organicmaps/libexpat
13
Fork 0
mirror of https://github.com/libexpat/libexpat.git synced 2025-04-07 06:04:59 +00:00
Code Issues 1 Projects Releases Wiki Activity Actions
4538 commits 3 branches 65 tags 40 MiB
Commit graph

4538 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sebastian Pipping
8e439a9947 lib: Detect integer overflow in dtdCopy 
Reported by TaiYou
 2024-08-26 22:35:54 +02:00
Sebastian Pipping
2db233019f doc: Document that XML_Parse/XML_ParseBuffer reject "len < 0" 2024-08-26 22:25:19 +02:00
Sebastian Pipping
c12f039b80 tests: Cover "len < 0" for both XML_Parse and XML_ParseBuffer 2024-08-26 22:25:19 +02:00
Sebastian Pipping
5c1a31642e lib: Reject negative len for XML_ParseBuffer 
Reported by TaiYou
 2024-08-26 22:25:19 +02:00
Sebastian Pipping
9bf0f2c16e lib: Detect integer overflow in function nextScaffoldPart 
Reported by TaiYou
 2024-08-26 22:25:15 +02:00
Berkay Eren Ürün
c158a62e57 Remove XML_DTD guards before is_param accesses 
As a part of the ENTITY struct, is_param is correctly initialized even
when XML_DTD is not defined. This can be seen in the 'lookup' function,
which sets all the ENTITY memory, including the is_param flag, to zero
during the ENTITY creation. Additionally, is_param can only be assigned
XML_TRUE when XML_DTD is defined, which makes XML_DTD checks before
is_param accesses not necessary.

Currently, some of the is_param accesses are guarded by the XML_DTD and
some not. This commit removes all XML_DTD guards that are meant for
is_param accesses.
 2024-08-22 13:38:04 +02:00
Sebastian Pipping
ed4090af84
Merge pull request #885 from libexpat/fix-in-code-comment-typo 
Fix typo in a code comment
 2024-08-21 19:57:51 +02:00
Sebastian Pipping
35753a8ccc lib: Fix typo in a code comment 2024-08-20 21:16:57 +02:00
Sebastian Pipping
b1ab4745f3
Merge pull request #884 from libexpat/dependabot/github_actions/codespell-project/actions-codespell-2.1 
Actions(deps): Bump codespell-project/actions-codespell from 2.0 to 2.1
 2024-08-19 20:30:43 +02:00
dependabot[bot]
05735b8f68
Actions(deps): Bump codespell-project/actions-codespell from 2.0 to 2.1 
Bumps [codespell-project/actions-codespell](https://github.com/codespell-project/actions-codespell) from 2.0 to 2.1.
- [Release notes](https://github.com/codespell-project/actions-codespell/releases)
- [Commits](94259cd8be...406322ec52)

