data/lib/nokogiri/css/tokenizer.rex +3 -2
data/lib/nokogiri/css/xpath_visitor.rb +224 -95
data/lib/nokogiri/css.rb +56 -17
data/lib/nokogiri/decorators/slop.rb +9 -7
data/lib/nokogiri/encoding_handler.rb +57 -0
data/lib/nokogiri/extension.rb +32 -0
data/lib/nokogiri/gumbo.rb +15 -0
data/lib/nokogiri/html.rb +38 -27
data/lib/nokogiri/{html → html4}/builder.rb +4 -2
data/lib/nokogiri/html4/document.rb +214 -0
data/lib/nokogiri/html4/document_fragment.rb +54 -0
data/lib/nokogiri/{html → html4}/element_description.rb +3 -1
data/lib/nokogiri/html4/element_description_defaults.rb +2040 -0
data/lib/nokogiri/html4/encoding_reader.rb +121 -0
data/lib/nokogiri/{html → html4}/entity_lookup.rb +4 -2
data/lib/nokogiri/{html → html4}/sax/parser.rb +17 -16
data/lib/nokogiri/html4/sax/parser_context.rb +20 -0
data/lib/nokogiri/{html → html4}/sax/push_parser.rb +12 -11
data/lib/nokogiri/html4.rb +47 -0
data/lib/nokogiri/html5/document.rb +168 -0
data/lib/nokogiri/html5/document_fragment.rb +90 -0
data/lib/nokogiri/html5/node.rb +103 -0
data/lib/nokogiri/html5.rb +392 -0
data/lib/nokogiri/jruby/dependencies.rb +3 -0
data/lib/nokogiri/jruby/nokogiri_jars.rb +43 -0
data/lib/nokogiri/syntax_error.rb +2 -0
data/lib/nokogiri/version/constant.rb +6 -0
data/lib/nokogiri/version/info.rb +223 -0
data/lib/nokogiri/version.rb +3 -108
data/lib/nokogiri/xml/attr.rb +55 -3
data/lib/nokogiri/xml/attribute_decl.rb +6 -2
data/lib/nokogiri/xml/builder.rb +98 -54
data/lib/nokogiri/xml/cdata.rb +3 -1
data/lib/nokogiri/xml/character_data.rb +2 -0
data/lib/nokogiri/xml/document.rb +312 -126
data/lib/nokogiri/xml/document_fragment.rb +93 -48
data/lib/nokogiri/xml/dtd.rb +4 -2
data/lib/nokogiri/xml/element_content.rb +12 -2
data/lib/nokogiri/xml/element_decl.rb +6 -2
data/lib/nokogiri/xml/entity_decl.rb +7 -3
data/lib/nokogiri/xml/entity_reference.rb +2 -0
data/lib/nokogiri/xml/namespace.rb +45 -0
data/lib/nokogiri/xml/node/save_options.rb +23 -8
data/lib/nokogiri/xml/node.rb +1088 -418
data/lib/nokogiri/xml/node_set.rb +173 -63
data/lib/nokogiri/xml/notation.rb +13 -0
data/lib/nokogiri/xml/parse_options.rb +145 -52
data/lib/nokogiri/xml/pp/character_data.rb +9 -6
data/lib/nokogiri/xml/pp/node.rb +42 -30
data/lib/nokogiri/xml/pp.rb +4 -2
data/lib/nokogiri/xml/processing_instruction.rb +4 -1
data/lib/nokogiri/xml/reader.rb +21 -28
data/lib/nokogiri/xml/relax_ng.rb +8 -2
data/lib/nokogiri/xml/sax/document.rb +45 -49
data/lib/nokogiri/xml/sax/parser.rb +39 -36
data/lib/nokogiri/xml/sax/parser_context.rb +8 -3
data/lib/nokogiri/xml/sax/push_parser.rb +6 -5
data/lib/nokogiri/xml/sax.rb +6 -4
data/lib/nokogiri/xml/schema.rb +19 -9
data/lib/nokogiri/xml/searchable.rb +120 -72
data/lib/nokogiri/xml/syntax_error.rb +6 -4
data/lib/nokogiri/xml/text.rb +2 -0
data/lib/nokogiri/xml/xpath/syntax_error.rb +4 -2
data/lib/nokogiri/xml/xpath.rb +15 -4
data/lib/nokogiri/xml/xpath_context.rb +3 -3
data/lib/nokogiri/xml.rb +38 -37
data/lib/nokogiri/xslt/stylesheet.rb +3 -1
data/lib/nokogiri/xslt.rb +101 -22
