1NOTE: We are looking for help with a few things: 2 https://github.com/libexpat/libexpat/labels/help%20wanted 3 If you can help, please get in touch. Thanks! 4 5Release 2.3.0 Thu March 25 2021 6 Bug fixes: 7 #438 When calling XML_ParseBuffer without a prior successful call to 8 XML_GetBuffer as a user, no longer trigger undefined behavior 9 (by adding an integer to a NULL pointer) but rather return 10 XML_STATUS_ERROR and set the error code to (new) code 11 XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) 12 of Clang 11 (but not Clang 9). 13 #444 xmlwf: Exit status 2 was used for both: 14 - malformed input files (documented) and 15 - invalid command-line arguments (undocumented). 16 The case of invalid command-line arguments now 17 has its own exit status 4, resolving the ambiguity. 18 19 Other changes: 20 #439 xmlwf: Add argument -k to allow continuing after 21 non-fatal errors 22 #439 xmlwf: Add section about exit status to the -h help output 23 #422 #426 #447 Windows: Drop support for Visual Studio <=14.0/2015 24 #434 Windows: CMake: Detect unsupported Visual Studio at 25 configure time (rather than at compile time) 26 #382 #428 testrunner: Make verbose mode (argument "-v") report 27 about passed tests, and make default mode report about 28 failures, as well. 29 #442 CMake: Call "enable_language(CXX)" prior to tinkering 30 with CMAKE_CXX_* variables 31 #448 Document use of libexpat from a CMake-based project 32 #451 Autotools: Install CMake files as generated by CMake 3.19.6 33 so that users with "find_package(expat [..] CONFIG [..])" 34 are served on distributions that are *not* using the CMake 35 build system inside for libexpat packaging 36 #436 #437 Autotools: Drop obsolescent macro AC_HEADER_STDC 37 #450 #452 Autotools: Resolve use of obsolete macro AC_CONFIG_HEADER 38 #441 Address compiler warnings 39 #443 Version info bumped from 7:12:6 to 8:0:7 40 due to addition of error code XML_ERROR_NO_BUFFER 41 (see https://verbump.de/ for what these numbers do) 42 43 Infrastructure: 44 #435 #446 Replace Travis CI by GitHub Actions 45 46 Special thanks to: 47 Alexander Richardson 48 Oleksandr Popovych 49 Thomas Beutlich 50 Tim Bray 51 and 52 Clang LeakSan, Clang 11 UBSan and the Clang team 53 54Release 2.2.10 Sat October 3 2020 55 Bug fixes: 56 #390 #395 #398 Fix undefined behavior during parsing caused by 57 pointer arithmetic with NULL pointers 58 #404 #405 Fix reading uninitialized variable during parsing 59 #406 xmlwf: Add missing check for malloc NULL return 60 61 Other changes: 62 #396 Windows: Drop support for Visual Studio <=8.0/2005 63 #409 Windows: Add missing file "Changes" to the installer 64 to fix compilation with CMake from installed sources 65 #403 xmlwf: Document exit codes in xmlwf manpage and 66 exit with code 3 (rather than code 1) for output errors 67 when used with "-d DIRECTORY" 68 #356 #359 MinGW: Provide declaration of rand_s for mingwrt <5.3.0 69 #383 #392 Autotools: Use -Werror while configure tests the compiler 70 for supported compile flags to avoid false positives 71 #383 #393 #394 Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, 72 e.g. ensure that they have the last word over flags added 73 while running ./configure 74 #360 CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis 75 on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t) 76 #360 CMake: Detect and deny unsupported build combinations 77 involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t) 78 #360 CMake: Install pre-compiled shipped xmlwf.1 manpage in case 79 of -DEXPAT_BUILD_DOCS=OFF 80 #375 #380 #419 CMake: Fix use of Expat by means of add_subdirectory 81 #407 #408 CMake: Keep expat target name constant at "expat" 82 (i.e. refrain from using the target name to control 83 build artifact filenames) 84 #385 CMake: Fix compilation with -DEXPAT_SHARED_LIBS=OFF for 85 Windows 86 CMake: Expose man page compilation as target "xmlwf-manpage" 87 #413 #414 CMake: Introduce option EXPAT_BUILD_PKGCONFIG 88 to control generation of pkg-config file "expat.pc" 89 #424 CMake: Add minimalistic support for building binary packages 90 with CMake target "package"; based on CPack 91 #366 CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with 92 default OFF to build fuzzer code against OSS-Fuzz and 93 related environment variable LIB_FUZZING_ENGINE 94 #354 Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF, each 95 #354 #355 .. 