1 __ __ _ 2 ___\ \/ /_ __ __ _| |_ 3 / _ \\ /| '_ \ / _` | __| 4 | __// \| |_) | (_| | |_ 5 \___/_/\_\ .__/ \__,_|\__| 6 |_| XML parser 7 8!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 9!! <blink>Expat is UNDERSTAFFED and WITHOUT FUNDING.</blink> !! 10!! ~~~~~~~~~~~~ !! 11!! The following topics need *additional skilled C developers* to progress !! 12!! in a timely manner or at all (loosely ordered by descending priority): !! 13!! !! 14!! - teaming up on researching and fixing future security reports and !! 15!! ClusterFuzz findings with few-days-max response times in communication !! 16!! in order to (1) have a sound fix ready before the end of a 90 days !! 17!! grace period and (2) in a sustainable manner, !! 18!! - helping CPython Expat bindings with supporting Expat's amplification !! 19!! attack protection API (https://github.com/python/cpython/issues/90949): !! 20!! - XML_SetAllocTrackerActivationThreshold !! 21!! - XML_SetAllocTrackerMaximumAmplification !! 22!! - XML_SetBillionLaughsAttackProtectionActivationThreshold !! 23!! - XML_SetBillionLaughsAttackProtectionMaximumAmplification !! 24!! - helping Perl's XML::Parser Expat bindings with supporting Expat's !! 25!! security API (https://github.com/cpan-authors/XML-Parser/issues/102): !! 26!! - XML_SetAllocTrackerActivationThreshold !! 27!! - XML_SetAllocTrackerMaximumAmplification !! 28!! - XML_SetBillionLaughsAttackProtectionActivationThreshold !! 29!! - XML_SetBillionLaughsAttackProtectionMaximumAmplification !! 30!! - XML_SetReparseDeferralEnabled !! 31!! - implementing and auto-testing XML 1.0r5 support !! 32!! (needs discussion before pull requests), !! 33!! - smart ideas on fixing the Autotools CMake files generation issue !! 34!! without breaking CI (needs discussion before pull requests), !! 35!! - pushing migration from `int` to `size_t` further !! 36!! including edge-cases test coverage (needs discussion before anything). !! 37!! !! 38!! For details, please reach out via e-mail to sebastian@pipping.org so we !! 39!! can schedule a voice call on the topic, in English or German. !! 40!! !! 41!! THANK YOU! Sebastian Pipping -- Berlin, 2024-03-09 !! 42!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 43 44Release 2.7.3 Wed September 24 2025 45 Security fixes: 46 #1046 #1048 Fix alignment of internal allocations for some non-amd64 47 architectures (e.g. sparc32); fixes up on the fix to 48 CVE-2025-59375 from #1034 (of Expat 2.7.2 and related 49 backports) 50 #1059 Fix a class of false positives where input should have been 51 rejected with error XML_ERROR_ASYNC_ENTITY; regression from 52 CVE-2024-8176 fix pull request #973 (of Expat 2.7.0 and 53 related backports). Please check the added unit tests for 54 example documents. 55 56 Other changes: 57 #1043 Prove and regression-proof absence of integer overflow 58 from function expat_realloc 59 #1062 Remove "harmless" cast that truncated a size_t to unsigned 60 #1049 Autotools: Remove "ln -s" discovery 61 #1054 docs: Be consistent with use of floating point around 62 XML_SetAllocTrackerMaximumAmplification 63 #1056 docs: Make it explicit that XML_GetCurrentColumnNumber 64 starts at 0 65 #1057 docs: Better integrate the effect of the activation 66 thresholds 67 #1058 docs: Fix an in-comment typo in expat.h 68 #1045 docs: Fix a typo in README.md 69 #1041 docs: Improve change log of release 2.7.2 70 #1053 xmlwf: Resolve use of functions XML_GetErrorLineNumber 71 and XML_GetErrorColumnNumber 72 #1032 Windows: Normalize .bat files to CRLF line endings 73 #1060 #1061 Version info bumped from 12:0:11 (libexpat*.so.1.11.0) 74 to 12:1:11 (libexpat*.so.1.11.1); see https://verbump.de/ 75 for what these numbers do 76 77 Infrastructure: 78 #1047 #1050 CI: Cleanup UndefinedBehaviorSanitizer fatality 79 #1044 CI|Linux: Stop aborting at first job failure 80 #1052 CI|FreeBSD: Upgrade to FreeBSD 15.0 81 #1039 CI|FreeBSD: Do not install CMake meta-package 82 83 Special thanks to: 84 Bénédikt Tran 85 Berkay Eren Ürün 86 Daniel Engberg 87 Hanno Böck 88 Matthew Fernandez 89 Rolf Eike Beer 90 Sam James 91 Tim Bray 92 and 93 Clang/GCC UndefinedBehaviorSanitizer 94 OSS-Fuzz / ClusterFuzz 95 Z3 Theorem Prover 96 97Release 2.7.2 Tue September 16 2025 98 Security fixes: 99 #1018 #1034 CVE-2025-59375 -- Disallow use of disproportional amounts of 100 dynamic memory from within an Expat parser (e.g. previously 101 a ~250 KiB sized document was able to cause allocation of 102 ~800 MiB from the heap, i.e. an "amplification" of factor 103 ~3,300); once a threshold (that defaults to 64 MiB) is 104 reached, a maximum amplification factor (that defaults to 105 100.0) is enforced, and violating documents are rejected 106 with an out-of-memory error. 107 There are two new API functions to fine-tune this new 108 behavior: 109 - XML_SetAllocTrackerActivationThreshold 110 - XML_SetAllocTrackerMaximumAmplification . 111 If you ever need to increase these defaults for non-attack 112 XML payload, please file a bug report with libexpat. 113 There is also a new environment variable 114 EXPAT_MALLOC_DEBUG=(0|1|2) to control the verbosity 115 of allocations debugging at runtime, disabled by default. 116 Known impact is (reliable and easy) denial of service: 117 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C 118 (Base Score: 7.5, Temporal Score: 7.2) 119 Please note that a layer of compression around XML can 120 significantly reduce the minimum attack payload size. 121 Distributors intending to backport (or cherry-pick) the 122 fix need to copy 99% of the related pull request, not just 123 the "lib: Implement tracking of dynamic memory allocations" 124 commit, to not end up with a state that literally does both 125 too much and too little at the same time. Appending ".diff" 126 to the pull request URL could be of help. 127 128 Other changes: 129 #1008 #1017 Autotools|macOS: Sync CMake templates with CMake 3.31 130 #1007 CMake: Drop support for CMake <3.15 131 #1004 CMake: Fix off_t detection for -Werror 132 #1007 CMake|Windows: Fix -DEXPAT_MSVC_STATIC_CRT=ON 133 #1013 Windows: Drop support for Visual Studio <=16.0/2019 134 #1026 xmlwf: Mention supported environment variables in 135 --help output 136 #1024 xmlwf: Fix (internal) help generator 137 #1034 docs: Promote the contract to call function 138 XML_FreeContentModel when registering a custom 139 element declaration handler (via a call to function 140 XML_SetElementDeclHandler) 141 #1027 docs: Add missing <p>..</p> wrap 142 #994 docs: Drop AppVeyor badge 143 #1000 tests: Fix portable_strndup 144 #1036 Drop casts around malloc/free/realloc that C99 does not need 145 #1010 Replace empty for loops with while loops 146 #1011 Add const with internal XmlInitUnknownEncodingNS 147 #14 #1037 Drop an OpenVMS support leftover 148 #999 #1001 Address more clang-tidy warnings 149 #1030 #1038 Version info bumped from 11:2:10 (libexpat*.so.1.10.2) 150 to 12:0:11 (libexpat*.so.1.11.0); see https://verbump.de/ 151 for what these numbers do 152 153 Infrastructure: 154 #1003 CI: Cover compilation on FreeBSD 155 #1009 #1035 CI: Upgrade Clang from 19 to 21 156 #1031 CI: Make calling Cppcheck without --suppress=objectIndex 157 and --suppress=unknownMacro possible 158 #1013 CI|Windows: Get off of deprecated image "windows-2019" 159 #1008 #1017 .. 160 #1023 #1025 CI: Adapt to breaking changes in GitHub Actions 161 162 Special thanks to: 163 Alexander Bluhm 164 Neil Pang 165 Theo Buehler 166 and 167 GNU Time 168 OSS-Fuzz / ClusterFuzz 169 Perl XML::Parser 170 171Release 2.7.1 Thu March 27 2025 172 Bug fixes: 173 #980 #989 Restore event pointer behavior from Expat 2.6.4 174 (that the fix to CVE-2024-8176 changed in 2.7.0); 175 affected API functions are: 176 - XML_GetCurrentByteCount 177 - XML_GetCurrentByteIndex 178 - XML_GetCurrentColumnNumber 179 - XML_GetCurrentLineNumber 180 - XML_GetInputContext 181 182 Other changes: 183 #976 #977 Autotools: Integrate files "fuzz/xml_lpm_fuzzer.{cpp,proto}" 184 with Automake that were missing from 2.7.0 release tarballs 185 #983 #984 Fix printf format specifiers for 32bit Emscripten 186 #992 docs: Promote OpenSSF Best Practices self-certification 187 #978 tests/benchmark: Resolve mistaken double close 188 #986 Address Frama-C warnings 189 #990 #993 Version info bumped from 11:1:10 (libexpat*.so.1.10.1) 190 to 11:2:10 (libexpat*.so.1.10.2); see https://verbump.de/ 191 for what these numbers do 192 193 Infrastructure: 194 #982 CI: Start running Perl XML::Parser integration tests 195 #987 CI: Enforce Clang Static Analyzer clean code 196 #991 CI: Re-enable warning clang-analyzer-valist.Uninitialized 197 for clang-tidy 198 #981 CI: Cover compilation with musl 199 #983 #984 CI: Cover compilation with 32bit Emscripten 200 #976 #977 CI: Protect against fuzzer files missing from future 201 release archives 202 203 Special thanks to: 204 Berkay Eren Ürün 205 Matthew Fernandez 206 and 207 Perl XML::Parser 208 209Release 2.7.0 Thu March 13 2025 210 Security fixes: 211 #893 #973 CVE-2024-8176 -- Fix crash from chaining a large number 212 of entities caused by stack overflow by resolving use of 213 recursion, for all three uses of entities: 214 - general entities in character data ("<e>&g1;</e>") 215 - general entities in attribute values ("<e k1='&g1;'/>") 216 - parameter entities ("%p1;") 217 Known impact is (reliable and easy) denial of service: 218 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:O/RC:C 219 (Base Score: 7.5, Temporal Score: 7.2) 220 Please note that a layer of compression around XML can 221 significantly reduce the minimum attack payload size. 222 223 Other changes: 224 #935 #937 Autotools: Make generated CMake files look for 225 libexpat.