Merge pull request #438 from libexpat/travis-update-clang

xmlparse.c: Reject missing call to XML_GetBuffer in XML_ParseBuffer

.travis.sh

@@ -36,7 +36,7 @@ if [[ ${TRAVIS_OS_NAME} = osx ]]; then
     export PATH="/usr/local/opt/coreutils/libexec/gnubin${PATH:+:}${PATH}"
     export PATH="/usr/local/opt/findutils/libexec/gnubin${PATH:+:}${PATH}"
 elif [[ ${TRAVIS_OS_NAME} = linux ]]; then
-    export PATH="/usr/lib/llvm-9/bin:${PATH}"
+    export PATH="/usr/lib/llvm-11/bin:${PATH}"
 fi
 
 echo "New \${PATH}:"

.travis.yml

@@ -4,7 +4,7 @@
 language: cpp
 os:
   - linux
-dist: trusty
+dist: bionic
 
 git:
   depth: 50
@@ -57,11 +57,14 @@ addons:
     brewfile: true
   apt:
     sources:
-      - llvm-toolchain-trusty
+      - sourceline: "deb https://apt.llvm.org/bionic/ llvm-toolchain-bionic-11 main"
+        key_url: "https://apt.llvm.org/llvm-snapshot.gpg.key"
       - ubuntu-toolchain-r-test
     packages:
-      - clang-9
-      - clang-format-9
+      # NOTE: Please note the version-specific ${PATH} extension for clang in .travis.sh
+      - clang-11
+      - clang-format-11
+      - llvm-11
       - cmake
       - cppcheck
       - docbook2x
@@ -71,7 +74,8 @@ addons:
       - lzip
       - mingw-w64
       - moreutils
-      - wine
+      - wine-stable
+      - wine32
 
 script:
   - ./.travis.sh

expat/Changes

@@ -3,6 +3,14 @@ NOTE: We are looking for help with a few things:
       If you can help, please get in touch.  Thanks!
 
 Release x.x.xx xxx xxxxxxx xx xxxx
+        Bug fixes:
+            #438  When calling XML_ParseBuffer without a prior successful call to
+                  XML_GetBuffer as a user, no longer trigger undefined behavior
+                  (by adding an integer to a NULL pointer) but rather return
+                  XML_STATUS_ERROR and set the error code to (new) code
+                  XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer)
+                  of Clang 11 (but not Clang 9).
+
         Other changes:
             #422  Windows: Drop support for Visual Studio <=11.0/2012
        #382 #428  testrunner: Make verbose mode (argument "-v") report
@@ -11,6 +19,8 @@ Release x.x.xx xxx xxxxxxx xx xxxx
 
         Special thanks to:
             Oleksandr Popovych
+                 and
+            Clang 11 UBSan and the Clang team
 
 
 Release 2.2.10 Sat October 3 2020

expat/apply-clang-format.sh

@@ -32,6 +32,8 @@ set -e
 set -u
 set -o pipefail
 
+clang-format --version
+
 expand --tabs=2 --initial lib/siphash.h | sponge lib/siphash.h
 
 find \

expat/lib/expat.h

@@ -115,7 +115,9 @@ enum XML_Error {
   XML_ERROR_RESERVED_PREFIX_XMLNS,
   XML_ERROR_RESERVED_NAMESPACE_URI,
   /* Added in 2.2.1. */
-  XML_ERROR_INVALID_ARGUMENT
+  XML_ERROR_INVALID_ARGUMENT,
+  /* Added in 2.2.11. */
+  XML_ERROR_NO_BUFFER
 };
 
 enum XML_Content_Type {

expat/lib/xmlparse.c

@@ -1883,6 +1883,12 @@ XML_ParseBuffer(XML_Parser parser, int len, int isFinal) {
     parser->m_errorCode = XML_ERROR_FINISHED;
     return XML_STATUS_ERROR;
   case XML_INITIALIZED:
+    /* Has someone called XML_GetBuffer successfully before? */
+    if (! parser->m_bufferPtr) {
+      parser->m_errorCode = XML_ERROR_NO_BUFFER;
+      return XML_STATUS_ERROR;
+    }
+
     if (parser->m_parentParser == NULL && ! startParsing(parser)) {
       parser->m_errorCode = XML_ERROR_NO_MEMORY;
       return XML_STATUS_ERROR;
@@ -2327,6 +2333,10 @@ XML_ErrorString(enum XML_Error code) {
   /* Added in 2.2.5. */
   case XML_ERROR_INVALID_ARGUMENT: /* Constant added in 2.2.1, already */
     return XML_L("invalid argument");
+    /* Added in 2.2.11. */
+  case XML_ERROR_NO_BUFFER:
+    return XML_L(
+        "a successful prior call to function XML_GetBuffer is required");
   }
   return NULL;
 }

expat/qa.sh

@@ -126,12 +126,13 @@ run_tests() {
     esac
 
     if [[ ${CC} =~ mingw ]]; then
-        # NOTE: Filenames are hardcoded for Travis Ubuntu trusty, as of now
+        # NOTE: Filenames are hardcoded for Travis' Ubuntu Bionic, as of now
         for i in tests xmlwf ; do
+            mingw32_dir="$(ls -1d /usr/lib/gcc/i686-w64-mingw32/* | head -n1)"
             RUN ln -s \
                     /usr/i686-w64-mingw32/lib/libwinpthread-1.dll \
-                    /usr/lib/gcc/i686-w64-mingw32/*/libgcc_s_sjlj-1.dll \
-                    /usr/lib/gcc/i686-w64-mingw32/*/libstdc++-6.dll \
+                    "${mingw32_dir}"/libgcc_s_sjlj-1.dll \
+                    "${mingw32_dir}"/libstdc++-6.dll \
                     "$PWD"/libexpat{,w}.dll \
                     ${i}/
         done

expat/tests/runtests.c

@@ -9833,6 +9833,15 @@ START_TEST(test_nsalloc_parse_buffer) {
 
   /* Try a parse before the start of the world */
   /* (Exercises new code path) */
+  if (XML_ParseBuffer(g_parser, 0, XML_FALSE) != XML_STATUS_ERROR)
+    fail("Pre-init XML_ParseBuffer not faulted");
+  if (XML_GetErrorCode(g_parser) != XML_ERROR_NO_BUFFER)
+    fail("Pre-init XML_ParseBuffer faulted for wrong reason");
+
+  buffer = XML_GetBuffer(g_parser, 1 /* any small number greater than 0 */);
+  if (buffer == NULL)
+    fail("Could not acquire parse buffer");
+
   allocation_count = 0;
   if (XML_ParseBuffer(g_parser, 0, XML_FALSE) != XML_STATUS_ERROR)
     fail("Pre-init XML_ParseBuffer not faulted");