rpms/libxml2
7
0
Fork 0
Code Issues Pull Requests Releases Activity

backport more patches from upstream

Browse Source 
Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org>
This commit is contained in:
Igor Gnatenko 2018-08-02 20:54:55 +02:00
parent dfef1925ad
commit 06a8f6badc
No known key found for this signature in database
GPG Key ID: 695714BD1BBC5F4C
14 changed files with 1450 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
0001-NaN-and-Inf-fixes-for-pre-C99-compilers.patch Normal file
View File

@ -0,0 +1,61 @@
From 7abec671473b837f99181442d59edd0cc2ee01d1 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Thu, 15 Mar 2018 19:33:52 +0100
Subject: [PATCH 01/13] NaN and Inf fixes for pre-C99 compilers
On some pre-C99 compilers, the NAN and INFINITY macros don't expand to
constant expressions.
Some MSVC versions complain about floating point division by zero in
constants.
Thanks to Fabrice Manfroi for the report.
---
xpath.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/xpath.c b/xpath.c
index f4406967..89fab588 100644
--- a/xpath.c
+++ b/xpath.c
@@ -477,27 +477,28 @@ int wrap_cmp( xmlNodePtr x, xmlNodePtr y );
* *
************************************************************************/
-#ifndef NAN
-#define NAN (0.0 / 0.0)
+#ifndef INFINITY
+#define INFINITY (DBL_MAX * DBL_MAX)
#endif
-#ifndef INFINITY
-#define INFINITY HUGE_VAL
+#ifndef NAN
+#define NAN (INFINITY / INFINITY)
#endif
-double xmlXPathNAN = NAN;
-double xmlXPathPINF = INFINITY;
-double xmlXPathNINF = -INFINITY;
+double xmlXPathNAN;
+double xmlXPathPINF;
+double xmlXPathNINF;
/**
* xmlXPathInit:
*
* Initialize the XPath environment
- *
- * Does nothing but must be kept as public function.
*/
void
xmlXPathInit(void) {
+ xmlXPathNAN = NAN;
+ xmlXPathPINF = INFINITY;
+ xmlXPathNINF = -INFINITY;
}
/**
--
2.18.0

5
0001-Revert-Change-calls-to-xmlCharEncInput-to-set-flush-.patch → 0002-Revert-Change-calls-to-xmlCharEncInput-to-set-flush-.patch
View File

@ -1,7 +1,8 @@
From 7a1bd7f6497ac33a9023d556f6f47a48f01deac0 Mon Sep 17 00:00:00 2001 From 7a1bd7f6497ac33a9023d556f6f47a48f01deac0 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de> From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Sat, 17 Mar 2018 00:03:24 +0100 Date: Sat, 17 Mar 2018 00:03:24 +0100
Subject: [PATCH] Revert "Change calls to xmlCharEncInput to set flush false" Subject: [PATCH 02/13] Revert "Change calls to xmlCharEncInput to set flush
false"
This reverts commit 6e6ae5daa6cd9640c9a83c1070896273e9b30d14 which This reverts commit 6e6ae5daa6cd9640c9a83c1070896273e9b30d14 which
broke decoding of larger documents with ICU. broke decoding of larger documents with ICU.
@ -62,5 +63,5 @@ index 82543477..f61dd05a 100644
xmlIOErr(XML_IO_ENCODER, NULL); xmlIOErr(XML_IO_ENCODER, NULL);
in->error = XML_IO_ENCODER; in->error = XML_IO_ENCODER;
-- --
2.17.0.rc2 2.18.0

29
0003-Fix-inconsistency-in-xmlXPathIsInf.patch Normal file
View File

@ -0,0 +1,29 @@
From ebe12882ee7e14fa6463bb07d7de5f5388f09573 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Mon, 16 Apr 2018 18:18:11 +0200
Subject: [PATCH 03/13] Fix inconsistency in xmlXPathIsInf
We don't use HUGE_VAL for INFINITY after the most recent fix.
---
xpath.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/xpath.c b/xpath.c
index 89fab588..bd093643 100644
--- a/xpath.c
+++ b/xpath.c
@@ -527,9 +527,9 @@ xmlXPathIsInf(double val) {
#ifdef isinf
return isinf(val) ? (val > 0 ? 1 : -1) : 0;
#else
- if (val >= HUGE_VAL)
+ if (val >= INFINITY)
return 1;
- if (val <= -HUGE_VAL)
+ if (val <= -INFINITY)
return -1;
return 0;
#endif
--
2.18.0