@SO_MAJOR@.dylib on macOS 226 #925 Autotools: Sync CMake templates with CMake 3.29 227 #945 #962 #966 CMake: Drop support for CMake <3.13 228 #942 CMake: Small fuzzing related improvements 229 #921 docs: Add missing documentation of error code 230 XML_ERROR_NOT_STARTED that was introduced with 2.6.4 231 #941 docs: Document need for C++11 compiler for use from C++ 232 #959 tests/benchmark: Fix a (harmless) TOCTTOU 233 #944 Windows: Fix installer target location of file xmlwf.xml 234 for CMake 235 #953 Windows: Address warning -Wunknown-warning-option 236 about -Wno-pedantic-ms-format from LLVM MinGW 237 #971 Address Cppcheck warnings 238 #969 #970 Mass-migrate links from http:// to https:// 239 #947 #958 .. 240 #974 #975 Document changes since the previous release 241 #974 #975 Version info bumped from 11:0:10 (libexpat*.so.1.10.0) 242 to 11:1:10 (libexpat*.so.1.10.1); see https://verbump.de/ 243 for what these numbers do 244 245 Infrastructure: 246 #926 tests: Increase robustness 247 #927 #932 .. 248 #930 #933 tests: Increase test coverage 249 #617 #950 .. 250 #951 #952 .. 251 #954 #955 .. Fuzzing: Add new fuzzer "xml_lpm_fuzzer" based on 252 #961 Google's libprotobuf-mutator ("LPM") 253 #957 Fuzzing|CI: Start producing fuzzing code coverage reports 254 #936 CI: Pass -q -q for LCOV >=2.1 in coverage.sh 255 #942 CI: Small fuzzing related improvements 256 #139 #203 .. 257 #791 #946 CI: Make GitHub Actions build using MSVC on Windows and 258 produce 32bit and 64bit Windows binaries 259 #956 CI: Get off of about-to-be-removed Ubuntu 20.04 260 #960 #964 CI: Start uploading to Coverity Scan for static analysis 261 #972 CI: Stop loading DTD from the internet to address flaky CI 262 #971 CI: Adapt to breaking changes in Cppcheck 263 264 Special thanks to: 265 Alexander Gieringer 266 Berkay Eren Ürün 267 Hanno Böck 268 Jann Horn 269 Mark Brand 270 Sebastian Andrzej Siewior 271 Snild Dolkow 272 Thomas Pröll 273 Tomas Korbar 274 valord577 275 and 276 Google Project Zero 277 Linutronix 278 Red Hat 279 Siemens 280 281Release 2.6.4 Wed November 6 2024 282 Security fixes: 283 #915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser 284 from a NULL pointer dereference by disallowing function 285 XML_StopParser to (stop or) suspend an unstarted parser. 286 A new error code XML_ERROR_NOT_STARTED was introduced to 287 properly communicate this situation. // CWE-476 CWE-754 288 289 Other changes: 290 #903 CMake: Add alias target "expat::expat" 291 #905 docs: Document use via CMake >=3.18 with FetchContent 292 and SOURCE_SUBDIR and its consequences 293 #902 tests: Reduce use of global parser instance 294 #904 tests: Resolve duplicate handler 295 #317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903) 296 #914 Fix signedness of format strings 297 #915 For use from C++, expat.h started requiring C++11 due to 298 use of C99 features 299 #919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3) 300 to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/ 301 for what these numbers do 302 303 Infrastructure: 304 #907 CI: Upgrade Clang from 18 to 19 305 #913 CI: Drop macos-12 and add macos-15 306 #910 CI: Adapt to breaking changes in GitHub Actions 307 #898 Add missing entries to .gitignore 308 309 Special thanks to: 310 Hanno Böck 311 José Eduardo Gutiérrez Conejo 312 José Ricardo Cardona Quesada 313 314Release 2.6.3 Wed September 4 2024 315 Security fixes: 316 #887 #890 CVE-2024-45490 -- Calling function XML_ParseBuffer with 317 len < 0 without noticing and then calling XML_GetBuffer 318 will have XML_ParseBuffer fail to recognize the problem 319 and XML_GetBuffer corrupt memory. 320 With the fix, XML_ParseBuffer now complains with error 321 XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse 322 has been doing since Expat 2.2.1, and now documented. 323 Impact is denial of service to potentially artitrary code 324 execution. 325 #888 #891 CVE-2024-45491 -- Internal function dtdCopy can have an 326 integer overflow for nDefaultAtts on 32-bit platforms 327 (where UINT_MAX equals SIZE_MAX). 328 Impact is denial of service to potentially artitrary code 329 execution. 330 #889 #892 CVE-2024-45492 -- Internal function nextScaffoldPart can 331 have an integer overflow for m_groupSize on 32-bit 332 platforms (where UINT_MAX equals SIZE_MAX). 333 Impact is denial of service to potentially artitrary code 334 execution. 335 336 Other changes: 337 #851 #879 Autotools: Sync CMake templates with CMake 3.28 338 #853 Autotools: Always provide path to find(1) for portability 339 #861 Autotools: Ensure that the m4 directory always exists. 340 #870 Autotools: Simplify handling of SIZEOF_VOID_P 341 #869 Autotools: Support non-GNU sed 342 #856 Autotools|CMake: Fix main() to main(void) 343 #865 Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM 344 #863 Autotools|CMake: Stop requiring dos2unix 345 #854 #855 CMake: Fix check for symbols size_t and off_t 346 #864 docs|tests: Convert README to Markdown and update 347 #741 Windows: Drop support for Visual Studio <=15.0/2017 348 #886 Drop needless XML_DTD guards around is_param access 349 #885 Fix typo in a code comment 350 #894 #896 Version info bumped from 10:2:9 (libexpat*.so.1.9.2) 351 to 10:3:9 (libexpat*.so.1.9.3); see https://verbump.de/ 352 for what these numbers do 353 354 Infrastructure: 355 #880 Readme: Promote the call for help 356 #868 CI: Fix various issues 357 #849 CI: Allow triggering GitHub Actions workflows manually 358 #851 #872 .. 359 #873 #879 CI: Adapt to breaking changes in GitHub Actions 360 361 Special thanks to: 362 Alexander Bluhm 363 Berkay Eren Ürün 364 Dag-Erling Smørgrav 365 Ferenc Géczi 366 TaiYou 367 368Release 2.6.2 Wed March 13 2024 369 Security fixes: 370 #839 #842 CVE-2024-28757 -- Prevent billion laughs attacks with 371 isolated use of external parsers. Please see the commit 372 message of commit 1d50b80cf31de87750103656f6eb693746854aa8 373 for details. 374 375 Bug fixes: 376 #839 #841 Reject direct parameter entity recursion 377 and avoid the related undefined behavior 378 379 Other changes: 380 #847 Autotools: Fix build for DOCBOOK_TO_MAN containing spaces 381 #837 Add missing #821 and #824 to 2.6.1 change log 382 #838 #843 Version info bumped from 10:1:9 (libexpat*.so.1.9.1) 383 to 10:2:9 (libexpat*.so.1.9.2); see https://verbump.de/ 384 for what these numbers do 385 386 Special thanks to: 387 Philippe Antoine 388 Tomas Korbar 389 and 390 Clang UndefinedBehaviorSanitizer 391 OSS-Fuzz / ClusterFuzz 392 393Release 2.6.1 Thu February 29 2024 394 Bug fixes: 395 #817 Make tests independent of CPU speed, and thus more robust 396 #828 #836 Expose billion laughs API with XML_DTD defined and 397 XML_GE undefined, regression from 2.6.0 398 399 Other changes: 400 #829 Hide test-only code behind new internal macro 401 #833 Autotools: Reject expat_config.h.in defining SIZEOF_VOID_P 402 #821 #824 Autotools: Fix "make clean" for case: 403 ./configure --without-docbook && make clean all 404 #819 Address compiler warnings 405 #832 #834 Version info bumped from 10:0:9 (libexpat*.so.1.9.0) 406 to 10:1:9 (libexpat*.so.1.9.1); see https://verbump.de/ 407 for what these numbers do 408 409 Infrastructure: 410 #818 CI: Adapt to breaking changes in clang-format 411 412 Special thanks to: 413 David Hall 414 Snild Dolkow 415 416Release 2.6.0 Tue February 6 2024 417 Security fixes: 418 #789 #814 CVE-2023-52425 -- Fix quadratic runtime issues with big tokens 419 that can cause denial of service, in partial where 420 dealing with compressed XML input. Applications 421 that parsed a document in one go -- a single call to 422 functions XML_Parse or XML_ParseBuffer -- were not affected. 423 The smaller the chunks/buffers you use for parsing 424 previously, the bigger the problem prior to the fix. 425 Backporters should be careful to no omit parts of 426 pull request #789 and to include earlier pull request #771, 427 in order to not break the fix. 428 #777 CVE-2023-52426 -- Fix billion laughs attacks for users 429 compiling *without* XML_DTD defined (which is not common). 430 Users with XML_DTD defined have been protected since 431 Expat >=2.4.0 (and that was CVE-2013-0340 back then). 432 433 Bug fixes: 434 #753 Fix parse-size-dependent "invalid token" error for 435 external entities that start with a byte order mark 436 #780 Fix NULL pointer dereference in setContext via 437 XML_ExternalEntityParserCreate for compilation with 438 XML_DTD undefined 439 #812 #813 Protect against closing entities out of order 440 441 Other changes: 442 #723 Improve support for arc4random/arc4random_buf 443 #771 #788 Improve buffer growth in XML_GetBuffer and XML_Parse 444 #761 #770 xmlwf: Support --help and --version 445 #759 #770 xmlwf: Support custom buffer size for XML_GetBuffer and read 446 #744 xmlwf: Improve language and URL clickability in help output 447 #673 examples: Add new example "element_declarations.c" 448 #764 Be stricter about macro XML_CONTEXT_BYTES at build time 449 #765 Make inclusion to expat_config.h consistent 450 #726 #727 Autotools: configure.ac: Support --disable-maintainer-mode 451 #678 #705 .. 