0
0
mirror of https://github.com/zeux/pugixml.git synced 2024-12-27 13:33:17 +08:00

1698 Commits

Author SHA1 Message Date
Arseny Kapoulkine
8e5b8e0f46 XPath: Fix stack overflow in functions with long argument lists
Function call arguments are stored in a list which is processed
recursively during optimize(). We now limit the depth of this construct
as well to make sure optimize() doesn't run out of stack space.
2020-09-11 09:50:41 -07:00
Arseny Kapoulkine
a3fad540a7
Merge pull request #369 from zeux/xpath-rec
XPath: Restrict AST depth to prevent stack overflow
2020-09-10 09:53:25 -07:00
Arseny Kapoulkine
20aef1cd4b Fix stack overflow in tests on MSVC x64
The default stack on MSVC/x64/debug is sufficient for 1692 nested
invocations only, whereas on clang/linux it's ~8K...

For now set the limit to be conservative.
2020-09-10 09:11:46 -07:00
Arseny Kapoulkine
c7090e6c33 Fix tests in wchar mode 2020-09-10 01:07:48 -07:00
Arseny Kapoulkine
1f84db837b XPath: Restrict AST depth to prevent stack overflow
XPath parser and execution engine isn't stackless; the depth of the
query controls the amount of C stack space required.

This change instruments places in the parser where the control flow can
recurse, requiring too much C stack space to produce an AST, or where a
stackless parse is used to produce arbitrarily deep AST which will
create issues for downstream processing.

As a result XPath parser should now be fuzz safe for malicious inputs.
2020-09-10 00:55:26 -07:00
Lior Lahav
c258fba6f1 Replaced fopen and _wfopen deprecated functions with the safer fopen_s and _wfopen_s 2020-07-21 22:37:16 +03:00
Arseny Kapoulkine
22401bafaf
Merge pull request #363 from c72578/2020-07-15_Fix_pkgconfig_lib_postfix
Fix debug postfix in pkgconfig file
2020-07-15 14:05:14 -07:00
Wolfgang Stöggl
8b074b171f Fix debug postfix in pkgconfig file
In case of USE_POSTFIX, the POSTFIX is dependent
on the CMAKE_BUILD_TYPE.
Use the correct POSTFIX also in the generated pugixml.pc file.

This results in the following contents of pugixml.pc:
- Release:
  Libs: -L${libdir} -lpugixml
- RelWithDebInfo
  Libs: -L${libdir} -lpugixml_r
- MinSizeRel:
  Libs: -L${libdir} -lpugixml_m
- Debug:
  Libs: -L${libdir} -lpugixml_d
2020-07-15 21:59:05 +02:00
Arseny Kapoulkine
d58115e581
Merge pull request #360 from julianxhokaxhiu/patch-1
[Cmake] Static build should not export APIs
2020-07-06 09:22:06 -07:00
Arseny Kapoulkine
45271c9c9c
Merge pull request #361 from zeux/ps-stderr
Fix PowerShell errors on stderr
2020-07-06 09:21:46 -07:00
Arseny Kapoulkine
f08768d9bf Fix PowerShell errors on stderr
PS invocation of code coverage upload gets triggered because of stderr
output from curl with progress report when uploading coverage.
2020-07-06 08:32:24 -07:00
Julian Xhokaxhiu
5fdc78b66b
[Cmake] Static build should not export APIs
Fixes #359
2020-07-06 10:22:21 +02:00
Arseny Kapoulkine
23ca940487 Work around a false positive in MSVC debug runtime checker
In some MSVC versions on x64 configurations, the hashing function
triggers this failure:

Run-Time Check Failure #1 - A cast to a smaller data type has caused a
loss of data.  If this was intentional, you should mask the source of
the cast with the appropriate bitmask.

This is similar to the integer sanitizer - this code is valid C++ but
MSVC decides to warn about this nonetheless. Masking the pointer's low
32 bits fixes the issue.

Fixes #357.
2020-06-13 08:41:22 -07:00
Arseny Kapoulkine
a196b9b7e9
Merge pull request #353 from jhasse/nullptr-in-header
Use nullptr in pugixml.hpp if available, see #91
2020-05-11 10:26:05 -07:00
Jan Niklas Hasse
c2d90c49f9 Use nullptr in pugixml.hpp if available, see #91 2020-05-10 17:28:30 +02:00
Arseny Kapoulkine
f49d7acdfb Clarify the document element behavior.
pugixml currently unconditionally accepts documents with multiple
top-level element nodes in absence of parse_fragment. This is an
unfortunate omission; while it can be corrected, it will result in
regressions for some users, and it's trivial to perform the validity
check after the parse is done.