104
0004-Stop-using-XPATH_OP_RESET.patch Normal file
View File

@ -0,0 +1,104 @@
From e22a83b1d095dac25ce05e1a2d9f263f41d11c68 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Thu, 25 May 2017 01:18:36 +0200
Subject: [PATCH 04/13] Stop using XPATH_OP_RESET
It only sets the context node to NULL which doesn't seem useful and can
even cause bugs like bug #795299:
https://bugzilla.gnome.org/show_bug.cgi?id=795299
---
xpath.c | 37 +++----------------------------------
1 file changed, 3 insertions(+), 34 deletions(-)
diff --git a/xpath.c b/xpath.c
index bd093643..601763ee 100644
--- a/xpath.c
+++ b/xpath.c
@@ -868,15 +868,14 @@ typedef enum {
XPATH_OP_UNION,
XPATH_OP_ROOT,
XPATH_OP_NODE,
- XPATH_OP_RESET, /* 10 */
XPATH_OP_COLLECT,
- XPATH_OP_VALUE, /* 12 */
+ XPATH_OP_VALUE, /* 11 */
XPATH_OP_VARIABLE,
XPATH_OP_FUNCTION,
XPATH_OP_ARG,
XPATH_OP_PREDICATE,
- XPATH_OP_FILTER, /* 17 */
- XPATH_OP_SORT /* 18 */
+ XPATH_OP_FILTER, /* 16 */
+ XPATH_OP_SORT /* 17 */
#ifdef LIBXML_XPTR_ENABLED
,XPATH_OP_RANGETO
#endif
@@ -1526,8 +1525,6 @@ xmlXPathDebugDumpStepOp(FILE *output, xmlXPathCompExprPtr comp,
fprintf(output, "ROOT"); break;
case XPATH_OP_NODE:
fprintf(output, "NODE"); break;
- case XPATH_OP_RESET:
- fprintf(output, "RESET"); break;
case XPATH_OP_SORT:
fprintf(output, "SORT"); break;
case XPATH_OP_COLLECT: {
@@ -10735,7 +10732,6 @@ xmlXPathCompPathExpr(xmlXPathParserContextPtr ctxt) {
PUSH_LONG_EXPR(XPATH_OP_COLLECT, AXIS_DESCENDANT_OR_SELF,
NODE_TEST_TYPE, NODE_TYPE_NODE, NULL, NULL);
- PUSH_UNARY_EXPR(XPATH_OP_RESET, ctxt->comp->last, 1, 0);
xmlXPathCompRelativeLocationPath(ctxt);
} else if (CUR == '/') {
@@ -12779,15 +12775,6 @@ xmlXPathCompOpEvalFirst(xmlXPathParserContextPtr ctxt,
valuePush(ctxt, xmlXPathCacheNewNodeSet(ctxt->context,
ctxt->context->node));
return (total);
- case XPATH_OP_RESET:
- if (op->ch1 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
- CHECK_ERROR0;
- if (op->ch2 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
- CHECK_ERROR0;
- ctxt->context->node = NULL;
- return (total);
case XPATH_OP_COLLECT:{
if (op->ch1 == -1)
return (total);
@@ -12918,15 +12905,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
valuePush(ctxt, xmlXPathCacheNewNodeSet(ctxt->context,
ctxt->context->node));
return (total);
- case XPATH_OP_RESET:
- if (op->ch1 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
- CHECK_ERROR0;
- if (op->ch2 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
- CHECK_ERROR0;
- ctxt->context->node = NULL;
- return (total);
case XPATH_OP_COLLECT:{
if (op->ch1 == -1)
return (0);
@@ -13457,15 +13435,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
valuePush(ctxt, xmlXPathCacheNewNodeSet(ctxt->context,
ctxt->context->node));
return (total);
- case XPATH_OP_RESET:
- if (op->ch1 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
- CHECK_ERROR0;
- if (op->ch2 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
- CHECK_ERROR0;
- ctxt->context->node = NULL;
- return (total);
case XPATH_OP_COLLECT:{
if (op->ch1 == -1)
return (total);
--
2.18.0