452 #706 #733 #792 Autotools: Sync CMake templates with CMake 3.26 453 #795 Autotools: Make installation of shipped man page doc/xmlwf.1 454 independent of docbook2man availability 455 #815 Autotools|CMake: Add missing -DXML_STATIC to pkg-config file 456 section "Cflags.private" in order to fix compilation 457 against static libexpat using pkg-config on Windows 458 #724 #751 Autotools|CMake: Require a C99 compiler 459 (a de-facto requirement already since Expat 2.2.2 of 2017) 460 #793 Autotools|CMake: Fix PACKAGE_BUGREPORT variable 461 #750 #786 Autotools|CMake: Make test suite require a C++11 compiler 462 #749 CMake: Require CMake >=3.5.0 463 #672 CMake: Lowercase off_t and size_t to help a bug in Meson 464 #746 CMake: Sort xmlwf sources alphabetically 465 #785 CMake|Windows: Fix generation of DLL file version info 466 #790 CMake: Build tests/benchmark/benchmark.c as well for 467 a build with -DEXPAT_BUILD_TESTS=ON 468 #745 #757 docs: Document the importance of isFinal + adjust tests 469 accordingly 470 #736 docs: Improve use of "NULL" and "null" 471 #713 docs: Be specific about version of XML (XML 1.0r4) 472 and version of C (C99); (XML 1.0r5 will need a sponsor.) 473 #762 docs: reference.html: Promote function XML_ParseBuffer more 474 #779 docs: reference.html: Add HTML anchors to XML_* macros 475 #760 docs: reference.html: Upgrade to OK.css 1.2.0 476 #763 #739 docs: Fix typos 477 #696 docs|CI: Use HTTPS URLs instead of HTTP at various places 478 #669 #670 .. 479 #692 #703 .. 480 #733 #772 Address compiler warnings 481 #798 #800 Address clang-tidy warnings 482 #775 #776 Version info bumped from 9:10:8 (libexpat*.so.1.8.10) 483 to 10:0:9 (libexpat*.so.1.9.0); see https://verbump.de/ 484 for what these numbers do 485 486 Infrastructure: 487 #700 #701 docs: Document security policy in file SECURITY.md 488 #766 docs: Improve parse buffer variables in-code documentation 489 #674 #738 .. 490 #740 #747 .. 491 #748 #781 #782 Refactor coverage and conformance tests 492 #714 #716 Refactor debug level variables to unsigned long 493 #671 Improve handling of empty environment variable value 494 in function getDebugLevel (without visible user effect) 495 #755 #774 .. 496 #758 #783 .. 497 #784 #787 tests: Improve test coverage with regard to parse chunk size 498 #660 #797 #801 Fuzzing: Improve fuzzing coverage 499 #367 #799 Fuzzing|CI: Start running OSS-Fuzz fuzzing regression tests 500 #698 #721 CI: Resolve some Travis CI leftovers 501 #669 CI: Be robust towards absence of Git tags 502 #693 #694 CI: Set permissions to "contents: read" for security 503 #709 CI: Pin all GitHub Actions to specific commits for security 504 #739 CI: Reject spelling errors using codespell 505 #798 CI: Enforce clang-tidy clean code 506 #773 #808 .. 507 #809 #810 CI: Upgrade Clang from 15 to 18 508 #796 CI: Start using Clang's Control Flow Integrity sanitizer 509 #675 #720 #722 CI: Adapt to breaking changes in GitHub Actions Ubuntu images 510 #689 CI: Adapt to breaking changes in Clang/LLVM Debian packaging 511 #763 CI: Adapt to breaking changes in codespell 512 #803 CI: Adapt to breaking changes in Cppcheck 513 514 Special thanks to: 515 Ivan Galkin 516 Joyce Brum 517 Philippe Antoine 518 Rhodri James 519 Snild Dolkow 520 spookyahell 521 Steven Garske 522 and 523 Clang AddressSanitizer 524 Clang UndefinedBehaviorSanitizer 525 codespell 526 GCC Farm Project 527 OSS-Fuzz 528 Sony Mobile 529 530Release 2.5.0 Tue October 25 2022 531 Security fixes: 532 #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager 533 destruction of a shared DTD in function 534 XML_ExternalEntityParserCreate in out-of-memory situations. 535 Expected impact is denial of service or potentially 536 arbitrary code execution. 537 538 Bug fixes: 539 #612 #645 Fix corruption from undefined entities 540 #613 #654 Fix case when parsing was suspended while processing nested 541 entities 542 #616 #652 #653 Stop leaking opening tag bindings after a closing tag 543 mismatch error where a parser is reset through 544 XML_ParserReset and then reused to parse 545 #656 CMake: Fix generation of pkg-config file 546 #658 MinGW|CMake: Fix static library name 547 548 Other changes: 549 #663 Protect header expat_config.h from multiple inclusion 550 #666 examples: Make use of XML_GetBuffer and be more 551 consistent across examples 552 #648 Address compiler warnings 553 #667 #668 Version info bumped from 9:9:8 to 9:10:8; 554 see https://verbump.de/ for what these numbers do 555 556 Special thanks to: 557 Jann Horn 558 Mark Brand 559 Osyotr 560 Rhodri James 561 and 562 Google Project Zero 563 564Release 2.4.9 Tue September 20 2022 565 Security fixes: 566 #629 #640 CVE-2022-40674 -- Heap use-after-free vulnerability in 567 function doContent. Expected impact is denial of service 568 or potentially arbitrary code execution. 569 570 Bug fixes: 571 #634 MinGW: Fix mis-compilation for -D__USE_MINGW_ANSI_STDIO=0 572 #614 docs: Fix documentation on effect of switch XML_DTD on 573 symbol visibility in doc/reference.html 574 575 Other changes: 576 #638 MinGW: Make fix-xmltest-log.sh drop more Wine bug output 577 #596 #625 Autotools: Sync CMake templates with CMake 3.22 578 #608 CMake: Migrate from use of CMAKE_*_POSTFIX to 579 dedicated variables EXPAT_*_POSTFIX to stop affecting 580 other projects 581 #597 #599 Windows|CMake: Add missing -DXML_STATIC to test runners 582 and fuzzers 583 #512 #621 Windows|CMake: Render .def file from a template to fix 584 linking with -DEXPAT_DTD=OFF and/or -DEXPAT_ATTR_INFO=ON 585 #611 #621 MinGW|CMake: Apply MSVC .def file when linking 586 #622 #624 MinGW|CMake: Sync library name with GNU Autotools, 587 i.e. produce libexpat-1.dll rather than libexpat.dll 588 by default. Filename libexpat.dll.a is unaffected. 589 #632 MinGW|CMake: Set missing variable CMAKE_RC_COMPILER in 590 toolchain file "cmake/mingw-toolchain.cmake" to avoid 591 error "windres: Command not found" on e.g. Ubuntu 20.04 592 #597 #627 CMake: Unify inconsistent use of set() and option() in 593 context of public build time options to take need for 594 set(.. FORCE) in projects using Expat by means of 595 add_subdirectory(..) off Expat's users' shoulders 596 #626 #641 Stop exporting API symbols when building a static library 597 #644 Resolve use of deprecated "fgrep" by "grep -F" 598 #620 CMake: Make documentation on variables a bit more consistent 599 #636 CMake: Drop leading whitespace from a #cmakedefine line in 600 file expat_config.h.cmake 601 #594 xmlwf: Fix harmless variable mix-up in function nsattcmp 602 #592 #593 #610 Address Cppcheck warnings 603 #643 Address Clang 15 compiler warnings 604 #642 #644 Version info bumped from 9:8:8 to 9:9:8; 605 see https://verbump.de/ for what these numbers do 606 607 Infrastructure: 608 #597 #598 CI: Windows: Start covering MSVC 2022 609 #619 CI: macOS: Migrate off deprecated macOS 10.15 610 #632 CI: Linux: Make migration off deprecated Ubuntu 18.04 work 611 #643 CI: Upgrade Clang from 14 to 15 612 #637 apply-clang-format.sh: Add support for BSD find 613 #633 coverage.sh: Exclude MinGW headers 614 #635 coverage.sh: Fix name collision for -funsigned-char 615 616 Special thanks to: 617 David Faure 618 Felix Wilhelm 619 Frank Bergmann 620 Rhodri James 621 Rosen Penev 622 Thijs Schreijer 623 Vincent Torri 624 and 625 Google Project Zero 626 627Release 2.4.8 Mon March 28 2022 628 Other changes: 629 #587 pkg-config: Move "-lm" to section "Libs.private" 630 #587 CMake|MSVC: Fix pkg-config section "Libs" 631 #55 #582 CMake|macOS: Start using linker arguments 632 "-compatibility_version <version>" and 633 "-current_version <version>" in a way compatible with 634 GNU Libtool 635 #590 #591 Version info bumped from 9:7:8 to 9:8:8; 636 see https://verbump.de/ for what these numbers do 637 638 Infrastructure: 639 #589 CI: Upgrade Clang from 13 to 14 640 641 Special thanks to: 642 evpobr 643 Kai Pastor 644 Sam James 645 646Release 2.4.7 Fri March 4 2022 647 Bug fixes: 648 #572 #577 Relax fix to CVE-2022-25236 (introduced with release 2.4.5) 649 with regard to all valid URI characters (RFC 3986), 650 i.e. the following set (excluding whitespace): 651 ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz 652 0123456789 % -._~ :/?#[]@ !$&'()*+,;= 653 654 Other changes: 655 #555 #570 #581 CMake|Windows: Store Expat version in the DLL 656 #577 Document consequences of namespace separator choices not just 657 in doc/reference.html but also in header <expat.h> 658 #577 Document Expat's lack of validation of namespace URIs against 659 RFC 3986, and that the XML 1.0r4 specification doesn't 660 require Expat to validate namespace URIs, and that Expat 661 may do more in that regard in future releases. 662 If you find need for strict RFC 3986 URI validation on 663 application level today, https://uriparser.github.io/ may 664 be of interest. 665 #579 Fix documentation of XML_EndDoctypeDeclHandler in <expat.h> 666 #575 Document that a call to XML_FreeContentModel can be done at 667 a later time from outside the element declaration handler 668 #574 Make hardcoded namespace URIs easier to find in code 669 #573 Update documentation on use of XML_POOR_ENTOPY on Solaris 670 #569 #571 tests: Resolve use of macros NAN and INFINITY for GNU G++ 671 4.8.2 on Solaris. 672 #578 #580 Version info bumped from 9:6:8 to 9:7:8; 673 see https://verbump.de/ for what these numbers do 674 675 Special thanks to: 676 Jeffrey Walton 677 Johnny Jazeix 678 Thijs Schreijer 679 680Release 2.4.6 Sun February 20 2022 681 Bug fixes: 682 #566 Fix a regression introduced by the fix for CVE-2022-25313 683 in release 2.4.5 that affects applications that (1) 684 call function XML_SetElementDeclHandler and (2) are 685 parsing XML that contains nested element declarations 686 (e.g. "<!ELEMENT junk ((bar|foo|xyz+), zebra*)>"). 