---
updated-dependencies:
- dependency-name: codespell-project/actions-codespell
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-19 12:32:12 +00:00
Sebastian Pipping
dfa90b8115
Merge pull request #883 from libexpat/dependabot/github_actions/actions/upload-artifact-4.3.6 
Actions(deps): Bump actions/upload-artifact from 4.3.5 to 4.3.6
 2024-08-12 22:54:04 +02:00
dependabot[bot]
61886f8dbd
Actions(deps): Bump actions/upload-artifact from 4.3.5 to 4.3.6 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](89ef406dd8...834a144ee9)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-12 12:16:07 +00:00
Sebastian Pipping
a8898cdb1e
Merge pull request #882 from libexpat/dependabot/github_actions/actions/upload-artifact-4.3.5 
Actions(deps): Bump actions/upload-artifact from 4.3.4 to 4.3.5
 2024-08-06 20:21:17 +02:00
dependabot[bot]
1f9da870e1
Actions(deps): Bump actions/upload-artifact from 4.3.4 to 4.3.5 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](0b2256b8c0...89ef406dd8)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-05 12:38:32 +00:00
Sebastian Pipping
6b3f93c6ca
Merge pull request #880 from libexpat/readme-promote-call-for-help 
`README.md`: Promote call for help in the Changes file
 2024-07-13 20:19:27 +02:00
Sebastian Pipping
e19e52331b README.md: Promote call for help in the Changes file 
Documentation on the used Markdown extension:
- https://github.blog/changelog/2023-12-14-new-markdown-extension-alerts-provide-distinctive-styling-for-significant-content/
- https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
 2024-07-13 18:08:15 +02:00
Sebastian Pipping
0b6ab7cd20
Merge pull request #879 from libexpat/autotools-sync-cmake-files 
autotools: Sync CMake templates with CMake 3.28
 2024-07-13 02:01:40 +02:00
Sebastian Pipping
feb65c625c
Merge pull request #878 from libexpat/dependabot/github_actions/actions/upload-artifact-4.3.4 
Actions(deps): Bump actions/upload-artifact from 4.3.3 to 4.3.4
 2024-07-13 00:46:25 +02:00
Sebastian Pipping
09f8eddd8e autotools: Sync CMake templates with CMake 3.28 2024-07-13 00:13:25 +02:00
dependabot[bot]
0e9863e483
Actions(deps): Bump actions/upload-artifact from 4.3.3 to 4.3.4 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](65462800fd...0b2256b8c0)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-08 12:49:27 +00:00
Sebastian Pipping
4c3f8641a7
Merge pull request #876 from libexpat/dependabot/github_actions/actions/checkout-4.1.7 
Actions(deps): Bump actions/checkout from 4.1.6 to 4.1.7
 2024-06-17 21:01:31 +02:00
dependabot[bot]
9269f9e68f
Actions(deps): Bump actions/checkout from 4.1.6 to 4.1.7 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](a5ac7e51b4...692973e3d9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-17 12:07:06 +00:00
Sebastian Pipping
bfd178c635
Merge pull request #874 from libexpat/dependabot/github_actions/actions/checkout-4.1.6 
Actions(deps): Bump actions/checkout from 4.1.5 to 4.1.6
 2024-05-21 01:45:03 +02:00
dependabot[bot]
1ee828c752
Actions(deps): Bump actions/checkout from 4.1.5 to 4.1.6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](44c2b7a8a4...a5ac7e51b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-20 12:54:15 +00:00
Sebastian Pipping
322ab5ff7a
Merge pull request #873 from libexpat/fix-coverage-ci 
`coverage.yml`: Fix for image `ubuntu-22.04` of `20240514.2.0`
 2024-05-19 15:58:40 +02:00
Sebastian Pipping
4f44375e3f coverage.yml: Fix for image ubuntu-22.04 of 20240514.2.0 2024-05-19 14:46:03 +02:00
Sebastian Pipping
2703c85b0a
Merge pull request #871 from libexpat/dependabot/github_actions/actions/checkout-4.1.5 
Actions(deps): Bump actions/checkout from 4.1.4 to 4.1.5
 2024-05-15 20:11:25 +02:00
dependabot[bot]
197275e391
Actions(deps): Bump actions/checkout from 4.1.4 to 4.1.5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](0ad4b8fada...44c2b7a8a4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-13 21:16:53 +00:00
Sebastian Pipping
3ec84e457f
Merge pull request #872 from libexpat/fix-clang-format-ci 
`lib/siphash.h`: Apply clang-format 18.1.5
 2024-05-13 23:16:12 +02:00
Sebastian Pipping
b0e673830e lib/siphash.h: Apply clang-format 18.1.5 2024-05-13 22:00:56 +02:00
Sebastian Pipping
da88e9a444
Merge pull request #869 from dag-erling/des/non-gnu-sed 
Drop dependency on GNU sed
 2024-05-05 15:21:03 +02:00
Dag-Erling Smørgrav
1253273fe4 Drop dependency on GNU sed. 
GNU sed supports `-i` (in-place editing) with an optional suffix for the
backup copy.  Non-GNU implementations also support `-i`, but the suffix
is not optional.  Replacing all occurrences of naked `-i` with `-i.bak`
ensures our scripts work equally well with both.
 2024-05-04 18:14:52 +02:00
Sebastian Pipping
b58b387195
Merge pull request #863 from dag-erling/des/fix-xmltest-log 
Don't require dos2unix.
 2024-05-04 16:06:51 +02:00
Sebastian Pipping
c40938dbe0
Merge pull request #870 from dag-erling/des/sizeof-void-p 
Simplify handling of `SIZEOF_VOID_P`
 2024-05-04 16:04:40 +02:00
Dag-Erling Smørgrav
54400c2e0c autotools: Simplify handling of SIZEOF_VOID_P. 2024-05-03 22:51:35 +02:00
Dag-Erling Smørgrav
59295befca fix-xmltest-log.sh: Rewrite in pure sed. 
This removes the need for installing dos2unix in development and CI
environments.
 2024-05-03 01:02:52 +02:00
Sebastian Pipping
e0cf7c8544
Merge pull request #868 from dag-erling/des/update-ci 
Fix various CI issues
 2024-05-03 00:52:18 +02:00
Dag-Erling Smørgrav
2f2057733f github-ci: Drop requirement for GNU coreutils. 2024-05-02 23:31:57 +02:00
Dag-Erling Smørgrav
5853973454 github-ci: Remove obsolete comments referencing Travis CI. 2024-05-02 23:26:24 +02:00
Dag-Erling Smørgrav
2083722b95 github-ci: Install docbook-xml. 
Some tests use the xmlwf documentation as sample input.  It is written in
DocBook, and the tests appear to be failing because they try to fetch it
at run time, which is not allowed.  Work around this by installing it in
advance.
 2024-05-02 23:26:24 +02:00
Dag-Erling Smørgrav
26be7c3f11 github-ci: Enable exhaustive branch analysis in cppcheck job. 2024-05-02 23:26:24 +02:00
Dag-Erling Smørgrav
d69aee5244 github-ci: Switch macOS tests over to supported releases. 2024-05-02 23:26:24 +02:00
Dag-Erling Smørgrav
85e01c4004 github-ci: Drop requirement for GNU find. 2024-05-02 23:26:24 +02:00
Dag-Erling Smørgrav
8e7c117e8f github-ci: Don't die if already exists. 2024-05-02 21:37:09 +02:00
Sebastian Pipping
9cbdb916de
Merge pull request #865 from Ferenc-/fix-define-for-linux-syscall 
Fix `check_c_source_compiles` of `HAVE_SYSCALL_GETRANDOM`
 2024-05-01 21:47:08 +02:00
Ferenc Géczi
73627c7456 Use feature test macro for syscall prototype 
In order to cover the largest number of glibc and musl libc versions,
withouth warnings, the decision here is to use `_GNU_SOURCE`,
even if it enables a larger than necessary feature set.