96 #356 #412 Address compiler warnings 97 #368 #369 Address pngcheck warnings with doc/*.png images 98 #425 Version info bumped from 7:11:6 to 7:12:6 99 100 Special thanks to: 101 asavah 102 Ben Wagner 103 Bhargava Shastry 104 Frank Landgraf 105 Jeffrey Walton 106 Joe Orton 107 Kleber Tarcísio 108 Ma Lin 109 Maciej Sroczyński 110 Mohammed Khajapasha 111 Vadim Zeitlin 112 and 113 Cppcheck 2.0 and the Cppcheck team 114 115Release 2.2.9 Wed September 25 2019 116 Other changes: 117 examples: Drop executable bits from elements.c 118 #349 Windows: Change the name of the Windows DLLs from expat*.dll 119 to libexpat*.dll once more (regression from 2.2.8, first 120 fixed in 1.95.3, issue #61 on SourceForge today, 121 was issue #432456 back then); needs a fix due 122 case-insensitive file systems on Windows and the fact that 123 Perl's XML::Parser::Expat compiles into Expat.dll. 124 #347 Windows: Only define _CRT_RAND_S if not defined 125 Version info bumped from 7:10:6 to 7:11:6 126 127 Special thanks to: 128 Ben Wagner 129 130Release 2.2.8 Fri September 13 2019 131 Security fixes: 132 #317 #318 CVE-2019-15903 -- Fix heap overflow triggered by 133 XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber), 134 and deny internal entities closing the doctype; 135 fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43 136 137 Bug fixes: 138 #240 Fix cases where XML_StopParser did not have any effect 139 when called from inside of an end element handler 140 #341 xmlwf: Fix exit code for operation without "-d DIRECTORY"; 141 previously, only "-d DIRECTORY" would give you a proper 142 exit code: 143 # xmlwf -d . <<<'<not well-formed>' 2>/dev/null ; echo $? 144 2 145 # xmlwf <<<'<not well-formed>' 2>/dev/null ; echo $? 146 0 147 Now both cases return exit code 2. 148 149 Other changes: 150 #299 #302 Windows: Replace LoadLibrary hack to access 151 unofficial API function SystemFunction036 (RtlGenRandom) 152 by using official API function rand_s (needs WinXP+) 153 #325 Windows: Drop support for Visual Studio <=7.1/2003 154 and document supported compilers in README.md 155 #286 Windows: Remove COM code from xmlwf; in case it turns 156 out needed later, there will be a dedicated repository 157 below https://github.com/libexpat/ for that code 158 #322 Windows: Remove explicit MSVC solution and project files. 159 You can generate Visual Studio solution files through 160 CMake, e.g.: cmake -G"Visual Studio 15 2017" . 161 #338 xmlwf: Make "xmlwf -h" help output more friendly 162 #339 examples: Improve elements.c 163 #244 #264 Autotools: Add argument --enable-xml-attr-info 164 #239 #301 Autotools: Add arguments 165 --with-getrandom 166 --without-getrandom 167 --with-sys-getrandom 168 --without-sys-getrandom 169 #312 #343 Autotools: Fix linking issues with "./configure LD=clang" 170 Autotools: Fix "make run-xmltest" for out-of-source builds 171 #329 #336 CMake: Pull all options from Expat <=2.2.7 into namespace 172 prefix EXPAT_ with the exception of DOCBOOK_TO_MAN: 173 - BUILD_doc -> EXPAT_BUILD_DOCS (plural) 174 - BUILD_examples -> EXPAT_BUILD_EXAMPLES 175 - BUILD_shared -> EXPAT_SHARED_LIBS 176 - BUILD_tests -> EXPAT_BUILD_TESTS 177 - BUILD_tools -> EXPAT_BUILD_TOOLS 178 - DOCBOOK_TO_MAN -> DOCBOOK_TO_MAN (unchanged) 179 - INSTALL -> EXPAT_ENABLE_INSTALL 180 - MSVC_USE_STATIC_CRT -> EXPAT_MSVC_STATIC_CRT 181 - USE_libbsd -> EXPAT_WITH_LIBBSD 182 - WARNINGS_AS_ERRORS -> EXPAT_WARNINGS_AS_ERRORS 183 - XML_CONTEXT_BYTES -> EXPAT_CONTEXT_BYTES 184 - XML_DEV_URANDOM -> EXPAT_DEV_URANDOM 185 - XML_DTD -> EXPAT_DTD 186 - XML_NS -> EXPAT_NS 187 - XML_UNICODE -> EXPAT_CHAR_TYPE=ushort (!) 188 - XML_UNICODE_WCHAR_T -> EXPAT_CHAR_TYPE=wchar_t (!) 189 #244 #264 CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), 190 default OFF 191 #326 CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), 192 default OFF 193 #328 CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), 194 default OFF 195 #239 #277 CMake: Add arguments 196 -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO 197 -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO 198 #326 CMake: Install expat_config.h to include directory 199 #326 CMake: Generate and install configuration files for 200 future find_package(expat [..] CONFIG [..]) 201 CMake: Now produces a summary of applied configuration 202 CMake: Require C++ compiler only when tests are enabled 203 #330 CMake: Fix compilation for 16bit character types, 204 i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) 205 #265 CMake: Fix linking with MinGW 206 #330 CMake: Add full support for MinGW; to enable, use 207 -DCMAKE_TOOLCHAIN_FILE=[expat]/cmake/mingw-toolchain.cmake 208 #330 CMake: Port "make run-xmltest" from GNU Autotools to CMake 209 #316 CMake: Windows: Make binary postfix match MSVC 210 Old: expat[d].lib 211 New: expat[w][d][MD|MT].lib 212 CMake: Migrate files from Windows to Unix line endings 213 #308 CMake: Integrate OSS-Fuzz fuzzers, option 214 -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF 215 #14 Drop an OpenVMS support leftover 216 #235 #268 .. 