687 688 Other changes: 689 #567 #568 Version info bumped from 9:5:8 to 9:6:8; 690 see https://verbump.de/ for what these numbers do 691 692 Special thanks to: 693 Matt Sergeant 694 Samanta Navarro 695 Sergei Trofimovich 696 and 697 NixOS 698 Perl XML::Parser 699 700Release 2.4.5 Fri February 18 2022 701 Security fixes: 702 #562 CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8 703 sequences (e.g. from start tag names) to the XML 704 processing application on top of Expat can cause 705 arbitrary damage (e.g. code execution) depending 706 on how invalid UTF-8 is handled inside the XML 707 processor; validation was not their job but Expat's. 708 Exploits with code execution are known to exist. 709 #561 CVE-2022-25236 -- Passing (one or more) namespace separator 710 characters in "xmlns[:prefix]" attribute values 711 made Expat send malformed tag names to the XML 712 processor on top of Expat which can cause 713 arbitrary damage (e.g. code execution) depending 714 on such unexpectable cases are handled inside the XML 715 processor; validation was not their job but Expat's. 716 Exploits with code execution are known to exist. 717 #558 CVE-2022-25313 -- Fix stack exhaustion in doctype parsing 718 that could be triggered by e.g. a 2 megabytes 719 file with a large number of opening braces. 720 Expected impact is denial of service or potentially 721 arbitrary code execution. 722 #560 CVE-2022-25314 -- Fix integer overflow in function copyString; 723 only affects the encoding name parameter at parser creation 724 time which is often hardcoded (rather than user input), 725 takes a value in the gigabytes to trigger, and a 64-bit 726 machine. Expected impact is denial of service. 727 #559 CVE-2022-25315 -- Fix integer overflow in function storeRawNames; 728 needs input in the gigabytes and a 64-bit machine. 729 Expected impact is denial of service or potentially 730 arbitrary code execution. 731 732 Other changes: 733 #557 #564 Version info bumped from 9:4:8 to 9:5:8; 734 see https://verbump.de/ for what these numbers do 735 736 Special thanks to: 737 Ivan Fratric 738 Samanta Navarro 739 and 740 Google Project Zero 741 JetBrains 742 743Release 2.4.4 Sun January 30 2022 744 Security fixes: 745 #550 CVE-2022-23852 -- Fix signed integer overflow 746 (undefined behavior) in function XML_GetBuffer 747 (that is also called by function XML_Parse internally) 748 for when XML_CONTEXT_BYTES is defined to >0 (which is both 749 common and default). 750 Impact is denial of service or more. 751 #551 CVE-2022-23990 -- Fix unsigned integer overflow in function 752 doProlog triggered by large content in element type 753 declarations when there is an element declaration handler 754 present (from a prior call to XML_SetElementDeclHandler). 755 Impact is denial of service or more. 756 757 Bug fixes: 758 #544 #545 xmlwf: Fix a memory leak on output file opening error 759 760 Other changes: 761 #546 Autotools: Fix broken CMake support under Cygwin 762 #554 Windows: Add missing files to the installer to fix 763 compilation with CMake from installed sources 764 #552 #554 Version info bumped from 9:3:8 to 9:4:8; 765 see https://verbump.de/ for what these numbers do 766 767 Special thanks to: 768 Carlo Bramini 769 hwt0415 770 Roland Illig 771 Samanta Navarro 772 and 773 Clang LeakSan and the Clang team 774 775Release 2.4.3 Sun January 16 2022 776 Security fixes: 777 #531 #534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places 778 resulting in 779 a) realloc acting as free 780 b) realloc allocating too few bytes 781 c) undefined behavior 782 depending on architecture and precise value 783 for XML documents with >=2^27+1 prefixed attributes 784 on a single XML tag a la 785 "<r xmlns:a='[..]' a:a123='[..]' [..] />" 786 where XML_ParserCreateNS is used to create the parser 787 (which needs argument "-n" when running xmlwf). 788 Impact is denial of service, or more. 789 #532 #538 CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow 790 on variable m_groupSize in function doProlog leading 791 to realloc acting as free. 792 Impact is denial of service or more. 793 #539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows 794 near memory allocation at multiple places. Mitre assigned 795 a dedicated CVE for each involved internal C function: 796 - CVE-2022-22822 for function addBinding 797 - CVE-2022-22823 for function build_model 798 - CVE-2022-22824 for function defineAttribute 799 - CVE-2022-22825 for function lookup 800 - CVE-2022-22826 for function nextScaffoldPart 801 - CVE-2022-22827 for function storeAtts 802 Impact is denial of service or more. 803 804 Other changes: 805 #535 CMake: Make call to file(GENERATE [..]) work for CMake <3.19 806 #541 Autotools|CMake: MinGW: Make run.sh(.in) work for Cygwin 807 and MSYS2 by not going through Wine on these platforms 808 #527 #528 Address compiler warnings 809 #533 #543 Version info bumped from 9:2:8 to 9:3:8; 810 see https://verbump.de/ for what these numbers do 811 812 Infrastructure: 813 #536 CI: Check for realistic minimum CMake version 814 #529 #539 CI: Cover compilation with -m32 815 #529 CI: Store coverage reports as artifacts for download 816 #528 CI: Upgrade Clang from 11 to 13 817 818 Special thanks to: 819 An anonymous whitehat 820 Christopher Degawa 821 J. Peter Mugaas 822 Tyson Smith 823 and 824 GCC Farm Project 825 Trend Micro Zero Day Initiative 826 827Release 2.4.2 Sun December 19 2021 828 Other changes: 829 #509 #510 Link againgst libm for function "isnan" 830 #513 #514 Include expat_config.h as early as possible 831 #498 Autotools: Include files with release archives: 832 - buildconf.sh 833 - fuzz/*.c 834 #507 #519 Autotools: Sync CMake templates with CMake 3.20 835 #495 #524 CMake: MinGW: Fix pkg-config section "Libs" for 836 - non-release build types (e.g. -DCMAKE_BUILD_TYPE=Debug) 837 - multi-config CMake generators (e.g. Ninja Multi-Config) 838 #502 #503 docs: Document that function XML_GetBuffer may return NULL 839 when asking for a buffer of 0 (zero) bytes size 840 #522 #523 docs: Fix return value docs for both 841 XML_SetBillionLaughsAttackProtection* functions 842 #525 #526 Version info bumped from 9:1:8 to 9:2:8; 843 see https://verbump.de/ for what these numbers do 844 845 Special thanks to: 846 Donghee Na 847 Joergen Ibsen 848 Kai Pastor 849 850Release 2.4.1 Sun May 23 2021 851 Bug fixes: 852 #488 #490 Autotools: Fix installed header expat_config.h for multilib 853 systems; regression introduced in 2.4.0 by pull request #486 854 855 Other changes: 856 #491 #492 Version info bumped from 9:0:8 to 9:1:8; 857 see https://verbump.de/ for what these numbers do 858 859 Special thanks to: 860 Gentoo's QA check "multilib_check_headers" 861 862Release 2.4.0 Sun May 23 2021 863 Security fixes: 864 #34 #466 #484 CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks 865 (denial-of-service; flavors targeting CPU time or RAM or both, 866 leveraging general entities or parameter entities or both) 867 by tracking and limiting the input amplification factor 868 (<amplification> := (<direct> + <indirect>) / <direct>). 869 By conservative default, amplification up to a factor of 100.0 870 is tolerated and rejection only starts after 8 MiB of output bytes 871 (=<direct> + <indirect>) have been processed. 872 The fix adds the following to the API: 873 - A new error code XML_ERROR_AMPLIFICATION_LIMIT_BREACH to 874 signals this specific condition. 875 - Two new API functions .. 876 - XML_SetBillionLaughsAttackProtectionMaximumAmplification and 877 - XML_SetBillionLaughsAttackProtectionActivationThreshold 878 .. to further tighten billion laughs protection parameters 879 when desired. Please see file "doc/reference.html" for details. 880 If you ever need to increase the defaults for non-attack XML 881 payload, please file a bug report with libexpat. 882 - Two new XML_FEATURE_* constants .. 883 - that can be queried using the XML_GetFeatureList function, and 884 - that are shown in "xmlwf -v" output. 885 - Two new environment variable switches .. 886 - EXPAT_ACCOUNTING_DEBUG=(0|1|2|3) and 887 - EXPAT_ENTITY_DEBUG=(0|1) 888 .. for runtime debugging of accounting and entity processing. 889 Specific behavior of these values may change in the future. 890 - Two new command line arguments "-a FACTOR" and "-b BYTES" 891 for xmlwf to further tighten billion laughs protection 892 parameters when desired. 893 If you ever need to increase the defaults for non-attack XML 894 payload, please file a bug report with libexpat. 895 896 Bug fixes: 897 #332 #470 For (non-default) compilation with -DEXPAT_MIN_SIZE=ON (CMake) 898 or CPPFLAGS=-DXML_MIN_SIZE (GNU Autotools): Fix segfault 899 for UTF-16 payloads containing CDATA sections. 