data/lib/nokogiri.rb +59 -75
data/lib/xsd/xmlparser/nokogiri.rb +29 -25
data/patches/libxml2/0001-Remove-script-macro-support.patch +40 -0
data/patches/libxml2/0002-Update-entities-to-remove-handling-of-ssi.patch +44 -0
data/patches/libxml2/0003-libxml2.la-is-in-top_builddir.patch +25 -0
data/patches/libxml2/0009-allow-wildcard-namespaces.patch +77 -0
data/patches/libxml2/0010-update-config.guess-and-config.sub-for-libxml2.patch +224 -0
data/patches/libxml2/0011-rip-out-libxml2-s-libc_single_threaded-support.patch +30 -0
data/patches/libxslt/0001-update-config.guess-and-config.sub-for-libxslt.patch +224 -0
data/ports/archives/libxml2-2.11.4.tar.xz +0 -0
data/ports/archives/libxslt-1.1.38.tar.xz +0 -0
metadata +128 -265
data/ext/nokogiri/html_document.c +0 -170
data/ext/nokogiri/html_document.h +0 -10
data/ext/nokogiri/html_element_description.c +0 -279
data/ext/nokogiri/html_element_description.h +0 -10
data/ext/nokogiri/html_entity_lookup.c +0 -32
data/ext/nokogiri/html_entity_lookup.h +0 -8
data/ext/nokogiri/html_sax_parser_context.c +0 -116
data/ext/nokogiri/html_sax_parser_context.h +0 -11
data/ext/nokogiri/html_sax_push_parser.c +0 -87
data/ext/nokogiri/html_sax_push_parser.h +0 -9
data/ext/nokogiri/xml_attr.h +0 -9
data/ext/nokogiri/xml_attribute_decl.h +0 -9
data/ext/nokogiri/xml_cdata.h +0 -9
data/ext/nokogiri/xml_comment.h +0 -9
data/ext/nokogiri/xml_document.h +0 -23
data/ext/nokogiri/xml_document_fragment.h +0 -10
data/ext/nokogiri/xml_dtd.h +0 -10
data/ext/nokogiri/xml_element_content.h +0 -10
data/ext/nokogiri/xml_element_decl.h +0 -9
data/ext/nokogiri/xml_encoding_handler.h +0 -8
data/ext/nokogiri/xml_entity_decl.h +0 -10
data/ext/nokogiri/xml_entity_reference.h +0 -9
data/ext/nokogiri/xml_io.c +0 -61
data/ext/nokogiri/xml_io.h +0 -11
data/ext/nokogiri/xml_libxml2_hacks.c +0 -112
data/ext/nokogiri/xml_libxml2_hacks.h +0 -12
data/ext/nokogiri/xml_namespace.h +0 -14
data/ext/nokogiri/xml_node.h +0 -13
data/ext/nokogiri/xml_node_set.h +0 -12
data/ext/nokogiri/xml_processing_instruction.h +0 -9
data/ext/nokogiri/xml_reader.h +0 -10
data/ext/nokogiri/xml_relax_ng.h +0 -9
data/ext/nokogiri/xml_sax_parser.h +0 -39
data/ext/nokogiri/xml_sax_parser_context.h +0 -10
data/ext/nokogiri/xml_sax_push_parser.h +0 -9
data/ext/nokogiri/xml_schema.h +0 -9
data/ext/nokogiri/xml_syntax_error.h +0 -13
data/ext/nokogiri/xml_text.h +0 -9
data/ext/nokogiri/xml_xpath_context.h +0 -10
data/ext/nokogiri/xslt_stylesheet.h +0 -14
data/lib/nokogiri/html/document.rb +0 -335
data/lib/nokogiri/html/document_fragment.rb +0 -49
data/lib/nokogiri/html/element_description_defaults.rb +0 -671
data/lib/nokogiri/html/sax/parser_context.rb +0 -16
data/patches/libxml2/0001-Revert-Do-not-URI-escape-in-server-side-includes.patch +0 -78
data/patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch +0 -54
data/patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch +0 -50
data/ports/archives/libxml2-2.9.8.tar.gz +0 -0
data/ports/archives/libxslt-1.1.32.tar.gz +0 -0