217 #270 #310 .. 218 #313 #331 #333 Address compiler warnings 219 #282 #283 .. 220 #284 #285 Address cppcheck warnings 221 #294 #295 Address Clang Static Analyzer warnings 222 #24 #293 Mass-apply clang-format 9 (and ensure conformance during CI) 223 Version info bumped from 7:9:6 to 7:10:6 224 225 Special thanks to: 226 David Loffredo 227 Joonun Jang 228 Kishore Kunche 229 Marco Maggi 230 Mitch Phillips 231 Mohammed Khajapasha 232 Rolf Ade 233 xantares 234 Zhongyuan Zhou 235 236Release 2.2.7 Wed June 19 2019 237 Security fixes: 238 #186 #262 CVE-2018-20843 -- Fix extraction of namespace prefixes from 239 XML names; XML names with multiple colons could end up in 240 the wrong namespace, and take a high amount of RAM and CPU 241 resources while processing, opening the door to 242 use for denial-of-service attacks 243 244 Other changes: 245 #195 #197 Autotools/CMake: Utilize -fvisibility=hidden to stop 246 exporting non-API symbols 247 #227 Autotools: Add --without-examples and --without-tests 248 #228 Autotools: Modernize configure.ac 249 #245 #246 Autotools: Fix check for -fvisibility=hidden for Clang 250 #247 #248 Autotools: Fix compilation for lack of docbook2x-man 251 #236 #258 Autotools: Produce .tar.{gz,lz,xz} release archives 252 #212 CMake: Make libdir of pkgconfig expat.pc support multilib 253 #158 #263 CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR 254 #219 Remove fallback to bcopy, assume that memmove(3) exists 255 #257 Use portable "/usr/bin/env bash" shebang (e.g. for OpenBSD) 256 #243 Windows: Fix syntax of .def module definition files 257 Version info bumped from 7:8:6 to 7:9:6 258 259 Special thanks to: 260 Benjamin Peterson 261 Caolán McNamara 262 Hanno Böck 263 KangLin 264 Kishore Kunche 265 Marco Maggi 266 Rhodri James 267 Sebastian Dröge 268 userwithuid 269 Yury Gribov 270 271Release 2.2.6 Sun August 12 2018 272 Bug fixes: 273 #170 #206 Avoid doing arithmetic with NULL pointers in XML_GetBuffer 274 #204 #205 Fix 2.2.5 regression with suspend-resume while parsing 275 a document like '<root/>' 276 277 Other changes: 278 #165 #168 Autotools: Fix docbook-related configure syntax error 279 #166 Autotools: Avoid grep option `-q` for Solaris 280 #167 Autotools: Support 281 ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" 282 #159 #167 Autotools: Support DOCBOOK_TO_MAN command which produces 283 xmlwf.1 rather than XMLWF.1; also covers case insensitive 284 file systems 285 #181 Autotools: Drop -rpath option passed to libtool 286 #188 Autotools: Detect and deny SGML docbook2man as ours is XML 287 #188 Autotools/CMake: Support command db2x_docbook2man as well 288 #174 CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF 289 #184 #185 CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF 290 #207 #208 CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, 291 both defaulting to OFF 292 #175 CMake: Prefer check_symbol_exists over check_function_exists 293 #176 CMake: Create the same pkg-config file as with GNU Autotools 294 #178 #179 CMake: Use GNUInstallDirs module to set proper defaults for 295 install directories 296 #208 CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM 297 #180 Windows: Fix compilation of test suite for Visual Studio 2008 298 #131 #173 #202 Address compiler warnings 299 #187 #190 #200 Fix miscellaneous typos 300 Version info bumped from 7:7:6 to 7:8:6 301 302 Special thanks to: 303 Anton Maklakov 304 Benjamin Peterson 305 Brad King 306 Franek Korta 307 Frank Rast 308 Joe Orton 309 luzpaz 310 Pedro Vicente 311 Rainer Jung 312 Rhodri James 313 Rolf Ade 314 Rolf Eike Beer 315 Thomas Beutlich 316 Tomasz Kłoczko 317 318Release 2.2.5 Tue October 31 2017 319 Bug fixes: 320 #8 If the parser runs out of memory, make sure its internal 321 state reflects the memory it actually has, not the memory 322 it wanted to have. 323 #11 The default handler wasn't being called when it should for 324 a SYSTEM or PUBLIC doctype if an entity declaration handler 325 was registered. 