A feature macro is needed, because otherwise the `check_c_source_compiles`
for `HAVE_SYSCALL_GETRANDOM` fails in cases when for example
the default compiler flags include `-std=c99`:

````
src.c:6:13: error: implicit declaration of function ‘syscall’ [-Wimplicit-function-declaration]
    6 |             syscall(SYS_getrandom, NULL, 0, 0);
      |             ^~~~~~~
````
But this check should pass, as `SYS_getrandom` is available,
only the declaration of `syscall` in `unistd.h` is conditional behind a macro.

The exact minimal public macros, for enabling this are in `features.h`, and
are version dependent.

According to [5.04](
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/man-pages-5.04.tar.gz)
and older versions of the `man 2 syscall` page,
the recommended feature test macro is `_GNU_SOURCE`.
Later on in [5.05](
https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/Archive/man-pages-5.05.tar.gz)
this statement has changed, to provide a smaller minimal feature set.
Namely up to `glibc 2.18`  is `_BSD_SOURCE || _SVID_SOURCE`,
but after that the `_DEFAULT_SOURCE` is recommended,
and `_BSD_SOURCE || _SVID_SOURCE` is deprecated, and emits warning in later versions.
Regardless of that the `_GNU_SOURCE` is still fully supported
in every version and is suitable for our purposes.

The musl libc doesn't use `_SVID_SOURCE` at all, but `_BSD_SOURCE` always works,
plus in some newer versions `_DEFAULT_SOURCE` also sets `_BSD_SOURCE`,
but `_GNU_SOURCE` covers the largest set of versions and is unlikely
to be deprecated in the future.

Further info about feature test macros:

In glibc:
https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html

In musl libc under the `Feature Test Macros Supported by musl` section:
https://musl.libc.org/doc/1.1.24/manual.html

Signed-off-by: Ferenc Géczi <ferenc.gm@gmail.com>
 2024-05-01 00:00:01 +00:00
Sebastian Pipping
c82ca17b61
Merge pull request #866 from libexpat/dependabot/github_actions/actions/checkout-4.1.4 
Actions(deps): Bump actions/checkout from 4.1.3 to 4.1.4
 2024-04-30 01:09:12 +02:00
Sebastian Pipping
1f1ac992bf
Merge pull request #867 from libexpat/dependabot/github_actions/actions/upload-artifact-4.3.3 
Actions(deps): Bump actions/upload-artifact from 4.3.2 to 4.3.3
 2024-04-29 22:40:37 +02:00
dependabot[bot]
33ed8172fb
Actions(deps): Bump actions/upload-artifact from 4.3.2 to 4.3.3 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](1746f4ab65...65462800fd)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-29 12:06:24 +00:00
dependabot[bot]
2ddf759f59
Actions(deps): Bump actions/checkout from 4.1.3 to 4.1.4 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](1d96c772d1...0ad4b8fada)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-29 12:06:18 +00:00