Because of this, for now we're just going to amend documentation here to
both highlight this in the W3C Conformance section, but also to more
strongly push users into realizing that there's just a single document
element (normally).

We might decide to change the behavior here to prohibit such documents
by default in the future, but for now a documentation change seems like
a better tradeoff.

Fixes #337
2020-05-02 09:47:34 -07:00
Arseny Kapoulkine
285776354d
Merge pull request #349 from KyleFromKitware/cmake-improvements
Various CMake improvements
2020-05-02 09:36:58 -07:00
Kyle Edwards
d272f11073 Export targets from build directory
This will allow projects to use pugixml from its build directory
rather than having to install it.
2020-04-27 16:02:56 -04:00
Arseny Kapoulkine
ef9cafa9ce
Merge pull request #348 from rip-nsk/source_and_header-only_linkage_options
Add "Include pugixml.cpp" and "Header Only" linkage options
2020-04-27 11:15:15 -07:00
Kyle Edwards
184e6ed916 Use COMPONENT arguments in install() commands 2020-04-27 13:47:58 -04:00
Kyle Edwards
8c74d8b198 Fix multiple-rules-for-target error
The old logic for BUILD_SHARED_LIBS and BUILD_SHARED_AND_STATIC_LIBS
would produce two targets with the same name and different build
rules. The Makefile generator tolerated this, but the Ninja generator
raised an error. Fix the logic so that only one shared and one static
target gets built, and make the pugixml target an ALIAS of the one
dictated by BUILD_SHARED_LIBS.
2020-04-27 13:47:58 -04:00
rip.nsk
ab86960e48 Add "Include pugixml.cpp" and "Header Only" linkage options 2020-04-24 17:56:46 -07:00
Arseny Kapoulkine
5e64076af9 Adjust node_copy_tree to be more explicit about invariants
The loop traverses the source tree and simultaneously builds up a copy
of it at destination. Short of race conditions, this code is safe -
however, it's not obvious that dit stays inside the destination tree.

This change adds a few assertions to help enforce/document these
invariants. One particular subtlety is that dit can actually *become*
null after we exit out of the loop, but it's guaranteed to only do so
once sit goes back to sn.

This is only possible when doing a full document copy - for some reason
we weren't using this for that (in reset(xml_document)), but we are now.

Fixes #314.
2020-02-19 21:02:33 -08:00
Arseny Kapoulkine
76c3914484 XPath: Remove the use of fallthrough switch cases
We were previously relying on non-standard comment detection that is
supported by gcc/clang to avoid warnings about implicit fallthrough.

This can be solved using attributes but using them requires a lot of
compiler-specific detection logic because not all versions of gcc/clang
support them.

We don't *really* need to rely on fallthrough here - the type conversion
block can be located *after* the AST type switch instead, which means
that any AST type that has type ambiguity can fall back to that in the
future.