27
0005-Don-t-change-context-node-in-xmlXPathRoot.patch Normal file
View File

@ -0,0 +1,27 @@
From 938835e763277684274ac31afc08fc40fa419aae Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Thu, 25 May 2017 01:21:57 +0200
Subject: [PATCH 05/13] Don't change context node in xmlXPathRoot
---
xpath.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/xpath.c b/xpath.c
index 601763ee..1e98ddc2 100644
--- a/xpath.c
+++ b/xpath.c
@@ -8477,9 +8477,8 @@ void
xmlXPathRoot(xmlXPathParserContextPtr ctxt) {
if ((ctxt == NULL) || (ctxt->context == NULL))
return;
- ctxt->context->node = (xmlNodePtr) ctxt->context->doc;
valuePush(ctxt, xmlXPathCacheNewNodeSet(ctxt->context,
- ctxt->context->node));
+ (xmlNodePtr) ctxt->context->doc));
}
/************************************************************************
--
2.18.0

189
0006-Avoid-unnecessary-backups-of-the-context-node.patch Normal file
View File

@ -0,0 +1,189 @@
From 029d0e960c02d83111acb5ab057ee055821943f7 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Thu, 25 May 2017 01:28:27 +0200
Subject: [PATCH 06/13] Avoid unnecessary backups of the context node
---
xpath.c | 42 ------------------------------------------
1 file changed, 42 deletions(-)
diff --git a/xpath.c b/xpath.c
index 1e98ddc2..b1bd7e07 100644
--- a/xpath.c
+++ b/xpath.c
@@ -12829,8 +12829,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
int total = 0, cur;
xmlXPathCompExprPtr comp;
xmlXPathObjectPtr arg1, arg2;
- xmlNodePtr bak;
- xmlDocPtr bakd;
int pp;
int cs;
@@ -12840,8 +12838,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
case XPATH_OP_END:
return (0);
case XPATH_OP_UNION:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total =
@@ -12861,8 +12857,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
nodesetval->nodeNr -
1];
}
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
cur =
@@ -13244,8 +13238,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
int equal, ret;
xmlXPathCompExprPtr comp;
xmlXPathObjectPtr arg1, arg2;
- xmlNodePtr bak;
- xmlDocPtr bakd;
int pp;
int cs;
@@ -13255,8 +13247,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
case XPATH_OP_END:
return (0);
case XPATH_OP_AND:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
@@ -13265,8 +13255,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
if ((ctxt->value == NULL) || (ctxt->value->boolval == 0))
return (total);
arg2 = valuePop(ctxt);
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13281,8 +13269,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathReleaseObject(ctxt->context, arg2);
return (total);
case XPATH_OP_OR:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
@@ -13291,8 +13277,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
if ((ctxt->value == NULL) || (ctxt->value->boolval == 1))
return (total);
arg2 = valuePop(ctxt);
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13307,14 +13291,10 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathReleaseObject(ctxt->context, arg2);
return (total);
case XPATH_OP_EQUAL:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13326,14 +13306,10 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
valuePush(ctxt, xmlXPathCacheNewBoolean(ctxt->context, equal));
return (total);
case XPATH_OP_CMP:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13342,15 +13318,11 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
valuePush(ctxt, xmlXPathCacheNewBoolean(ctxt->context, ret));
return (total);
case XPATH_OP_PLUS:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
if (op->ch2 != -1) {
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13368,14 +13340,10 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
}
return (total);
case XPATH_OP_MULT:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13388,14 +13356,10 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathModValues(ctxt);
return (total);
case XPATH_OP_UNION:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->doc = bakd;
- ctxt->context->node = bak;
ctxt->context->proximityPosition = pp;
ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
@@ -13552,24 +13516,18 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
return (total);
}
case XPATH_OP_ARG:
- bakd = ctxt->context->doc;
- bak = ctxt->context->node;
pp = ctxt->context->proximityPosition;
cs = ctxt->context->contextSize;
if (op->ch1 != -1) {
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
ctxt->context->contextSize = cs;
ctxt->context->proximityPosition = pp;
- ctxt->context->node = bak;
- ctxt->context->doc = bakd;
CHECK_ERROR0;
}
if (op->ch2 != -1) {
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
ctxt->context->contextSize = cs;
ctxt->context->proximityPosition = pp;
- ctxt->context->node = bak;
- ctxt->context->doc = bakd;
CHECK_ERROR0;
}
return (total);
--
2.18.0