900 #485 #486 Autotools: Fix generated CMake files for non-64bit and 901 non-Linux platforms (e.g. macOS and MinGW in particular) 902 that were introduced with release 2.3.0 903 904 Other changes: 905 #468 #469 xmlwf: Improve help output and the xmlwf man page 906 #463 xmlwf: Improve maintainability through some refactoring 907 #477 xmlwf: Fix man page DocBook validity 908 #456 Autotools: Sync CMake templates with CMake 3.18 909 #458 #459 CMake: Support absolute paths for both CMAKE_INSTALL_LIBDIR 910 and CMAKE_INSTALL_INCLUDEDIR 911 #471 #481 CMake: Add support for standard variable BUILD_SHARED_LIBS 912 #457 Unexpose symbol _INTERNAL_trim_to_complete_utf8_characters 913 #467 Resolve macro HAVE_EXPAT_CONFIG_H 914 #472 Delete unused legacy helper file "conftools/PrintPath" 915 #473 #483 Improve attribution 916 #464 #465 #477 doc/reference.html: Fix XHTML validity 917 #475 #478 doc/reference.html: Replace the 90s look by OK.css 918 #479 Version info bumped from 8:0:7 to 9:0:8 919 due to addition of new symbols and error codes; 920 see https://verbump.de/ for what these numbers do 921 922 Infrastructure: 923 #456 CI: Enable periodic runs 924 #457 CI: Start covering the list of exported symbols 925 #474 CI: Isolate coverage task 926 #476 #482 CI: Adapt to breaking changes in image "ubuntu-18.04" 927 #477 CI: Cover well-formedness and DocBook/XHTML validity 928 of doc/reference.html and doc/xmlwf.xml 929 930 Special thanks to: 931 Dimitry Andric 932 Eero Helenius 933 Nick Wellnhofer 934 Rhodri James 935 Tomas Korbar 936 Yury Gribov 937 and 938 Clang LeakSan 939 JetBrains 940 OSS-Fuzz 941 942Release 2.3.0 Thu March 25 2021 943 Bug fixes: 944 #438 When calling XML_ParseBuffer without a prior successful call to 945 XML_GetBuffer as a user, no longer trigger undefined behavior 946 (by adding an integer to a NULL pointer) but rather return 947 XML_STATUS_ERROR and set the error code to (new) code 948 XML_ERROR_NO_BUFFER. Found by UBSan (UndefinedBehaviorSanitizer) 949 of Clang 11 (but not Clang 9). 950 #444 xmlwf: Exit status 2 was used for both: 951 - malformed input files (documented) and 952 - invalid command-line arguments (undocumented). 953 The case of invalid command-line arguments now 954 has its own exit status 4, resolving the ambiguity. 955 956 Other changes: 957 #439 xmlwf: Add argument -k to allow continuing after 958 non-fatal errors 959 #439 xmlwf: Add section about exit status to the -h help output 960 #422 #426 #447 Windows: Drop support for Visual Studio <=14.0/2015 961 #434 Windows: CMake: Detect unsupported Visual Studio at 962 configure time (rather than at compile time) 963 #382 #428 testrunner: Make verbose mode (argument "-v") report 964 about passed tests, and make default mode report about 965 failures, as well. 966 #442 CMake: Call "enable_language(CXX)" prior to tinkering 967 with CMAKE_CXX_* variables 968 #448 Document use of libexpat from a CMake-based project 969 #451 Autotools: Install CMake files as generated by CMake 3.19.6 970 so that users with "find_package(expat [..] CONFIG [..])" 971 are served on distributions that are *not* using the CMake 972 build system inside for libexpat packaging 973 #436 #437 Autotools: Drop obsolescent macro AC_HEADER_STDC 974 #450 #452 Autotools: Resolve use of obsolete macro AC_CONFIG_HEADER 975 #441 Address compiler warnings 976 #443 Version info bumped from 7:12:6 to 8:0:7 977 due to addition of error code XML_ERROR_NO_BUFFER 978 (see https://verbump.de/ for what these numbers do) 979 980 Infrastructure: 981 #435 #446 Replace Travis CI by GitHub Actions 982 983 Special thanks to: 984 Alexander Richardson 985 Oleksandr Popovych 986 Thomas Beutlich 987 Tim Bray 988 and 989 Clang LeakSan, Clang 11 UBSan and the Clang team 990 991Release 2.2.10 Sat October 3 2020 992 Bug fixes: 993 #390 #395 #398 Fix undefined behavior during parsing caused by 994 pointer arithmetic with NULL pointers 995 #404 #405 Fix reading uninitialized variable during parsing 996 #406 xmlwf: Add missing check for malloc NULL return 997 998 Other changes: 999 #396 Windows: Drop support for Visual Studio <=8.0/2005 1000 #409 Windows: Add missing file "Changes" to the installer 1001 to fix compilation with CMake from installed sources 1002 #403 xmlwf: Document exit codes in xmlwf manpage and 1003 exit with code 3 (rather than code 1) for output errors 1004 when used with "-d DIRECTORY" 1005 #356 #359 MinGW: Provide declaration of rand_s for mingwrt <5.3.0 1006 #383 #392 Autotools: Use -Werror while configure tests the compiler 1007 for supported compile flags to avoid false positives 1008 #383 #393 #394 Autotools: Improve handling of user (C|CPP|CXX|LD)FLAGS, 1009 e.g. ensure that they have the last word over flags added 1010 while running ./configure 1011 #360 CMake: Create libexpatw.{dll,so} and expatw.pc (with emphasis 1012 on suffix "w") with -DEXPAT_CHAR_TYPE=(ushort|wchar_t) 1013 #360 CMake: Detect and deny unsupported build combinations 1014 involving -DEXPAT_CHAR_TYPE=(ushort|wchar_t) 1015 #360 CMake: Install pre-compiled shipped xmlwf.1 manpage in case 1016 of -DEXPAT_BUILD_DOCS=OFF 1017 #375 #380 #419 CMake: Fix use of Expat by means of add_subdirectory 1018 #407 #408 CMake: Keep expat target name constant at "expat" 1019 (i.e. refrain from using the target name to control 1020 build artifact filenames) 1021 #385 CMake: Fix compilation with -DEXPAT_SHARED_LIBS=OFF for 1022 Windows 1023 CMake: Expose man page compilation as target "xmlwf-manpage" 1024 #413 #414 CMake: Introduce option EXPAT_BUILD_PKGCONFIG 1025 to control generation of pkg-config file "expat.pc" 1026 #424 CMake: Add minimalistic support for building binary packages 1027 with CMake target "package"; based on CPack 1028 #366 CMake: Add option -DEXPAT_OSSFUZZ_BUILD=(ON|OFF) with 1029 default OFF to build fuzzer code against OSS-Fuzz and 1030 related environment variable LIB_FUZZING_ENGINE 1031 #354 Fix testsuite for -DEXPAT_DTD=OFF and -DEXPAT_NS=OFF, each 1032 #354 #355 .. 1033 #356 #412 Address compiler warnings 1034 #368 #369 Address pngcheck warnings with doc/*.png images 1035 #425 Version info bumped from 7:11:6 to 7:12:6 1036 1037 Special thanks to: 1038 asavah 1039 Ben Wagner 1040 Bhargava Shastry 1041 Frank Landgraf 1042 Jeffrey Walton 1043 Joe Orton 1044 Kleber Tarcísio 1045 Ma Lin 1046 Maciej Sroczyński 1047 Mohammed Khajapasha 1048 Vadim Zeitlin 1049 and 1050 Cppcheck 2.0 and the Cppcheck team 1051 1052Release 2.2.9 Wed September 25 2019 1053 Other changes: 1054 examples: Drop executable bits from elements.c 1055 #349 Windows: Change the name of the Windows DLLs from expat*.dll 1056 to libexpat*.dll once more (regression from 2.2.8, first 1057 fixed in 1.95.3, issue #61 on SourceForge today, 1058 was issue #432456 back then); needs a fix due 1059 case-insensitive file systems on Windows and the fact that 1060 Perl's XML::Parser::Expat compiles into Expat.dll. 1061 #347 Windows: Only define _CRT_RAND_S if not defined 1062 Version info bumped from 7:10:6 to 7:11:6 1063 1064 Special thanks to: 1065 Ben Wagner 1066 1067Release 2.2.8 Fri September 13 2019 1068 Security fixes: 1069 #317 #318 CVE-2019-15903 -- Fix heap overflow triggered by 1070 XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber), 1071 and deny internal entities closing the doctype; 1072 fixed in commit c20b758c332d9a13afbbb276d30db1d183a85d43 1073 1074 Bug fixes: 1075 #240 Fix cases where XML_StopParser did not have any effect 1076 when called from inside of an end element handler 1077 #341 xmlwf: Fix exit code for operation without "-d DIRECTORY"; 1078 previously, only "-d DIRECTORY" would give you a proper 1079 exit code: 1080 # xmlwf -d . <<<'<not well-formed>' 2>/dev/null ; echo $? 1081 2 1082 # xmlwf <<<'<not well-formed>' 2>/dev/null ; echo $? 1083 0 1084 Now both cases return exit code 2. 1085 1086 Other changes: 1087 #299 #302 Windows: Replace LoadLibrary hack to access 1088 unofficial API function SystemFunction036 (RtlGenRandom) 1089 by using official API function rand_s (needs WinXP+) 1090 #325 Windows: Drop support for Visual Studio <=7.1/2003 1091 and document supported compilers in README.md 1092 #286 Windows: Remove COM code from xmlwf; in case it turns 1093 out needed later, there will be a dedicated repository 1094 below https://github.com/libexpat/ for that code 1095 #322 Windows: Remove explicit MSVC solution and project files. 1096 You can generate Visual Studio solution files through 1097 CMake, e.g.: cmake -G"Visual Studio 15 2017" . 1098 #338 xmlwf: Make "xmlwf -h" help output more friendly 1099 #339 examples: Improve elements.c 1100 #244 #264 Autotools: Add argument --enable-xml-attr-info 1101 #239 #301 Autotools: Add arguments 1102 --with-getrandom 1103 --without-getrandom 1104 --with-sys-getrandom 1105 --without-sys-getrandom 1106 #312 #343 Autotools: Fix linking issues with "./configure LD=clang" 1107 Autotools: Fix "make run-xmltest" for out-of-source builds 1108 #329 #336 CMake: Pull all options from Expat <=2.2.7 into namespace 1109 prefix EXPAT_ with the exception of DOCBOOK_TO_MAN: 1110 - BUILD_doc -> EXPAT_BUILD_DOCS (plural) 1111 - BUILD_examples -> EXPAT_BUILD_EXAMPLES 1112 - BUILD_shared -> EXPAT_SHARED_LIBS 1113 - BUILD_tests -> EXPAT_BUILD_TESTS 1114 - BUILD_tools -> EXPAT_BUILD_TOOLS 1115 - DOCBOOK_TO_MAN -> DOCBOOK_TO_MAN (unchanged) 1116 - INSTALL -> EXPAT_ENABLE_INSTALL 1117 - MSVC_USE_STATIC_CRT -> EXPAT_MSVC_STATIC_CRT 1118 - USE_libbsd -> EXPAT_WITH_LIBBSD 1119 - WARNINGS_AS_ERRORS -> EXPAT_WARNINGS_AS_ERRORS 1120 - XML_CONTEXT_BYTES -> EXPAT_CONTEXT_BYTES 1121 - XML_DEV_URANDOM -> EXPAT_DEV_URANDOM 1122 - XML_DTD -> EXPAT_DTD 1123 - XML_NS -> EXPAT_NS 1124 - XML_UNICODE -> EXPAT_CHAR_TYPE=ushort (!) 1125 - XML_UNICODE_WCHAR_T -> EXPAT_CHAR_TYPE=wchar_t (!) 1126 #244 #264 CMake: Add argument -DEXPAT_ATTR_INFO=(ON|OFF), 1127 default OFF 1128 #326 CMake: Add argument -DEXPAT_LARGE_SIZE=(ON|OFF), 1129 default OFF 1130 #328 CMake: Add argument -DEXPAT_MIN_SIZE=(ON|OFF), 1131 default OFF 1132 #239 #277 CMake: Add arguments 1133 -DEXPAT_WITH_GETRANDOM=(ON|OFF|AUTO), default AUTO 1134 -DEXPAT_WITH_SYS_GETRANDOM=(ON|OFF|AUTO), default AUTO 1135 #326 CMake: Install expat_config.h to include directory 1136 #326 CMake: Generate and install configuration files for 1137 future find_package(expat [..] CONFIG [..]) 