data/patches/libxml2/0001-Revert-Do-not-URI-escape-in-server-side-includes.patch DELETED Viewed

@@ -1,78 +0,0 @@
-From c5538465c08a8ea248a370bf55bc39cd3385e4af Mon Sep 17 00:00:00 2001
-From: Mike Dalessio <mike.dalessio@gmail.com>
-Date: Thu, 29 Mar 2018 14:09:00 -0400
-Subject: [PATCH] Revert "Do not URI escape in server side includes"
-This reverts commit 960f0e275616cadc29671a218d7fb9b69eb35588.
----
- HTMLtree.c | 49 +++++++++++--------------------------------------
- 1 file changed, 11 insertions(+), 38 deletions(-)
-diff --git a/HTMLtree.c b/HTMLtree.c
-index 2fd0c9c..67160c5 100644
---- a/HTMLtree.c
-+++ b/HTMLtree.c
-@@ -717,49 +717,22 @@ htmlAttrDumpOutput(xmlOutputBufferPtr buf, xmlDocPtr doc, xmlAttrPtr cur,
- 		 (!xmlStrcasecmp(cur->name, BAD_CAST "src")) ||
- 		 ((!xmlStrcasecmp(cur->name, BAD_CAST "name")) &&
- 		  (!xmlStrcasecmp(cur->parent->name, BAD_CAST "a"))))) {
-+		xmlChar *escaped;
- 		xmlChar *tmp = value;
--		/* xmlURIEscapeStr() escapes '"' so it can be safely used. */
--		xmlBufCCat(buf->buffer, "\"");
- 		while (IS_BLANK_CH(*tmp)) tmp++;
--		/* URI Escape everything, except server side includes. */
--		for ( ; ; ) {
--		    xmlChar *escaped;
--		    xmlChar endChar;
--		    xmlChar *end = NULL;
--		    xmlChar *start = (xmlChar *)xmlStrstr(tmp, BAD_CAST "<!--");
--		    if (start != NULL) {
--			end = (xmlChar *)xmlStrstr(tmp, BAD_CAST "-->");
--			if (end != NULL) {
--			    *start = '\0';
--			}
--		    }
--
--		    /* Escape the whole string, or until start (set to '\0'). */
--		    escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+");
--		    if (escaped != NULL) {
--		        xmlBufCat(buf->buffer, escaped);
--		        xmlFree(escaped);
--		    } else {
--		        xmlBufCat(buf->buffer, tmp);
--		    }
--
--		    if (end == NULL) { /* Everything has been written. */
--			break;
--		    }
--
--		    /* Do not escape anything within server side includes. */
--		    *start = '<'; /* Restore the first character of "<!--". */
--		    end += 3; /* strlen("-->") */
--		    endChar = *end;
--		    *end = '\0';
--		    xmlBufCat(buf->buffer, start);
--		    *end = endChar;
--		    tmp = end;
-+		/*
-+		 * the < and > have already been escaped at the entity level
-+		 * And doing so here breaks server side includes
-+		 */
-+		escaped = xmlURIEscapeStr(tmp, BAD_CAST"@/:=?;#%&,+<>");
-+		if (escaped != NULL) {
-+		    xmlBufWriteQuotedString(buf->buffer, escaped);
-+		    xmlFree(escaped);
-+		} else {
-+		    xmlBufWriteQuotedString(buf->buffer, value);
- 		}
--
--		xmlBufCCat(buf->buffer, "\"");
- 	    } else {
- 		xmlBufWriteQuotedString(buf->buffer, value);
- 	    }
---
-2.9.5

data/patches/libxml2/0002-Fix-nullptr-deref-with-XPath-logic-ops.patch DELETED Viewed