326 #137 #138 Fix a case of mistakenly reported parsing success where 327 XML_StopParser was called from an element handler 328 #162 Function XML_ErrorString was returning NULL rather than 329 a message for code XML_ERROR_INVALID_ARGUMENT 330 introduced with release 2.2.1 331 332 Other changes: 333 #106 xmlwf: Add argument -N adding notation declarations 334 #75 #106 Test suite: Resolve expected failure cases where xmlwf 335 output was incomplete 336 #127 Windows: Fix test suite compilation 337 #126 #127 Windows: Fix compilation for Visual Studio 2012 338 Windows: Upgrade shipped project files to Visual Studio 2017 339 #33 #132 tests: Mass-fix compilation for XML_UNICODE_WCHAR_T 340 #129 examples: Fix compilation for XML_UNICODE_WCHAR_T 341 #130 benchmark: Fix compilation for XML_UNICODE_WCHAR_T 342 #144 xmlwf: Fix compilation for XML_UNICODE_WCHAR_T; still needs 343 Windows or MinGW for 2-byte wchar_t 344 #9 Address two Clang Static Analyzer false positives 345 #59 Resolve troublesome macros hiding parser struct membership 346 and dereferencing that pointer 347 #6 Resolve superfluous internal malloc/realloc switch 348 #153 #155 Improve docbook2x-man detection 349 #160 Undefine NDEBUG in the test suite (rather than rejecting it) 350 #161 Address compiler warnings 351 Version info bumped from 7:6:6 to 7:7:6 352 353 Special thanks to: 354 Benbuck Nason 355 Hans Wennborg 356 José Gutiérrez de la Concha 357 Pedro Monreal Gonzalez 358 Rhodri James 359 Rolf Ade 360 Stephen Groat 361 and 362 Core Infrastructure Initiative 363 364Release 2.2.4 Sat August 19 2017 365 Bug fixes: 366 #115 Fix copying of partial characters for UTF-8 input 367 368 Other changes: 369 #109 Fix "make check" for non-x86 architectures that default 370 to unsigned type char (-128..127 rather than 0..255) 371 #109 coverage.sh: Cover -funsigned-char 372 Autotools: Introduce --without-xmlwf argument 373 #65 Autotools: Replace handwritten Makefile with GNU Automake 374 #43 CMake: Auto-detect high quality entropy extractors, add new 375 option USE_libbsd=ON to use arc4random_buf of libbsd 376 #74 CMake: Add -fno-strict-aliasing only where supported 377 #114 CMake: Always honor manually set BUILD_* options 378 #114 CMake: Compile man page if docbook2x-man is available, only 379 #117 Include file tests/xmltest.log.expected in source tarball 380 (required for "make run-xmltest") 381 #117 Include (existing) Visual Studio 2013 files in source tarball 382 Improve test suite error output 383 #111 Fix some typos in documentation 384 Version info bumped from 7:5:6 to 7:6:6 385 386 Special thanks to: 387 Jakub Wilk 388 Joe Orton 389 Lin Tian 390 Rolf Eike Beer 391 392Release 2.2.3 Wed August 2 2017 393 Security fixes: 394 #82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability 395 using Steve Holme's LoadLibrary wrapper for/of cURL 396 397 Bug fixes: 398 #85 Fix a dangling pointer issue related to realloc 399 400 Other changes: 401 Increase code coverage 402 #91 Linux: Allow getrandom to fail if nonblocking pool has not 403 yet been initialized and read /dev/urandom then, instead. 404 This is in line with what recent Python does. 405 #81 Pre-10.7/Lion macOS: Support entropy from arc4random 406 #86 Check that a UTF-16 encoding in an XML declaration has the 407 right endianness 408 #4 #5 #7 Recover correctly when some reallocations fail 409 Repair "./configure && make" for systems without any 410 provider of high quality entropy 411 and try reading /dev/urandom on those 412 Ensure that user-defined character encodings have converter 413 functions when they are needed 414 Fix mis-leading description of argument -c in xmlwf.1 415 Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) 416 for CloudABI 417 #100 Fix use of SIPHASH_MAIN in siphash.h 418 #23 Test suite: Fix memory leaks 419 Version info bumped from 7:4:6 to 7:5:6 420 421 Special thanks to: 422 Chanho Park 423 Joe Orton 424 Pascal Cuoq 425 Rhodri James 426 Simon McVittie 427 Vadim Zeitlin 428 Viktor Szakats 429 and 430 Core Infrastructure Initiative 431 432Release 2.2.2 Wed July 12 2017 433 Security fixes: 434 #43 Protect against compilation without any source of high 435 quality entropy enabled, e.g. with CMake build system; 436 commit ff0207e6076e9828e536b8d9cd45c9c92069b895 437 #60 Windows with _UNICODE: 438 Unintended use of LoadLibraryW with a non-wide string 439 resulted in failure to load advapi32.dll and degradation 440 in quality of used entropy when compiled with _UNICODE for 441 Windows; you can launch existing binaries with 442 EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the 443 quality of entropy used during runtime; commits 444 * 95b95032f907ef1cd17ee7a9a1768010a825d61d 445 * 73a5a2e9c081f49f2d775cf7ced864158b68dc80 446 [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; 447 resulted in NULL dereference, previously; 448 commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe 449 450 Bug fixes: 451 #69 Fix improper use of unsigned long long integer literals 452 453 Other changes: 454 #73 Start requiring a C99 compiler 455 #49 Fix "==" Bashism in configure script 456 #50 Fix too eager getrandom detection for Debian GNU/kFreeBSD 457 #52 and macOS 458 #51 Address lack of stdint.h in Visual Studio 2003 to 2008 459 #58 Address compile warnings 460 #68 Fix "./buildconf.sh && ./configure" for some versions 461 of Dash for /bin/sh 462 #72 CMake: Ease use of Expat in context of a parent project 463 with multiple CMakeLists.txt files 464 #72 CMake: Resolve mistaken executable permissions 465 #76 Address compile warning with -DNDEBUG (not recommended!) 