1138 CMake: Now produces a summary of applied configuration 1139 CMake: Require C++ compiler only when tests are enabled 1140 #330 CMake: Fix compilation for 16bit character types, 1141 i.e. ex -DXML_UNICODE=ON (and ex -DXML_UNICODE_WCHAR_T=ON) 1142 #265 CMake: Fix linking with MinGW 1143 #330 CMake: Add full support for MinGW; to enable, use 1144 -DCMAKE_TOOLCHAIN_FILE=[expat]/cmake/mingw-toolchain.cmake 1145 #330 CMake: Port "make run-xmltest" from GNU Autotools to CMake 1146 #316 CMake: Windows: Make binary postfix match MSVC 1147 Old: expat[d].lib 1148 New: expat[w][d][MD|MT].lib 1149 CMake: Migrate files from Windows to Unix line endings 1150 #308 CMake: Integrate OSS-Fuzz fuzzers, option 1151 -DEXPAT_BUILD_FUZZERS=(ON|OFF), default OFF 1152 #14 Drop an OpenVMS support leftover 1153 #235 #268 .. 1154 #270 #310 .. 1155 #313 #331 #333 Address compiler warnings 1156 #282 #283 .. 1157 #284 #285 Address cppcheck warnings 1158 #294 #295 Address Clang Static Analyzer warnings 1159 #24 #293 Mass-apply clang-format 9 (and ensure conformance during CI) 1160 Version info bumped from 7:9:6 to 7:10:6 1161 1162 Special thanks to: 1163 David Loffredo 1164 Joonun Jang 1165 Kishore Kunche 1166 Marco Maggi 1167 Mitch Phillips 1168 Mohammed Khajapasha 1169 Rolf Ade 1170 xantares 1171 Zhongyuan Zhou 1172 1173Release 2.2.7 Wed June 19 2019 1174 Security fixes: 1175 #186 #262 CVE-2018-20843 -- Fix extraction of namespace prefixes from 1176 XML names; XML names with multiple colons could end up in 1177 the wrong namespace, and take a high amount of RAM and CPU 1178 resources while processing, opening the door to 1179 use for denial-of-service attacks 1180 1181 Other changes: 1182 #195 #197 Autotools/CMake: Utilize -fvisibility=hidden to stop 1183 exporting non-API symbols 1184 #227 Autotools: Add --without-examples and --without-tests 1185 #228 Autotools: Modernize configure.ac 1186 #245 #246 Autotools: Fix check for -fvisibility=hidden for Clang 1187 #247 #248 Autotools: Fix compilation for lack of docbook2x-man 1188 #236 #258 Autotools: Produce .tar.{gz,lz,xz} release archives 1189 #212 CMake: Make libdir of pkgconfig expat.pc support multilib 1190 #158 #263 CMake: Build man page in PROJECT_BINARY_DIR not _SOURCE_DIR 1191 #219 Remove fallback to bcopy, assume that memmove(3) exists 1192 #257 Use portable "/usr/bin/env bash" shebang (e.g. for OpenBSD) 1193 #243 Windows: Fix syntax of .def module definition files 1194 Version info bumped from 7:8:6 to 7:9:6 1195 1196 Special thanks to: 1197 Benjamin Peterson 1198 Caolán McNamara 1199 Hanno Böck 1200 KangLin 1201 Kishore Kunche 1202 Marco Maggi 1203 Rhodri James 1204 Sebastian Dröge 1205 userwithuid 1206 Yury Gribov 1207 1208Release 2.2.6 Sun August 12 2018 1209 Bug fixes: 1210 #170 #206 Avoid doing arithmetic with NULL pointers in XML_GetBuffer 1211 #204 #205 Fix 2.2.5 regression with suspend-resume while parsing 1212 a document like '<root/>' 1213 1214 Other changes: 1215 #165 #168 Autotools: Fix docbook-related configure syntax error 1216 #166 Autotools: Avoid grep option `-q` for Solaris 1217 #167 Autotools: Support 1218 ./configure DOCBOOK_TO_MAN="xmlto man --skip-validation" 1219 #159 #167 Autotools: Support DOCBOOK_TO_MAN command which produces 1220 xmlwf.1 rather than XMLWF.1; also covers case insensitive 1221 file systems 1222 #181 Autotools: Drop -rpath option passed to libtool 1223 #188 Autotools: Detect and deny SGML docbook2man as ours is XML 1224 #188 Autotools/CMake: Support command db2x_docbook2man as well 1225 #174 CMake: Introduce option WARNINGS_AS_ERRORS, defaults to OFF 1226 #184 #185 CMake: Introduce option MSVC_USE_STATIC_CRT, defaults to OFF 1227 #207 #208 CMake: Introduce option XML_UNICODE and XML_UNICODE_WCHAR_T, 1228 both defaulting to OFF 1229 #175 CMake: Prefer check_symbol_exists over check_function_exists 1230 #176 CMake: Create the same pkg-config file as with GNU Autotools 1231 #178 #179 CMake: Use GNUInstallDirs module to set proper defaults for 1232 install directories 1233 #208 CMake: Utilize expat_config.h.cmake for XML_DEV_URANDOM 1234 #180 Windows: Fix compilation of test suite for Visual Studio 2008 1235 #131 #173 #202 Address compiler warnings 1236 #187 #190 #200 Fix miscellaneous typos 1237 Version info bumped from 7:7:6 to 7:8:6 1238 1239 Special thanks to: 1240 Anton Maklakov 1241 Benjamin Peterson 1242 Brad King 1243 Franek Korta 1244 Frank Rast 1245 Joe Orton 1246 luzpaz 1247 Pedro Vicente 1248 Rainer Jung 1249 Rhodri James 1250 Rolf Ade 1251 Rolf Eike Beer 1252 Thomas Beutlich 1253 Tomasz Kłoczko 1254 1255Release 2.2.5 Tue October 31 2017 1256 Bug fixes: 1257 #8 If the parser runs out of memory, make sure its internal 1258 state reflects the memory it actually has, not the memory 1259 it wanted to have. 1260 #11 The default handler wasn't being called when it should for 1261 a SYSTEM or PUBLIC doctype if an entity declaration handler 1262 was registered. 1263 #137 #138 Fix a case of mistakenly reported parsing success where 1264 XML_StopParser was called from an element handler 1265 #162 Function XML_ErrorString was returning NULL rather than 1266 a message for code XML_ERROR_INVALID_ARGUMENT 1267 introduced with release 2.2.1 1268 1269 Other changes: 1270 #106 xmlwf: Add argument -N adding notation declarations 1271 #75 #106 Test suite: Resolve expected failure cases where xmlwf 1272 output was incomplete 1273 #127 Windows: Fix test suite compilation 1274 #126 #127 Windows: Fix compilation for Visual Studio 2012 1275 Windows: Upgrade shipped project files to Visual Studio 2017 1276 #33 #132 tests: Mass-fix compilation for XML_UNICODE_WCHAR_T 1277 #129 examples: Fix compilation for XML_UNICODE_WCHAR_T 1278 #130 benchmark: Fix compilation for XML_UNICODE_WCHAR_T 1279 #144 xmlwf: Fix compilation for XML_UNICODE_WCHAR_T; still needs 1280 Windows or MinGW for 2-byte wchar_t 1281 #9 Address two Clang Static Analyzer false positives 1282 #59 Resolve troublesome macros hiding parser struct membership 1283 and dereferencing that pointer 1284 #6 Resolve superfluous internal malloc/realloc switch 1285 #153 #155 Improve docbook2x-man detection 1286 #160 Undefine NDEBUG in the test suite (rather than rejecting it) 1287 #161 Address compiler warnings 1288 Version info bumped from 7:6:6 to 7:7:6 1289 1290 Special thanks to: 1291 Benbuck Nason 1292 Hans Wennborg 1293 José Gutiérrez de la Concha 1294 Pedro Monreal Gonzalez 1295 Rhodri James 1296 Rolf Ade 1297 Stephen Groat 1298 and 1299 Core Infrastructure Initiative 1300 1301Release 2.2.4 Sat August 19 2017 1302 Bug fixes: 1303 #115 Fix copying of partial characters for UTF-8 input 1304 1305 Other changes: 1306 #109 Fix "make check" for non-x86 architectures that default 1307 to unsigned type char (-128..127 rather than 0..255) 1308 #109 coverage.sh: Cover -funsigned-char 1309 Autotools: Introduce --without-xmlwf argument 1310 #65 Autotools: Replace handwritten Makefile with GNU Automake 1311 #43 CMake: Auto-detect high quality entropy extractors, add new 1312 option USE_libbsd=ON to use arc4random_buf of libbsd 1313 #74 CMake: Add -fno-strict-aliasing only where supported 1314 #114 CMake: Always honor manually set BUILD_* options 1315 #114 CMake: Compile man page if docbook2x-man is available, only 1316 #117 Include file tests/xmltest.log.expected in source tarball 1317 (required for "make run-xmltest") 1318 #117 Include (existing) Visual Studio 2013 files in source tarball 1319 Improve test suite error output 1320 #111 Fix some typos in documentation 1321 Version info bumped from 7:5:6 to 7:6:6 1322 1323 Special thanks to: 1324 Jakub Wilk 1325 Joe Orton 1326 Lin Tian 1327 Rolf Eike Beer 1328 1329Release 2.2.3 Wed August 2 2017 1330 Security fixes: 1331 #82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability 1332 using Steve Holme's LoadLibrary wrapper for/of cURL 1333 1334 Bug fixes: 1335 #85 Fix a dangling pointer issue related to realloc 1336 1337 Other changes: 1338 Increase code coverage 1339 #91 Linux: Allow getrandom to fail if nonblocking pool has not 1340 yet been initialized and read /dev/urandom then, instead. 1341 This is in line with what recent Python does. 1342 #81 Pre-10.7/Lion macOS: Support entropy from arc4random 1343 #86 Check that a UTF-16 encoding in an XML declaration has the 1344 right endianness 1345 #4 #5 #7 Recover correctly when some reallocations fail 1346 Repair "./configure && make" for systems without any 1347 provider of high quality entropy 1348 and try reading /dev/urandom on those 1349 Ensure that user-defined character encodings have converter 1350 functions when they are needed 1351 Fix mis-leading description of argument -c in xmlwf.1 1352 Rely on macro HAVE_ARC4RANDOM_BUF (rather than __CloudABI__) 1353 for CloudABI 1354 #100 Fix use of SIPHASH_MAIN in siphash.h 1355 #23 Test suite: Fix memory leaks 1356 Version info bumped from 7:4:6 to 7:5:6 1357 1358 Special thanks to: 1359 Chanho Park 1360 Joe Orton 1361 Pascal Cuoq 1362 Rhodri James 1363 Simon McVittie 1364 Vadim Zeitlin 1365 Viktor Szakats 1366 and 1367 Core Infrastructure Initiative 1368 1369Release 2.2.2 Wed July 12 2017 1370 Security fixes: 1371 #43 Protect against compilation without any source of high 1372 quality entropy enabled, e.g. with CMake build system; 1373 commit ff0207e6076e9828e536b8d9cd45c9c92069b895 1374 #60 Windows with _UNICODE: 1375 Unintended use of LoadLibraryW with a non-wide string 1376 resulted in failure to load advapi32.dll and degradation 1377 in quality of used entropy when compiled with _UNICODE for 1378 Windows; you can launch existing binaries with 1379 EXPAT_ENTROPY_DEBUG=1 in the environment to inspect the 1380 quality of entropy used during runtime; commits 1381 * 95b95032f907ef1cd17ee7a9a1768010a825d61d 1382 * 73a5a2e9c081f49f2d775cf7ced864158b68dc80 1383 [MOX-006] Fix non-NULL parser parameter validation in XML_Parse; 1384 resulted in NULL dereference, previously; 1385 commit ac256dafdffc9622ab0dc2c62fcecb0dfcfa71fe 1386 1387 Bug fixes: 1388 #69 Fix improper use of unsigned long long integer literals 1389 1390 Other changes: 1391 #73 Start requiring a C99 compiler 1392 #49 Fix "==" Bashism in configure script 1393 #50 Fix too eager getrandom detection for Debian GNU/kFreeBSD 1394 #52 and macOS 1395 #51 Address lack of stdint.h in Visual Studio 2003 to 2008 1396 #58 Address compile warnings 1397 #68 Fix "./buildconf.sh && ./configure" for some versions 1398 of Dash for /bin/sh 1399 #72 CMake: Ease use of Expat in context of a parent project 1400 with multiple CMakeLists.txt files 1401 #72 CMake: Resolve mistaken executable permissions 1402 #76 Address compile warning with -DNDEBUG (not recommended!) 