Fixes #331.
2020-02-19 07:50:59 -08:00
Arseny Kapoulkine
6fbe927575
Merge pull request #330 from LocutusOfBorg/patch-2
Update CMakeLists.txt to rename the static and shared libraries to pugixml
2020-02-07 23:08:22 -08:00
Gianfranco Costamagna
2c24e90c23
Update CMakeLists.txt to rename the static and shared libraries to pugixml
Don't call them pugixml-shared or pugixml-static, because this breaks pkgconfig calls and userspace tools.
2020-02-07 14:55:25 +01:00
Arseny Kapoulkine
546cafefa3 XPath: Add a clarification comment for ast_variable fallthrough 2020-02-01 07:48:45 -08:00
Arseny Kapoulkine
85a39b955d tests: Add a dedicated test for XPath variable conversion
This makes sure all conversions work as expected (note that no type can
be converted to node set so we don't check that).
2020-02-01 07:44:14 -08:00
Arseny Kapoulkine
41b6ff21c4
Merge pull request #316 from BotellaA/patch-1
Add POSITION_INDEPENDENT_CODE option
2019-12-20 08:13:28 -08:00
Arnaud Botella
aa2e0909ac
Add POSITION_INDEPENDENT_CODE option
Allow to use the static library in other dynamic librairies. This is a standard cmake option https://cmake.org/cmake/help/v3.11/prop_tgt/POSITION_INDEPENDENT_CODE.html#prop_tgt:POSITION_INDEPENDENT_CODE
2019-12-06 17:25:37 +01:00
Arseny Kapoulkine
53a30c6571 Cleanup first_element_by_path
Instead of performing a late null check that is redundant and only
needed to silence clang static analysis warning, we pick the context as
a root / self node. This way the code is a bit less redundant and the
static analyzer is happy.
2019-12-03 21:23:15 -08:00
Arseny Kapoulkine
2e8631d2eb
Merge pull request #313 from valeriyvan/nulldereference
Fixing possible null pointer dereference
2019-12-03 21:17:28 -08:00
Valeriy Van
cda8623468 Fixing possible null pointer dereference 2019-12-02 15:02:54 +01:00
Arseny Kapoulkine
51d177e938
Merge pull request #310 from amlucas/master
explicit casts for -Wconversions warnings in gcc
2019-11-27 17:50:21 +01:00
Lucas Amoudruz
78e98c446d explicit casts for -Wconversions warnings in gcc 2019-11-27 15:56:05 +01:00
Arseny Kapoulkine
fe5460c6dc
Merge pull request #305 from slurps-mad-rips/modern-cmake
Fix incorrect installation location for exported CMake targets
2019-10-17 22:07:54 -07:00
Isabella Muerte
99ad261611 🐛 Fix incorrect installation location for exported CMake targets 2019-10-17 21:44:48 -07:00
Arseny Kapoulkine
40be014e48
Merge pull request #303 from slurps-mad-rips/modern-cmake
Fix install locations for pkgconfig *and* cmake
2019-10-06 15:45:55 -07:00
Isabella Muerte
6949232bbd 🐛 Fix install locations for pkgconfig *and* cmake 2019-10-06 13:08:01 -07:00
Arseny Kapoulkine
fdd618f13a
Merge pull request #302 from slurps-mad-rips/modern-cmake
Modernize CMake
2019-10-06 12:44:43 -07:00
Isabella Muerte
3df5036344 🔥 Remove commented out CMake code 2019-10-06 12:33:03 -07:00
Isabella Muerte
ad93a373ab Adjust MSVC runtime settings as requested.
The block of code can be removed in the future if CMake 3.15 ever
becomes the minimum
2019-10-01 10:20:30 -07:00
Isabella Muerte
8a0aac18ea Update check command to output text on failure
Move pugixml-config.cmake.in to scripts/ to prevent polluting the root
2019-09-30 22:00:04 -07:00
Isabella Muerte
1c5a0bb325 Update CMake to modern approach
New Features:

pugixml-shared and pugixml-static are "always" available, but not always
built. This allows downstream projects to still use them, and to make
sure our configurations are correct regardless of if they are being
built. They are not always installed however.

pugixml-shared and pugixml-static have ALIAS libraries of
pugixml::shared and pugixml::static respectively. These names are also
respected in the `find_package(pugixml CONFIG)` generated files, so its
safe to use pugixml in a CMake project regardless of whether it is
installed locally, or if its a subproject via `add_subdirectory`.

pugixml will automatically select the correct library type based on
BUILD_SHARED_LIBS. A pugixml::pugixml ALIAS is also available.

CMAKE_MSVC_RUNTIME_LIBRARY from CMake 3.15 has been backported.

CMake will now rely on generator expressions (a powerful abstraction in
large projects with many subdirectories) for most work. This offloads
work from the single-threaded configure stage to the multithreaded
generation stage.

pugixml now uses CTest as the runner.

Some settings are automatically disabled if pugixml is used as a
subdirectory. These are still able to be manually set, but are hidden
from folks who choose to use CMake GUI.
2019-09-28 13:02:55 -07:00
Isabella Muerte
195dfe1d8d 🚧 Begin moving pugixml to modern(ish) CMake
⬆️ Bump CMake minimum to 3.4
🐛 pugixml no longer requires a C compiler to be found or set to
compile correctly. This speeds up configuration and building on windows.
🚧 Begin laying groundwork to backport MSVC_RUNTIME_LIBRARY
property
2019-09-28 10:47:15 -07:00
Tuan Anh Tran
b9b2aeecaf Custom precision (#300)
Fixes #285
2019-09-22 08:42:41 -07:00
Arseny Kapoulkine
6934b123d4 Move pugixml.rc to scripts/
This keeps src/ folder clean of auxiliary files only required for
special builds; note that CMakeLists.txt already depends on scripts/
(specifically for pkgconfig setup).
2019-09-21 09:21:13 -07:00
lady mesh
6fb765ca9d Add: Windows DLL version info header (#298)
Closes #294
2019-09-19 07:27:40 -07:00
Arseny Kapoulkine
6202519ca6 tests: Add memory safety tests for remove_children/attributes
The newly added tests make sure that during node/attribute destruction
we deallocate a few memory pages; this makes sure that we don't read
node data after it's being destroyed.

Also clean up formatting/style in the remove_* implementation a bit.
2019-09-17 20:34:40 -07:00
Tuan Anh Tran
fd7326fb91 feat: add remove_attributes() and remove_children() (#296)
These functions remove all attributes / child nodes in bulk which is faster than removing them one at a time.
2019-09-17 20:18:41 -07:00