378
0007-Simplify-and-harden-nodeset-filtering.patch Normal file
View File

@ -0,0 +1,378 @@
From 665df41dcc6c4c3a609907c979b6c16472593d0d Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Mon, 16 Apr 2018 19:37:34 +0200
Subject: [PATCH 07/13] Simplify and harden nodeset filtering
If a nodeset to be filtered is empty, it can be returned without popping
it from the stack.
Make sure to restore the context node in all error paths and never set
it to NULL.
Save and restore the context node in RANGETO operations.
---
xpath.c | 152 +++++++++++++++-----------------------------------------
1 file changed, 41 insertions(+), 111 deletions(-)
diff --git a/xpath.c b/xpath.c
index b1bd7e07..4b9faaf6 100644
--- a/xpath.c
+++ b/xpath.c
@@ -12993,7 +12993,6 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
return (total);
#ifdef LIBXML_XPTR_ENABLED
- oldnode = ctxt->context->node;
/*
* Hum are we filtering the result of an XPointer expression
*/
@@ -13008,23 +13007,15 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
* up a new locset.
*/
CHECK_TYPE0(XPATH_LOCATIONSET);
+
+ if ((ctxt->value->user == NULL) ||
+ (((xmlLocationSetPtr) ctxt->value->user)->locNr == 0))
+ return (total);
+
obj = valuePop(ctxt);
oldlocset = obj->user;
- ctxt->context->node = NULL;
+ oldnode = ctxt->context->node;
- if ((oldlocset == NULL) || (oldlocset->locNr == 0)) {
- ctxt->context->contextSize = 0;
- ctxt->context->proximityPosition = 0;
- if (op->ch2 != -1)
- total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
- res = valuePop(ctxt);
- if (res != NULL) {
- xmlXPathReleaseObject(ctxt->context, res);
- }
- valuePush(ctxt, obj);
- CHECK_ERROR0;
- return (total);
- }
newlocset = xmlXPtrLocationSetCreate(NULL);
for (i = 0; i < oldlocset->locNr; i++) {
@@ -13049,6 +13040,7 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeObject(obj);
+ ctxt->context->node = oldnode;
return(0);
}
/*
@@ -13077,7 +13069,6 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
/* OLD: xmlXPathFreeObject(res); */
} else
tmp = NULL;
- ctxt->context->node = NULL;
/*
* Only put the first node in the result, then leave.
*/
@@ -13093,7 +13084,6 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
* The result is used as the new evaluation locset.
*/
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->node = NULL;
ctxt->context->contextSize = -1;
ctxt->context->proximityPosition = -1;
valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
@@ -13108,32 +13098,17 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
* up a new set.
*/
CHECK_TYPE0(XPATH_NODESET);
- obj = valuePop(ctxt);
- oldset = obj->nodesetval;
- oldnode = ctxt->context->node;
- oldDoc = ctxt->context->doc;
- ctxt->context->node = NULL;
-
- if ((oldset == NULL) || (oldset->nodeNr == 0)) {
- ctxt->context->contextSize = 0;
- ctxt->context->proximityPosition = 0;
- /* QUESTION TODO: Why was this code commented out?
- if (op->ch2 != -1)
- total +=
- xmlXPathCompOpEval(ctxt,
- &comp->steps[op->ch2]);
- CHECK_ERROR0;
- res = valuePop(ctxt);
- if (res != NULL)
- xmlXPathFreeObject(res);
- */
- valuePush(ctxt, obj);
- ctxt->context->node = oldnode;
- CHECK_ERROR0;
- } else {
+ if ((ctxt->value->nodesetval != NULL) &&
+ (ctxt->value->nodesetval->nodeNr != 0)) {
xmlNodeSetPtr newset;
xmlXPathObjectPtr tmp = NULL;
+
+ obj = valuePop(ctxt);
+ oldset = obj->nodesetval;
+ oldnode = ctxt->context->node;
+ oldDoc = ctxt->context->doc;
+
/*
* Initialize the new set.
* Also set the xpath document in case things like
@@ -13168,6 +13143,7 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeNodeSet(newset);
xmlXPathFreeObject(obj);
+ ctxt->context->node = oldnode;