1403 #77 Address compile warning about macro redefinition 1404 1405 Special thanks to: 1406 Alexander Bluhm 1407 Ben Boeckel 1408 Cătălin Răceanu 1409 Kerin Millar 1410 László Böszörményi 1411 S. P. Zeidler 1412 Segev Finer 1413 Václav Slavík 1414 Victor Stinner 1415 Viktor Szakats 1416 and 1417 Radically Open Security 1418 1419Release 2.2.1 Sat June 17 2017 1420 Security fixes: 1421 CVE-2017-9233 -- External entity infinite loop DoS 1422 Details: https://libexpat.github.io/doc/cve-2017-9233/ 1423 Commit c4bf96bb51dd2a1b0e185374362ee136fe2c9d7f 1424 [MOX-002] CVE-2016-9063 -- Detect integer overflow; commit 1425 d4f735b88d9932bd5039df2335eefdd0723dbe20 1426 (Fixed version of existing downstream patches!) 1427 (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off 1428 longer tag names; commits 1429 * 896b6c1fd3b842f377d1b62135dccf0a579cf65d 1430 * af507cef2c93cb8d40062a0abe43a4f4e9158fb2 1431 #16 * 0dbbf43fdb20f593ddf4fa1ff67288000dd4a7fd 1432 #25 More integer overflow detection (function poolGrow); commits 1433 * 810b74e4703dcfdd8f404e3cb177d44684775143 1434 * 44178553f3539ce69d34abee77a05e879a7982ac 1435 [MOX-002] Detect overflow from len=INT_MAX call to XML_Parse; commits 1436 * 4be2cb5afcc018d996f34bbbce6374b7befad47f 1437 * 7e5b71b748491b6e459e5c9a1d090820f94544d8 1438 [MOX-005] #30 Use high quality entropy for hash initialization: 1439 * arc4random_buf on BSD, systems with libbsd 1440 (when configured with --with-libbsd), CloudABI 1441 * RtlGenRandom on Windows XP / Server 2003 and later 1442 * getrandom on Linux 3.17+ 1443 In a way, that's still part of CVE-2016-5300. 1444 https://github.com/libexpat/libexpat/pull/30/commits 1445 [MOX-005] For the low quality entropy extraction fallback code, 1446 the parser instance address can no longer leak, commit 1447 04ad658bd3079dd15cb60fc67087900f0ff4b083 1448 [MOX-003] Prevent use of uninitialised variable; commit 1449 [MOX-004] a4dc944f37b664a3ca7199c624a98ee37babdb4b 1450 Add missing parameter validation to public API functions 1451 and dedicated error code XML_ERROR_INVALID_ARGUMENT: 1452 [MOX-006] * NULL checks; commits 1453 * d37f74b2b7149a3a95a680c4c4cd2a451a51d60a (merge/many) 1454 * 9ed727064b675b7180c98cb3d4f75efba6966681 1455 * 6a747c837c50114dfa413994e07c0ba477be4534 1456 * Negative length (XML_Parse); commit 1457 [MOX-002] 70db8d2538a10f4c022655d6895e4c3e78692e7f 1458 [MOX-001] #35 Change hash algorithm to William Ahern's version of SipHash 1459 to go further with fixing CVE-2012-0876. 1460 https://github.com/libexpat/libexpat/pull/39/commits 1461 1462 Bug fixes: 1463 #32 Fix sharing of hash salt across parsers; 1464 relevant where XML_ExternalEntityParserCreate is called 1465 prior to XML_Parse, in particular (e.g. FBReader) 1466 #28 xmlwf: Auto-disable use of memory-mapping (and parsing 1467 as a single chunk) for files larger than ~1 GB (2^30 bytes) 1468 rather than failing with error "out of memory" 1469 #3 Fix double free after malloc failure in DTD code; commit 1470 7ae9c3d3af433cd4defe95234eae7dc8ed15637f 1471 #17 Fix memory leak on parser error for unbound XML attribute 1472 prefix with new namespaces defined in the same tag; 1473 found by Google's OSS-Fuzz; commits 1474 * 16f87daae5a16132e479e4f71862128c7a915c73 1475 * b47dbc9745932c160893d433220e462bd605f8cd 1476 xmlwf on Windows: Add missing calls to CloseHandle 1477 1478 New features: 1479 #30 Introduced environment switch EXPAT_ENTROPY_DEBUG=1 1480 for runtime debugging of entropy extraction 1481 1482 Other changes: 1483 Increase code coverage 1484 #33 Reject use of XML_UNICODE_WCHAR_T with sizeof(wchar_t) != 2; 1485 XML_UNICODE_WCHAR_T was never meant to be used outside 1486 of Windows; 4-byte wchar_t is common on Linux 1487 (SF.net) #538 Start using -fno-strict-aliasing 1488 (SF.net) #540 Support compilation against cloudlibc of CloudABI 1489 Allow MinGW cross-compilation 1490 (SF.net) #534 CMake: Introduce option "BUILD_doc" (enabled by default) 1491 to bypass compilation of the xmlwf.1 man page 1492 (SF.net) pr2 CMake: Introduce option "INSTALL" (enabled by default) 1493 to bypass installation of expat files 1494 CMake: Fix ninja support 1495 Autotools: Add parameters --enable-xml-context [COUNT] 1496 and --disable-xml-context; default of context of 1024 1497 bytes enabled unchanged 1498 #14 Drop AmigaOS 4.x code and includes 1499 #14 Drop ancient build systems: 1500 * Borland C++ Builder 1501 * OpenVMS 1502 * Open Watcom 1503 * Visual Studio 6.0 1504 * Pre-X Mac OS (MPW Makefile) 1505 If you happen to rely on some of these, please get in 1506 touch for joining with maintenance. 1507 #10 Move from WIN32 to _WIN32 1508 #13 Fix "make run-xmltest" order instability 1509 Address compile warnings 1510 Bump version info from 7:2:6 to 7:3:6 1511 Add AUTHORS file 1512 1513 Infrastructure: 1514 #1 Migrate from SourceForge to GitHub (except downloads): 1515 https://github.com/libexpat/ 1516 #1 Re-create http://libexpat.org/ project website 1517 Start utilizing Travis CI 1518 1519 Special thanks to: 1520 Andy Wang 1521 Don Lewis 1522 Ed Schouten 1523 Karl Waclawek 1524 Pascal Cuoq 1525 Rhodri James 1526 Sergei Nikulov 1527 Tobias Taschner 1528 Viktor Szakats 1529 and 1530 Core Infrastructure Initiative 1531 Mozilla Foundation (MOSS Track 3: Secure Open Source) 1532 Radically Open Security 1533 1534Release 2.2.0 Tue June 21 2016 1535 Security fixes: 1536 #537 CVE-2016-0718 -- Fix crash on malformed input 1537 CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 / 1538 CVE-2015-2716 introduced with Expat 2.1.1 1539 #499 CVE-2016-5300 -- Use more entropy for hash initialization 1540 than the original fix to CVE-2012-0876 1541 #519 CVE-2012-6702 -- Resolve troublesome internal call to srand 1542 that was introduced with Expat 2.1.0 1543 when addressing CVE-2012-0876 (issue #496) 1544 1545 Bug fixes: 1546 Fix uninitialized reads of size 1 1547 (e.g. in little2_updatePosition) 1548 Fix detection of UTF-8 character boundaries 1549 1550 Other changes: 1551 #532 Fix compilation for Visual Studio 2010 (keyword "C99") 1552 Autotools: Resolve use of "$<" to better support bmake 1553 Autotools: Add QA script "qa.sh" (and make target "qa") 1554 Autotools: Respect CXXFLAGS if given 1555 Autotools: Fix "make run-xmltest" 1556 Autotools: Have "make run-xmltest" check for expected output 1557 p90 CMake: Fix static build (BUILD_shared=OFF) on Windows 1558 #536 CMake: Add soversion, support -DNO_SONAME=yes to bypass 1559 #323 CMake: Add suffix "d" to differentiate debug from release 1560 CMake: Define WIN32 with CMake on Windows 1561 Annotate memory allocators for GCC 1562 Address all currently known compile warnings 1563 Make sure that API symbols remain visible despite 1564 -fvisibility=hidden 1565 Remove executable flag from source files 1566 Resolve COMPILED_FROM_DSP in favor of WIN32 1567 1568 Special thanks to: 1569 Björn Lindahl 1570 Christian Heimes 1571 Cristian Rodríguez 1572 Daniel Krügler 1573 Gustavo Grieco 1574 Karl Waclawek 1575 László Böszörményi 1576 Marco Grassi 1577 Pascal Cuoq 1578 Sergei Nikulov 1579 Thomas Beutlich 1580 Warren Young 1581 Yann Droneaud 1582 1583Release 2.1.1 Sat March 12 2016 1584 Security fixes: 1585 #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer 1586 1587 Bug fixes: 1588 #502: Fix potential null pointer dereference 1589 #520: Symbol XML_SetHashSalt was not exported 1590 Output of "xmlwf -h" was incomplete 1591 1592 Other changes: 1593 #503: Document behavior of calling XML_SetHashSalt with salt 0 1594 Minor improvements to man page xmlwf(1) 1595 Improvements to the experimental CMake build system 1596 libtool now invoked with --verbose 1597 1598Release 2.1.0 Sat March 24 2012 1599 - Security fixes: 1600 #2958794: CVE-2012-1148 - Memory leak in poolGrow. 1601 #2895533: CVE-2012-1147 - Resource leak in readfilemap.c. 1602 #3496608: CVE-2012-0876 - Hash DOS attack. 1603 #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8(). 1604 #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences. 1605 - Bug Fixes: 1606 #1742315: Harmful XML_ParserCreateNS suggestion. 1607 #1785430: Expat build fails on linux-amd64 with gcc version>=4.1 -O3. 1608 #1983953, 2517952, 2517962, 2649838: 1609 Build modifications using autoreconf instead of buildconf.sh. 1610 #2815947, #2884086: OBJEXT and EXEEXT support while building. 1611 #2517938: xmlwf should return non-zero exit status if not well-formed. 1612 #2517946: Wrong statement about XMLDecl in xmlwf.1 and xmlwf.sgml. 1613 #2855609: Dangling positionPtr after error. 1614 #2990652: CMake support. 1615 #3010819: UNEXPECTED_STATE with a trailing "%" in entity value. 