forked from python/cpython
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
pythongh-123678: Upgrade libexpat 2.6.3 (python#123689)
Upgrade libexpat 2.6.3
- Loading branch information
1 parent
d83e30c
commit 40bdb0d
Showing
5 changed files
with
46 additions
and
25 deletions.
There are no files selected for viewing
1 change: 1 addition & 0 deletions
1
Misc/NEWS.d/next/Security/2024-09-04-12-41-35.gh-issue-123678.N41y9n.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Upgrade libexpat to 2.6.3 |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
/* 2a14271ad4d35e82bde8ba210b4edb7998794bcbae54deab114046a300f9639a (2.6.2+) | ||
/* ba4cdf9bdb534f355a9def4c9e25d20ee8e72f95b0a4d930be52e563f5080196 (2.6.3+) | ||
__ __ _ | ||
___\ \/ /_ __ __ _| |_ | ||
/ _ \\ /| '_ \ / _` | __| | ||
|
@@ -39,6 +39,7 @@ | |
Copyright (c) 2022 Sean McBride <[email protected]> | ||
Copyright (c) 2023 Owain Davies <[email protected]> | ||
Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <[email protected]> | ||
Copyright (c) 2024 Berkay Eren Ürün <[email protected]> | ||
Licensed under the MIT license: | ||
Permission is hereby granted, free of charge, to any person obtaining | ||
|
@@ -294,7 +295,7 @@ typedef struct { | |
The name of the element is stored in both the document and API | ||
encodings. The memory buffer 'buf' is a separately-allocated | ||
memory area which stores the name. During the XML_Parse()/ | ||
XMLParseBuffer() when the element is open, the memory for the 'raw' | ||
XML_ParseBuffer() when the element is open, the memory for the 'raw' | ||
version of the name (in the document encoding) is shared with the | ||
document buffer. If the element is open across calls to | ||
XML_Parse()/XML_ParseBuffer(), the buffer is re-allocated to | ||
|
@@ -2038,6 +2039,12 @@ XML_ParseBuffer(XML_Parser parser, int len, int isFinal) { | |
|
||
if (parser == NULL) | ||
return XML_STATUS_ERROR; | ||
|
||
if (len < 0) { | ||
parser->m_errorCode = XML_ERROR_INVALID_ARGUMENT; | ||
return XML_STATUS_ERROR; | ||
} | ||
|
||
switch (parser->m_parsingStatus.parsing) { | ||
case XML_SUSPENDED: | ||
parser->m_errorCode = XML_ERROR_SUSPENDED; | ||
|
@@ -5846,18 +5853,17 @@ processInternalEntity(XML_Parser parser, ENTITY *entity, XML_Bool betweenDecl) { | |
/* Set a safe default value in case 'next' does not get set */ | ||
next = textStart; | ||
|
||
#ifdef XML_DTD | ||
if (entity->is_param) { | ||
int tok | ||
= XmlPrologTok(parser->m_internalEncoding, textStart, textEnd, &next); | ||
result = doProlog(parser, parser->m_internalEncoding, textStart, textEnd, | ||
tok, next, &next, XML_FALSE, XML_FALSE, | ||
XML_ACCOUNT_ENTITY_EXPANSION); | ||
} else | ||
#endif /* XML_DTD */ | ||
} else { | ||
result = doContent(parser, parser->m_tagLevel, parser->m_internalEncoding, | ||
textStart, textEnd, &next, XML_FALSE, | ||
XML_ACCOUNT_ENTITY_EXPANSION); | ||
} | ||
|
||
if (result == XML_ERROR_NONE) { | ||
if (textEnd != next && parser->m_parsingStatus.parsing == XML_SUSPENDED) { | ||
|
@@ -5894,18 +5900,17 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end, | |
/* Set a safe default value in case 'next' does not get set */ | ||
next = textStart; | ||
|
||
#ifdef XML_DTD | ||
if (entity->is_param) { | ||
int tok | ||
= XmlPrologTok(parser->m_internalEncoding, textStart, textEnd, &next); | ||
result = doProlog(parser, parser->m_internalEncoding, textStart, textEnd, | ||
tok, next, &next, XML_FALSE, XML_TRUE, | ||
XML_ACCOUNT_ENTITY_EXPANSION); | ||
} else | ||
#endif /* XML_DTD */ | ||
} else { | ||
result = doContent(parser, openEntity->startTagLevel, | ||
parser->m_internalEncoding, textStart, textEnd, &next, | ||
XML_FALSE, XML_ACCOUNT_ENTITY_EXPANSION); | ||
} | ||
|
||
if (result != XML_ERROR_NONE) | ||
return result; | ||
|
@@ -5932,17 +5937,14 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end, | |
return XML_ERROR_NONE; | ||
} | ||
|
||
#ifdef XML_DTD | ||
if (entity->is_param) { | ||
int tok; | ||
parser->m_processor = prologProcessor; | ||
tok = XmlPrologTok(parser->m_encoding, s, end, &next); | ||
return doProlog(parser, parser->m_encoding, s, end, tok, next, nextPtr, | ||
(XML_Bool)! parser->m_parsingStatus.finalBuffer, XML_TRUE, | ||
XML_ACCOUNT_DIRECT); | ||
} else | ||
#endif /* XML_DTD */ | ||
{ | ||
} else { | ||
parser->m_processor = contentProcessor; | ||
/* see externalEntityContentProcessor vs contentProcessor */ | ||
result = doContent(parser, parser->m_parentParser ? 1 : 0, | ||
|
@@ -7016,6 +7018,16 @@ dtdCopy(XML_Parser oldParser, DTD *newDtd, const DTD *oldDtd, | |
if (! newE) | ||
return 0; | ||
if (oldE->nDefaultAtts) { | ||
/* Detect and prevent integer overflow. | ||
* The preprocessor guard addresses the "always false" warning | ||
* from -Wtype-limits on platforms where | ||
* sizeof(int) < sizeof(size_t), e.g. on x86_64. */ | ||
#if UINT_MAX >= SIZE_MAX | ||
if ((size_t)oldE->nDefaultAtts | ||
> ((size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE))) { | ||
return 0; | ||
} | ||
#endif | ||
newE->defaultAtts | ||
= ms->malloc_fcn(oldE->nDefaultAtts * sizeof(DEFAULT_ATTRIBUTE)); | ||
if (! newE->defaultAtts) { | ||
|
@@ -7558,6 +7570,15 @@ nextScaffoldPart(XML_Parser parser) { | |
int next; | ||
|
||
if (! dtd->scaffIndex) { | ||
/* Detect and prevent integer overflow. | ||
* The preprocessor guard addresses the "always false" warning | ||
* from -Wtype-limits on platforms where | ||
* sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ | ||
#if UINT_MAX >= SIZE_MAX | ||
if (parser->m_groupSize > ((size_t)(-1) / sizeof(int))) { | ||
return -1; | ||
} | ||
#endif | ||
dtd->scaffIndex = (int *)MALLOC(parser, parser->m_groupSize * sizeof(int)); | ||
if (! dtd->scaffIndex) | ||
return -1; | ||
|