466 #77 Address compile warning about macro redefinition 467 468 Special thanks to: 469 Alexander Bluhm 470 Ben Boeckel 471 Cătălin Răceanu 472 Kerin Millar 473 László Böszörményi 474 S. P. Zeidler 475 Segev Finer 476 Václav Slavík 477 Victor Stinner 478 Viktor Szakats 479 and 480 Radically Open Security 481 482Release 2.2.1 Sat June 17 2017 483 Security fixes: 484 CVE-2017-9233 -- External entity infinite loop DoS 485 Details: https://libexpat.github.io/doc/cve-2017-9233/ 486 Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f 487 [MOX-002] CVE-2016-9063 -- Detect integer overflow; commit 488 d4f735b88d9932bd5039df2335eefdd0723dbe20 489 (Fixed version of existing downstream patches!) 490 (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off 491 longer tag names; commits 492 * 896b6c1fd3b842f377d1b62135dccf0a579cf65d 493 * af507cef2c93cb8d40062a0abe43a4f4e9158fb2 494 #16 * 0dbbf43fdb20f593ddf4fa1ff67288000dd4a7fd 495 #25 More integer overflow detection (function poolGrow); commits 496 * 810b74e4703dcfdd8f404e3cb177d44684775143 497 * 44178553f3539ce69d34abee77a05e879a7982ac 498 [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; commits 499 * 4be2cb5afcc018d996f34bbbce6374b7befad47f 500 * 7e5b71b748491b6e459e5c9a1d090820f94544d8 501 [MOX-005] #30 Use high quality entropy for hash initialization: 502 * arc4random_buf on BSD, systems with libbsd 503 (when configured with --with-libbsd), CloudABI 504 * RtlGenRandom on Windows XP / Server 2003 and later 505 * getrandom on Linux 3.17+ 506 In a way, that's still part of CVE-2016-5300. 507 https://github.com/libexpat/libexpat/pull/30/commits 508 [MOX-005] For the low quality entropy extraction fallback code, 509 the parser instance address can no longer leak, commit 510 04ad658bd3079dd15cb60fc67087900f0ff4b083 511 [MOX-003] Prevent use of uninitialised variable; commit 512 [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b 513 Add missing parameter validation to public API functions 514 and dedicated error code XML_ERROR_INVALID_ARGUMENT: 515 [MOX-006] * NULL checks; commits 516 * d37f74b2b7149a3a95a680c4c4cd2a451a51d60a (merge/many) 517 * 9ed727064b675b7180c98cb3d4f75efba6966681 518 * 6a747c837c50114dfa413994e07c0ba477be4534 519 * Negative length (XML_Parse); commit 520 [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f 521 [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash 522 to go further with fixing CVE-2012-0876. 523 https://github.com/libexpat/libexpat/pull/39/commits 524 525 Bug fixes: 526 #32 Fix sharing of hash salt across parsers; 527 relevant where XML_ExternalEntityParserCreate is called 528 prior to XML_Parse, in particular (e.g. FBReader) 529 #28 xmlwf: Auto-disable use of memory-mapping (and parsing 530 as a single chunk) for files larger than ~1 GB (2^30 bytes) 531 rather than failing with error "out of memory" 532 #3 Fix double free after malloc failure in DTD code; commit 533 7ae9c3d3af433cd4defe95234eae7dc8ed15637f 534 #17 Fix memory leak on parser error for unbound XML attribute 535 prefix with new namespaces defined in the same tag; 536 found by Google's OSS-Fuzz; commits 537 * 16f87daae5a16132e479e4f71862128c7a915c73 538 * b47dbc9745932c160893d433220e462bd605f8cd 539 xmlwf on Windows: Add missing calls to CloseHandle 540 541 New features: 542 #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1 543 for runtime debugging of entropy extraction 544 545 Other changes: 546 Increase code coverage 547 #33 Reject use of XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2; 548 XML_UNICODE_WCHAR_T was never meant to be used outside 549 of Windows; 4-byte wchar_t is common on Linux 550 (SF.net) #538 Start using -fno-strict-aliasing 551 (SF.net) #540 Support compilation against cloudlibc of CloudABI 552 Allow MinGW cross-compilation 553 (SF.net) #534 CMake: Introduce option "BUILD_doc" (enabled by default) 554 to bypass compilation of the xmlwf.1 man page 555 (SF.net) pr2 CMake: Introduce option "INSTALL" (enabled by default) 556 to bypass installation of expat files 557 CMake: Fix ninja support 558 Autotools: Add parameters --enable-xml-context [COUNT] 559 and --disable-xml-context; default of context of 1024 560 bytes enabled unchanged 561 #14 Drop AmigaOS 4.x code and includes 562 #14 Drop ancient build systems: 563 * Borland C++ Builder 564 * OpenVMS 565 * Open Watcom 566 * Visual Studio 6.0 567 * Pre-X Mac OS (MPW Makefile) 568 If you happen to rely on some of these, please get in 569 touch for joining with maintenance. 