1616 #3206497: Uninitialized memory returned from XML_Parse. 1617 #3287849: make check fails on mingw-w64. 1618 - Patches: 1619 #1749198: pkg-config support. 1620 #3010222: Fix for bug #3010819. 1621 #3312568: CMake support. 1622 #3446384: Report byte offsets for attr names and values. 1623 - New Features / API changes: 1624 Added new API member XML_SetHashSalt() that allows setting an initial 1625 value (salt) for hash calculations. This is part of the fix for 1626 bug #3496608 to randomize hash parameters. 1627 When compiled with XML_ATTR_INFO defined, adds new API member 1628 XML_GetAttributeInfo() that allows retrieving the byte 1629 offsets for attribute names and values (patch #3446384). 1630 Added CMake build system. 1631 See bug #2990652 and patch #3312568. 1632 Added run-benchmark target to Makefile.in - relies on testdata module 1633 present in the same relative location as in the repository. 1634 1635Release 2.0.1 Tue June 5 2007 1636 - Fixed bugs #1515266, #1515600: The character data handler's calling 1637 of XML_StopParser() was not handled properly; if the parser was 1638 stopped and the handler set to NULL, the parser would segfault. 1639 - Fixed bug #1690883: Expat failed on EBCDIC systems as it assumed 1640 some character constants to be ASCII encoded. 1641 - Minor cleanups of the test harness. 1642 - Fixed xmlwf bug #1513566: "out of memory" error on file size zero. 1643 - Fixed outline.c bug #1543233: missing a final XML_ParserFree() call. 1644 - Fixes and improvements for Windows platform: 1645 bugs #1409451, #1476160, #1548182, #1602769, #1717322. 1646 - Build fixes for various platforms: 1647 HP-UX, Tru64, Solaris 9: patch #1437840, bug #1196180. 1648 All Unix: #1554618 (refreshed config.sub/config.guess). 1649 #1490371, #1613457: support both, DESTDIR and INSTALL_ROOT, 1650 without relying on GNU-Make specific features. 1651 #1647805: Patched configure.in to work better with Intel compiler. 1652 - Fixes to Makefile.in to have make check work correctly: 1653 bugs #1408143, #1535603, #1536684. 1654 - Added Open Watcom support: patch #1523242. 1655 1656Release 2.0.0 Wed Jan 11 2006 1657 - We no longer use the "check" library for C unit testing; we 1658 always use the (partial) internal implementation of the API. 1659 - Report XML_NS setting via XML_GetFeatureList(). 1660 - Fixed headers for use from C++. 1661 - XML_GetCurrentLineNumber() and XML_GetCurrentColumnNumber() 1662 now return unsigned integers. 1663 - Added XML_LARGE_SIZE switch to enable 64-bit integers for 1664 byte indexes and line/column numbers. 1665 - Updated to use libtool 1.5.22 (the most recent). 1666 - Added support for AmigaOS. 1667 - Some mostly minor bug fixes. SF issues include: #1006708, 1668 #1021776, #1023646, #1114960, #1156398, #1221160, #1271642. 1669 1670Release 1.95.8 Fri Jul 23 2004 1671 - Major new feature: suspend/resume. Handlers can now request 1672 that a parse be suspended for later resumption or aborted 1673 altogether. See "Temporarily Stopping Parsing" in the 1674 documentation for more details. 1675 - Some mostly minor bug fixes, but compilation should no 1676 longer generate warnings on most platforms. SF issues 1677 include: #827319, #840173, #846309, #888329, #896188, #923913, 1678 #928113, #961698, #985192. 1679 1680Release 1.95.7 Mon Oct 20 2003 1681 - Fixed enum XML_Status issue (reported on SourceForge many 1682 times), so compilers that are properly picky will be happy. 1683 - Introduced an XMLCALL macro to control the calling 1684 convention used by the Expat API; this macro should be used 1685 to annotate prototypes and definitions of callback 1686 implementations in code compiled with a calling convention 1687 other than the default convention for the host platform. 1688 - Improved ability to build without the configure-generated 1689 expat_config.h header. This is useful for applications 1690 which embed Expat rather than linking in the library. 1691 - Fixed a variety of bugs: see SF issues #458907, #609603, 1692 #676844, #679754, #692878, #692964, #695401, #699323, #699487, 1693 #820946. 1694 - Improved hash table lookups. 1695 - Added more regression tests and improved documentation. 1696 1697Release 1.95.6 Tue Jan 28 2003 1698 - Added XML_FreeContentModel(). 1699 - Added XML_MemMalloc(), XML_MemRealloc(), XML_MemFree(). 1700 - Fixed a variety of bugs: see SF issues #615606, #616863, 1701 #618199, #653180, #673791. 1702 - Enhanced the regression test suite. 1703 - Man page improvements: includes SF issue #632146. 1704 1705Release 1.95.5 Fri Sep 6 2002 1706 - Added XML_UseForeignDTD() for improved SAX2 support. 1707 - Added XML_GetFeatureList(). 1708 - Defined XML_Bool type and the values XML_TRUE and XML_FALSE. 1709 - Use an incomplete struct instead of a void* for the parser 1710 (may not retain). 1711 - Fixed UTF-8 decoding bug that caused legal UTF-8 to be rejected. 1712 - Finally fixed bug where default handler would report DTD 1713 events that were already handled by another handler. 1714 Initial patch contributed by Darryl Miles. 1715 - Removed unnecessary DllMain() function that caused static 1716 linking into a DLL to be difficult. 1717 - Added VC++ projects for building static libraries. 1718 - Reduced line-length for all source code and headers to be 1719 no longer than 80 characters, to help with AS/400 support. 1720 - Reduced memory copying during parsing (SF patch #600964). 1721 - Fixed a variety of bugs: see SF issues #580793, #434664, 1722 #483514, #580503, #581069, #584041, #584183, #584832, #585537, 1723 #596555, #596678, #598352, #598944, #599715, #600479, #600971. 1724 1725Release 1.95.4 Fri Jul 12 2002 1726 - Added support for VMS, contributed by Craig Berry. See 1727 vms/README.vms for more information. 1728 - Added Mac OS (classic) support, with a makefile for MPW, 1729 contributed by Thomas Wegner and Daryle Walker. 1730 - Added Borland C++ Builder 5 / BCC 5.5 support, contributed 1731 by Patrick McConnell (SF patch #538032). 1732 - Fixed a variety of bugs: see SF issues #441449, #563184, 1733 #564342, #566334, #566901, #569461, #570263, #575168, #579196. 1734 - Made skippedEntityHandler conform to SAX2 (see source comment) 1735 - Re-implemented WFC: Entity Declared from XML 1.0 spec and 1736 added a new error "entity declared in parameter entity": 1737 see SF bug report #569461 and SF patch #578161 1738 - Re-implemented section 5.1 from XML 1.0 spec: 1739 see SF bug report #570263 and SF patch #578161 1740 1741Release 1.95.3 Mon Jun 3 2002 1742 - Added a project to the MSVC workspace to create a wchar_t 1743 version of the library; the DLLs are named libexpatw.dll. 1744 - Changed the name of the Windows DLLs from expat.dll to 1745 libexpat.dll; this fixes SF bug #432456. 1746 - Added the XML_ParserReset() API function. 1747 - Fixed XML_SetReturnNSTriplet() to work for element names. 1748 - Made the XML_UNICODE builds usable (thanks, Karl!). 1749 - Allow xmlwf to read from standard input. 1750 - Install a man page for xmlwf on Unix systems. 1751 - Fixed many bugs; see SF bug reports #231864, #461380, #464837, 1752 #466885, #469226, #477667, #484419, #487840, #494749, #496505, 1753 #547350. Other bugs which we can't test as easily may also 1754 have been fixed, especially in the area of build support. 1755 1756Release 1.95.2 Fri Jul 27 2001 1757 - More changes to make MSVC happy with the build; add a single 1758 workspace to support both the library and xmlwf application. 1759 - Added a Windows installer for Windows users; includes 1760 xmlwf.exe. 1761 - Added compile-time constants that can be used to determine the 1762 Expat version 1763 - Removed a lot of GNU-specific dependencies to aide portability 1764 among the various Unix flavors. 1765 - Fix the UTF-8 BOM bug. 1766 - Cleaned up warning messages for several compilers. 1767 - Added the -Wall, -Wstrict-prototypes options for GCC. 1768 1769Release 1.95.1 Sun Oct 22 15:11:36 EDT 2000 1770 - Changes to get expat to build under Microsoft compiler 1771 - Removed all aborts and instead return an UNEXPECTED_STATE error. 1772 - Fixed a bug where a stray '%' in an entity value would cause an 1773 abort. 1774 - Defined XML_SetEndNamespaceDeclHandler. Thanks to Darryl Miles for 1775 finding this oversight. 1776 - Changed default patterns in lib/Makefile.in to fit non-GNU makes 1777 Thanks to robin@unrated.net for reporting and providing an 1778 account to test on. 1779 - The reference had the wrong label for XML_SetStartNamespaceDecl. 1780 Reported by an anonymous user. 1781 1782Release 1.95.0 Fri Sep 29 2000 1783 - XML_ParserCreate_MM 1784 Allows you to set a memory management suite to replace the 1785 standard malloc,realloc, and free. 1786 - XML_SetReturnNSTriplet 1787 If you turn this feature on when namespace processing is in 1788 effect, then qualified, prefixed element and attribute names 1789 are returned as "uri|name|prefix" where '|' is whatever 1790 separator character is used in namespace processing. 1791 - Merged in features from perl-expat 1792 o XML_SetElementDeclHandler 1793 o XML_SetAttlistDeclHandler 1794 o XML_SetXmlDeclHandler 1795 o XML_SetEntityDeclHandler 1796 o StartDoctypeDeclHandler takes 3 additional parameters: 1797 sysid, pubid, has_internal_subset 1798 o Many paired handler setters (like XML_SetElementHandler) 1799 now have corresponding individual handler setters 1800 o XML_GetInputContext for getting the input context of 1801 the current parse position. 1802 - Added reference material 1803 - Packaged into a distribution that builds a sharable library 1804