Merge pull request #470 from libexpat/issue-332-drop-clang-asan-plus-min-size-workaround

[XML_MIN_SIZE only] Fix segfault with UTF-16 CDATA (fixes #332)
2025-04-13 08:02:56 +00:00 · 2021-04-30 05:25:17 +02:00 · 2021-04-30 05:25:17 +02:00 · af6bb52c7d
commit af6bb52c7d
parent 444af3db23 ed36812db2
4 changed files with 21 additions and 15 deletions
--- a/expat/Changes
+++ b/expat/Changes
@ -3,12 +3,20 @@ NOTE: We are looking for help with a few things:
      If you can help, please get in touch.  Thanks!

 Release X.X.X XXX XXXXX XX XXXX
+        Bug fixes:
+       #332 #470  For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake)
+                    or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault
+                    for UTF-16 payloads containing CDATA sections.
+
        Other changes:
            #457  Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters
       #458 #459  CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR
                    and CMAKE_INSTALL_INCLUDEDIR
       #468 #469  xmlwf: Improve help output and the xmlwf man page

+        Special thanks to:
+            Dimitry Andric
+
 Release 2.3.0 Thu March 25 2021
        Bug fixes:
            #438  When calling XML_ParseBuffer without a prior successful call to
--- a/expat/lib/xmltok.c
+++ b/expat/lib/xmltok.c
@ -259,8 +259,14 @@ sb_byteToAscii(const ENCODING *enc, const char *p) {

 #define IS_NAME_CHAR(enc, p, n) (AS_NORMAL_ENCODING(enc)->isName##n(enc, p))
 #define IS_NMSTRT_CHAR(enc, p, n) (AS_NORMAL_ENCODING(enc)->isNmstrt##n(enc, p))
-#define IS_INVALID_CHAR(enc, p, n)                                             \
-  (AS_NORMAL_ENCODING(enc)->isInvalid##n(enc, p))
+#ifdef XML_MIN_SIZE
+#  define IS_INVALID_CHAR(enc, p, n)                                           \
+    (AS_NORMAL_ENCODING(enc)->isInvalid##n                                     \
+     && AS_NORMAL_ENCODING(enc)->isInvalid##n(enc, p))
+#else
+#  define IS_INVALID_CHAR(enc, p, n)                                           \
+    (AS_NORMAL_ENCODING(enc)->isInvalid##n(enc, p))
+#endif

 #ifdef XML_MIN_SIZE
 #  define IS_NAME_CHAR_MINBPC(enc, p)                                          \
--- a/expat/lib/xmltok_impl.c
+++ b/expat/lib/xmltok_impl.c
@ -1,4 +1,4 @@
-/* This file is included!
+/* This file is included (from xmltok.c, 1-3 times depending on XML_MIN_SIZE)!
                            __  __            _
                         ___\ \/ /_ __   __ _| |_
                        / _ \\  /| '_ \ / _` | __|
@ -32,7 +32,7 @@

 #ifdef XML_TOK_IMPL_C

-#  ifndef IS_INVALID_CHAR
+#  ifndef IS_INVALID_CHAR // i.e. for UTF-16 and XML_MIN_SIZE not defined
 #    define IS_INVALID_CHAR(enc, ptr, n) (0)
 #  endif

--- a/expat/tests/runtests.c
+++ b/expat/tests/runtests.c
@ -2245,7 +2245,6 @@ START_TEST(test_long_cdata_utf16) {
 END_TEST

 /* Test handling of multiple unit UTF-16 characters */
-#ifndef XML_MIN_SIZE /* FIXME workaround -DXML_MIN_SIZE + ASan (issue #332) */
 START_TEST(test_multichar_cdata_utf16) {
  /* Test data is:
   *   <?xml version='1.0' encoding='utf-16'?>
@ -2267,11 +2266,11 @@ START_TEST(test_multichar_cdata_utf16) {
                      "\0<\0a\0>\0<\0!\0[\0C\0D\0A\0T\0A\0["
                      "\xd8\x34\xdd\x5e\xd8\x34\xdd\x5f"
                      "\0]\0]\0>\0<\0/\0a\0>";
-#  ifdef XML_UNICODE
+#ifdef XML_UNICODE
  const XML_Char *expected = XCS("\xd834\xdd5e\xd834\xdd5f");
-#  else
+#else
  const XML_Char *expected = XCS("\xf0\x9d\x85\x9e\xf0\x9d\x85\x9f");
-#  endif
+#endif
  CharData storage;

  CharData_Init(&storage);
@ -2284,7 +2283,6 @@ START_TEST(test_multichar_cdata_utf16) {
  CharData_CheckXMLChars(&storage, expected);
 }
 END_TEST
-#endif /* ifndef XML_MIN_SIZE */

 /* Test that an element name with a UTF-16 surrogate pair is rejected */
 START_TEST(test_utf16_bad_surrogate_pair) {
@ -2369,7 +2367,6 @@ START_TEST(test_bad_cdata) {
 END_TEST

 /* Test failures in UTF-16 CDATA */
-#ifndef XML_MIN_SIZE /* FIXME workaround -DXML_MIN_SIZE + ASan (issue #332) */
 START_TEST(test_bad_cdata_utf16) {
  struct CaseData {
    size_t text_bytes;
@ -2442,7 +2439,6 @@ START_TEST(test_bad_cdata_utf16) {
  }
 }
 END_TEST
-#endif /* ifndef XML_MIN_SIZE */

 static const char *long_cdata_text
    = "<s><![CDATA["
@ -11301,14 +11297,10 @@ make_suite(void) {
  tcase_add_test(tc_basic, test_good_cdata_utf16);
  tcase_add_test(tc_basic, test_good_cdata_utf16_le);
  tcase_add_test(tc_basic, test_long_cdata_utf16);
-#ifndef XML_MIN_SIZE /* FIXME workaround -DXML_MIN_SIZE + ASan (issue #332) */
  tcase_add_test(tc_basic, test_multichar_cdata_utf16);
-#endif
  tcase_add_test(tc_basic, test_utf16_bad_surrogate_pair);
  tcase_add_test(tc_basic, test_bad_cdata);
-#ifndef XML_MIN_SIZE /* FIXME workaround -DXML_MIN_SIZE + ASan (issue #332) */
  tcase_add_test(tc_basic, test_bad_cdata_utf16);
-#endif
  tcase_add_test(tc_basic, test_stop_parser_between_cdata_calls);
  tcase_add_test(tc_basic, test_suspend_parser_between_cdata_calls);
  tcase_add_test(tc_basic, test_memory_allocation);