570 #10 Move from WIN32 to _WIN32 571 #13 Fix "make run-xmltest" order instability 572 Address compile warnings 573 Bump version info from 7:2:6 to 7:3:6 574 Add AUTHORS file 575 576 Infrastructure: 577 #1 Migrate from SourceForge to GitHub (except downloads): 578 https://github.com/libexpat/ 579 #1 Re-create http://libexpat.org/ project website 580 Start utilizing Travis CI 581 582 Special thanks to: 583 Andy Wang 584 Don Lewis 585 Ed Schouten 586 Karl Waclawek 587 Pascal Cuoq 588 Rhodri James 589 Sergei Nikulov 590 Tobias Taschner 591 Viktor Szakats 592 and 593 Core Infrastructure Initiative 594 Mozilla Foundation (MOSS Track 3: Secure Open Source) 595 Radically Open Security 596 597Release 2.2.0 Tue June 21 2016 598 Security fixes: 599 #537 CVE-2016-0718 -- Fix crash on malformed input 600 CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / 601 CVE-2015-2716 introduced with Expat 2.1.1 602 #499 CVE-2016-5300 -- Use more entropy for hash initialization 603 than the original fix to CVE-2012-0876 604 #519 CVE-2012-6702 -- Resolve troublesome internal call to srand 605 that was introduced with Expat 2.1.0 606 when addressing CVE-2012-0876 (issue #496) 607 608 Bug fixes: 609 Fix uninitialized reads of size 1 610 (e.g. in little2_updatePosition) 611 Fix detection of UTF-8 character boundaries 612 613 Other changes: 614 #532 Fix compilation for Visual Studio 2010 (keyword "C99") 615 Autotools: Resolve use of "$<" to better support bmake 616 Autotools: Add QA script "qa.sh" (and make target "qa") 617 Autotools: Respect CXXFLAGS if given 618 Autotools: Fix "make run-xmltest" 619 Autotools: Have "make run-xmltest" check for expected output 620 p90 CMake: Fix static build (BUILD_shared=OFF) on Windows 621 #536 CMake: Add soversion, support -DNO_SONAME=yes to bypass 622 #323 CMake: Add suffix "d" to differentiate debug from release 623 CMake: Define WIN32 with CMake on Windows 624 Annotate memory allocators for GCC 625 Address all currently known compile warnings 626 Make sure that API symbols remain visible despite 627 -fvisibility=hidden 628 Remove executable flag from source files 629 Resolve COMPILED_FROM_DSP in favor of WIN32 630 631 Special thanks to: 632 Björn Lindahl 633 Christian Heimes 634 Cristian Rodríguez 635 Daniel Krügler 636 Gustavo Grieco 637 Karl Waclawek 638 László Böszörményi 639 Marco Grassi 640 Pascal Cuoq 641 Sergei Nikulov 642 Thomas Beutlich 643 Warren Young 644 Yann Droneaud 645 646Release 2.1.1 Sat March 12 2016 647 Security fixes: 648 #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer 649 650 Bug fixes: 651 #502: Fix potential null pointer dereference 652 #520: Symbol XML_SetHashSalt was not exported 653 Output of "xmlwf -h" was incomplete 654 655 Other changes: 656 #503: Document behavior of calling XML_SetHashSalt with salt 0 657 Minor improvements to man page xmlwf(1) 658 Improvements to the experimental CMake build system 659 libtool now invoked with --verbose 660 661Release 2.1.0 Sat March 24 2012 662 - Security fixes: 663 #2958794: CVE-2012-1148 - Memory leak in poolGrow. 664 #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. 665 #3496608: CVE-2012-0876 - Hash DOS attack. 666 #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). 667 #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences. 668 - Bug Fixes: 669 #1742315: Harmful XML_ParserCreateNS suggestion. 670 #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. 671 #1983953, 2517952, 2517962, 2649838: 672 Build modifications using autoreconf instead of buildconf.sh. 673 #2815947, #2884086: OBJEXT and EXEEXT support while building. 674 #2517938: xmlwf should return non-zero exit status if not well-formed. 675 #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. 676 #2855609: Dangling positionPtr after error. 677 #2990652: CMake support. 678 #3010819: UNEXPECTED_STATE with a trailing "%" in entity value. 679 #3206497: Uninitialized memory returned from XML_Parse. 680 #3287849: make check fails on mingw-w64. 681 - Patches: 682 #1749198: pkg-config support. 