@@ -1,54 +0,0 @@
-From a436374994c47b12d5de1b8b1d191a098fa23594 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 12:54:38 +0200
-Subject: [PATCH] Fix nullptr deref with XPath logic ops
-If the XPath stack is corrupted, for example by a misbehaving extension
-function, the "and" and "or" XPath operators could dereference NULL
-pointers. Check that the XPath stack isn't empty and optimize the
-logic operators slightly.
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
-Also see
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
-https://bugzilla.redhat.com/show_bug.cgi?id=1595985
-This is CVE-2018-14404.
-Thanks to Guy Inbar for the report.
----
- xpath.c | 10 ++++------
- 1 file changed, 4 insertions(+), 6 deletions(-)
-diff --git a/xpath.c b/xpath.c
-index 3fae0bf..5e3bb9f 100644
---- a/xpath.c
-+++ b/xpath.c
-@@ -13234,9 +13234,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- 		return(0);
- 	    }
-             xmlXPathBooleanFunction(ctxt, 1);
--            arg1 = valuePop(ctxt);
--            arg1->boolval &= arg2->boolval;
--            valuePush(ctxt, arg1);
-+            if (ctxt->value != NULL)
-+                ctxt->value->boolval &= arg2->boolval;
- 	    xmlXPathReleaseObject(ctxt->context, arg2);
-             return (total);
-         case XPATH_OP_OR:
-@@ -13252,9 +13251,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
- 		return(0);
- 	    }
-             xmlXPathBooleanFunction(ctxt, 1);
--            arg1 = valuePop(ctxt);
--            arg1->boolval |= arg2->boolval;
--            valuePush(ctxt, arg1);
-+            if (ctxt->value != NULL)
-+                ctxt->value->boolval |= arg2->boolval;
- 	    xmlXPathReleaseObject(ctxt->context, arg2);
-             return (total);
-         case XPATH_OP_EQUAL:
---
-2.17.1

data/patches/libxml2/0003-Fix-infinite-loop-in-LZMA-decompression.patch DELETED Viewed

@@ -1,50 +0,0 @@
-From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Mon, 30 Jul 2018 13:14:11 +0200
-Subject: [PATCH] Fix infinite loop in LZMA decompression
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Check the liblzma error code more thoroughly to avoid infinite loops.
-Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
-Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
-This is CVE-2018-9251 and CVE-2018-14567.
-Thanks to Dongliang Mu and Simon Wörner for the reports.
----
- xzlib.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-diff --git a/xzlib.c b/xzlib.c
-index a839169..0ba88cf 100644
---- a/xzlib.c
-+++ b/xzlib.c
-@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
-                          "internal error: inflate stream corrupt");
-                 return -1;
-             }
-+            /*
-+             * FIXME: Remapping a couple of error codes and falling through
-+             * to the LZMA error handling looks fragile.
-+             */
-             if (ret == Z_MEM_ERROR)
-                 ret = LZMA_MEM_ERROR;
-             if (ret == Z_DATA_ERROR)
-@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
-             xz_error(state, LZMA_PROG_ERROR, "compression error");
-             return -1;
-         }
-+        if ((state->how != GZIP) &&
-+            (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
-+            xz_error(state, ret, "lzma error");
-+            return -1;
-+        }
-     } while (strm->avail_out && ret != LZMA_STREAM_END);
-     /* update available output and crc check value */
---
-2.17.1

data/ports/archives/libxml2-2.9.8.tar.gz DELETED Viewed

Binary file

data/ports/archives/libxslt-1.1.32.tar.gz DELETED Viewed

Binary file