We now use open_file similarly to open_file_wide, and activate the
workaround for MSVC 2005+ since that's when the _s versions were added
in the first place.
Function call arguments are stored in a list which is processed
recursively during optimize(). We now limit the depth of this construct
as well to make sure optimize() doesn't run out of stack space.
The default stack on MSVC/x64/debug is sufficient for 1692 nested
invocations only, whereas on clang/linux it's ~8K...
For now set the limit to be conservative.
XPath parser and execution engine isn't stackless; the depth of the
query controls the amount of C stack space required.
This change instruments places in the parser where the control flow can
recurse, requiring too much C stack space to produce an AST, or where a
stackless parse is used to produce arbitrarily deep AST which will
create issues for downstream processing.
As a result XPath parser should now be fuzz safe for malicious inputs.
In case of USE_POSTFIX, the POSTFIX is dependent
on the CMAKE_BUILD_TYPE.
Use the correct POSTFIX also in the generated pugixml.pc file.
This results in the following contents of pugixml.pc:
- Release:
Libs: -L${libdir} -lpugixml
- RelWithDebInfo
Libs: -L${libdir} -lpugixml_r
- MinSizeRel:
Libs: -L${libdir} -lpugixml_m
- Debug:
Libs: -L${libdir} -lpugixml_d
In some MSVC versions on x64 configurations, the hashing function
triggers this failure:
Run-Time Check Failure #1 - A cast to a smaller data type has caused a
loss of data. If this was intentional, you should mask the source of
the cast with the appropriate bitmask.
This is similar to the integer sanitizer - this code is valid C++ but
MSVC decides to warn about this nonetheless. Masking the pointer's low
32 bits fixes the issue.
Fixes#357.
pugixml currently unconditionally accepts documents with multiple
top-level element nodes in absence of parse_fragment. This is an
unfortunate omission; while it can be corrected, it will result in
regressions for some users, and it's trivial to perform the validity
check after the parse is done.
Because of this, for now we're just going to amend documentation here to
both highlight this in the W3C Conformance section, but also to more
strongly push users into realizing that there's just a single document
element (normally).
We might decide to change the behavior here to prohibit such documents
by default in the future, but for now a documentation change seems like
a better tradeoff.
Fixes#337
The old logic for BUILD_SHARED_LIBS and BUILD_SHARED_AND_STATIC_LIBS
would produce two targets with the same name and different build
rules. The Makefile generator tolerated this, but the Ninja generator
raised an error. Fix the logic so that only one shared and one static
target gets built, and make the pugixml target an ALIAS of the one
dictated by BUILD_SHARED_LIBS.
The loop traverses the source tree and simultaneously builds up a copy
of it at destination. Short of race conditions, this code is safe -
however, it's not obvious that dit stays inside the destination tree.
This change adds a few assertions to help enforce/document these
invariants. One particular subtlety is that dit can actually *become*
null after we exit out of the loop, but it's guaranteed to only do so
once sit goes back to sn.
This is only possible when doing a full document copy - for some reason
we weren't using this for that (in reset(xml_document)), but we are now.
Fixes#314.
We were previously relying on non-standard comment detection that is
supported by gcc/clang to avoid warnings about implicit fallthrough.
This can be solved using attributes but using them requires a lot of
compiler-specific detection logic because not all versions of gcc/clang
support them.
We don't *really* need to rely on fallthrough here - the type conversion
block can be located *after* the AST type switch instead, which means
that any AST type that has type ambiguity can fall back to that in the
future.
Fixes#331.