683 #3010222: Fix for bug #3010819. 684 #3312568: CMake support. 685 #3446384: Report byte offsets for attr names and values. 686 - New Features / API changes: 687 Added new API member XML_SetHashSalt() that allows setting an initial 688 value (salt) for hash calculations. This is part of the fix for 689 bug #3496608 to randomize hash parameters. 690 When compiled with XML_ATTR_INFO defined, adds new API member 691 XML_GetAttributeInfo() that allows retrieving the byte 692 offsets for attribute names and values (patch #3446384). 693 Added CMake build system. 694 See bug #2990652 and patch #3312568. 695 Added run-benchmark target to Makefile.in - relies on testdata module 696 present in the same relative location as in the repository. 697 698Release 2.0.1 Tue June 5 2007 699 - Fixed bugs #1515266, #1515600: The character data handler's calling 700 of XML_StopParser() was not handled properly; if the parser was 701 stopped and the handler set to NULL, the parser would segfault. 702 - Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed 703 some character constants to be ASCII encoded. 704 - Minor cleanups of the test harness. 705 - Fixed xmlwf bug #1513566: "out of memory" error on file size zero. 706 - Fixed outline.c bug #1543233: missing a final XML_ParserFree() call. 707 - Fixes and improvements for Windows platform: 708 bugs #1409451, #1476160, #1548182, #1602769, #1717322. 709 - Build fixes for various platforms: 710 HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180. 711 All Unix: #1554618 (refreshed config.sub/config.guess). 712 #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT, 713 without relying on GNU-Make specific features. 714 #1647805: Patched configure.in to work better with Intel compiler. 715 - Fixes to Makefile.in to have make check work correctly: 716 bugs #1408143, #1535603, #1536684. 717 - Added Open Watcom support: patch #1523242. 718 719Release 2.0.0 Wed Jan 11 2006 720 - We no longer use the "check" library for C unit testing; we 721 always use the (partial) internal implementation of the API. 722 - Report XML_NS setting via XML_GetFeatureList(). 723 - Fixed headers for use from C++. 724 - XML_GetCurrentLineNumber() and XML_GetCurrentColumnNumber() 725 now return unsigned integers. 726 - Added XML_LARGE_SIZE switch to enable 64-bit integers for 727 byte indexes and line/column numbers. 728 - Updated to use libtool 1.5.22 (the most recent). 729 - Added support for AmigaOS. 730 - Some mostly minor bug fixes. SF issues include: #1006708, 731 #1021776, #1023646, #1114960, #1156398, #1221160, #1271642. 732 733Release 1.95.8 Fri Jul 23 2004 734 - Major new feature: suspend/resume. Handlers can now request 735 that a parse be suspended for later resumption or aborted 736 altogether. See "Temporarily Stopping Parsing" in the 737 documentation for more details. 738 - Some mostly minor bug fixes, but compilation should no 739 longer generate warnings on most platforms. SF issues 740 include: #827319, #840173, #846309, #888329, #896188, #923913, 741 #928113, #961698, #985192. 742 743Release 1.95.7 Mon Oct 20 2003 744 - Fixed enum XML_Status issue (reported on SourceForge many 745 times), so compilers that are properly picky will be happy. 746 - Introduced an XMLCALL macro to control the calling 747 convention used by the Expat API; this macro should be used 748 to annotate prototypes and definitions of callback 749 implementations in code compiled with a calling convention 750 other than the default convention for the host platform. 751 - Improved ability to build without the configure-generated 752 expat_config.h header. This is useful for applications 753 which embed Expat rather than linking in the library. 754 - Fixed a variety of bugs: see SF issues #458907, #609603, 755 #676844, #679754, #692878, #692964, #695401, #699323, #699487, 756 #820946. 757 - Improved hash table lookups. 758 - Added more regression tests and improved documentation. 759 760Release 1.95.6 Tue Jan 28 2003 761 - Added XML_FreeContentModel(). 762 - Added XML_MemMalloc(), XML_MemRealloc(), XML_MemFree(). 763 - Fixed a variety of bugs: see SF issues #615606, #616863, 764 #618199, #653180, #673791. 765 - Enhanced the regression test suite. 766 - Man page improvements: includes SF issue #632146. 767 768Release 1.95.5 Fri Sep 6 2002 769 - Added XML_UseForeignDTD() for improved SAX2 support. 770 - Added XML_GetFeatureList(). 771 - Defined XML_Bool type and the values XML_TRUE and XML_FALSE. 772 - Use an incomplete struct instead of a void* for the parser 773 (may not retain). 774 - Fixed UTF-8 decoding bug that caused legal UTF-8 to be rejected. 775 - Finally fixed bug where default handler would report DTD 776 events that were already handled by another handler. 777 Initial patch contributed by Darryl Miles. 778 - Removed unnecessary DllMain() function that caused static 779 linking into a DLL to be difficult. 780 - Added VC++ projects for building static libraries. 781 - Reduced line-length for all source code and headers to be 782 no longer than 80 characters, to help with AS/400 support. 783 - Reduced memory copying during parsing (SF patch #600964). 784 - Fixed a variety of bugs: see SF issues #580793, #434664, 785 #483514, #580503, #581069, #584041, #584183, #584832, #585537, 786 #596555, #596678, #598352, #598944, #599715, #600479, #600971. 787 788Release 1.95.4 Fri Jul 12 2002 789 - Added support for VMS, contributed by Craig Berry. See 790 vms/README.vms for more information. 791 - Added Mac OS (classic) support, with a makefile for MPW, 792 contributed by Thomas Wegner and Daryle Walker. 793 - Added Borland C++ Builder 5 / BCC 5.5 support, contributed 794 by Patrick McConnell (SF patch #538032). 795 - Fixed a variety of bugs: see SF issues #441449, #563184, 796 #564342, #566334, #566901, #569461, #570263, #575168, #579196. 797 - Made skippedEntityHandler conform to SAX2 (see source comment) 798 - Re-implemented WFC: Entity Declared from XML 1.0 spec and 799 added a new error "entity declared in parameter entity": 800 see SF bug report #569461 and SF patch #578161 801 - Re-implemented section 5.1 from XML 1.0 spec: 802 see SF bug report #570263 and SF patch #578161 803 804Release 1.95.3 Mon Jun 3 2002 805 - Added a project to the MSVC workspace to create a wchar_t 806 version of the library; the DLLs are named libexpatw.dll. 807 - Changed the name of the Windows DLLs from expat.dll to 808 libexpat.dll; this fixes SF bug #432456. 809 - Added the XML_ParserReset() API function. 810 - Fixed XML_SetReturnNSTriplet() to work for element names. 811 - Made the XML_UNICODE builds usable (thanks, Karl!). 812 - Allow xmlwf to read from standard input. 813 - Install a man page for xmlwf on Unix systems. 814 - Fixed many bugs; see SF bug reports #231864, #461380, #464837, 815 #466885, #469226, #477667, #484419, #487840, #494749, #496505, 816 #547350. Other bugs which we can't test as easily may also 817 have been fixed, especially in the area of build support. 818 819Release 1.95.2 Fri Jul 27 2001 820 - More changes to make MSVC happy with the build; add a single 821 workspace to support both the library and xmlwf application. 822 - Added a Windows installer for Windows users; includes 823 xmlwf.exe. 824 - Added compile-time constants that can be used to determine the 825 Expat version 826 - Removed a lot of GNU-specific dependencies to aide portability 827 among the various Unix flavors. 828 - Fix the UTF-8 BOM bug. 829 - Cleaned up warning messages for several compilers. 830 - Added the -Wall, -Wstrict-prototypes options for GCC. 831 832Release 1.95.1 Sun Oct 22 15:11:36 EDT 2000 833 - Changes to get expat to build under Microsoft compiler 834 - Removed all aborts and instead return an UNEXPECTED_STATE error. 835 - Fixed a bug where a stray '%' in an entity value would cause an 836 abort. 837 - Defined XML_SetEndNamespaceDeclHandler. Thanks to Darryl Miles for 838 finding this oversight. 839 - Changed default patterns in lib/Makefile.in to fit non-GNU makes 840 Thanks to robin@unrated.net for reporting and providing an 841 account to test on. 842 - The reference had the wrong label for XML_SetStartNamespaceDecl. 843 Reported by an anonymous user. 844 845Release 1.95.0 Fri Sep 29 2000 846 - XML_ParserCreate_MM 847 Allows you to set a memory management suite to replace the 848 standard malloc,realloc, and free. 849 - XML_SetReturnNSTriplet 850 If you turn this feature on when namespace processing is in 851 effect, then qualified, prefixed element and attribute names 852 are returned as "uri|name|prefix" where '|' is whatever 853 separator character is used in namespace processing. 854 - Merged in features from perl-expat 855 o XML_SetElementDeclHandler 856 o XML_SetAttlistDeclHandler 857 o XML_SetXmlDeclHandler 858 o XML_SetEntityDeclHandler 859 o StartDoctypeDeclHandler takes 3 additional parameters: 860 sysid, pubid, has_internal_subset 861 o Many paired handler setters (like XML_SetElementHandler) 862 now have corresponding individual handler setters 863 o XML_GetInputContext for getting the input context of 864 the current parse position. 865 - Added reference material 866 - Packaged into a distribution that builds a sharable library 867