return(0);
}
/*
@@ -13195,7 +13171,6 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
xmlXPathNodeSetClear(tmp->nodesetval, 1);
} else
tmp = NULL;
- ctxt->context->node = NULL;
/*
* Only put the first node in the result, then leave.
*/
@@ -13211,14 +13186,12 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
* The result is used as the new evaluation set.
*/
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->node = NULL;
ctxt->context->contextSize = -1;
ctxt->context->proximityPosition = -1;
- /* may want to move this past the '}' later */
+ ctxt->context->node = oldnode;
ctxt->context->doc = oldDoc;
valuePush(ctxt, xmlXPathCacheWrapNodeSet(ctxt->context, newset));
}
- ctxt->context->node = oldnode;
return(total);
}
#endif /* XP_OPTIMIZED_FILTER_FIRST */
@@ -13641,8 +13614,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
if (ctxt->value == NULL)
return (total);
- oldnode = ctxt->context->node;
-
#ifdef LIBXML_XPTR_ENABLED
/*
* Hum are we filtering the result of an XPointer expression
@@ -13657,25 +13628,15 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
* up a new locset.
*/
CHECK_TYPE0(XPATH_LOCATIONSET);
+
+ if ((ctxt->value->user == NULL) ||
+ (((xmlLocationSetPtr) ctxt->value->user)->locNr == 0))
+ return (total);
+
obj = valuePop(ctxt);
oldlocset = obj->user;
- ctxt->context->node = NULL;
+ oldnode = ctxt->context->node;
- if ((oldlocset == NULL) || (oldlocset->locNr == 0)) {
- ctxt->context->contextSize = 0;
- ctxt->context->proximityPosition = 0;
- if (op->ch2 != -1)
- total +=
- xmlXPathCompOpEval(ctxt,
- &comp->steps[op->ch2]);
- res = valuePop(ctxt);
- if (res != NULL) {
- xmlXPathReleaseObject(ctxt->context, res);
- }
- valuePush(ctxt, obj);
- CHECK_ERROR0;
- return (total);
- }
newlocset = xmlXPtrLocationSetCreate(NULL);
for (i = 0; i < oldlocset->locNr; i++) {
@@ -13696,6 +13657,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeObject(obj);
+ ctxt->context->node = oldnode;
return(0);
}
@@ -13720,15 +13682,12 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
res = valuePop(ctxt);
xmlXPathReleaseObject(ctxt->context, res);
}
-
- ctxt->context->node = NULL;
}
/*
* The result is used as the new evaluation locset.
*/
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->node = NULL;
ctxt->context->contextSize = -1;
ctxt->context->proximityPosition = -1;
valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
@@ -13743,30 +13702,13 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
* up a new set.
*/
CHECK_TYPE0(XPATH_NODESET);
- obj = valuePop(ctxt);
- oldset = obj->nodesetval;
-
- oldnode = ctxt->context->node;
- oldDoc = ctxt->context->doc;
- ctxt->context->node = NULL;
- if ((oldset == NULL) || (oldset->nodeNr == 0)) {
- ctxt->context->contextSize = 0;
- ctxt->context->proximityPosition = 0;
-/*
- if (op->ch2 != -1)
- total +=
- xmlXPathCompOpEval(ctxt,
- &comp->steps[op->ch2]);
- CHECK_ERROR0;
- res = valuePop(ctxt);
- if (res != NULL)
- xmlXPathFreeObject(res);
-*/
- valuePush(ctxt, obj);
- ctxt->context->node = oldnode;
- CHECK_ERROR0;
- } else {
+ if ((ctxt->value->nodesetval != NULL) &&
+ (ctxt->value->nodesetval->nodeNr != 0)) {
+ obj = valuePop(ctxt);
+ oldset = obj->nodesetval;
+ oldnode = ctxt->context->node;
+ oldDoc = ctxt->context->doc;
tmp = NULL;
/*
* Initialize the new set.
@@ -13833,6 +13775,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeNodeSet(newset);
xmlXPathFreeObject(obj);
+ ctxt->context->node = oldnode;
return(0);
}
@@ -13867,7 +13810,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
*/
} else
tmp = NULL;
- ctxt->context->node = NULL;
}
if (tmp != NULL)
xmlXPathReleaseObject(ctxt->context, tmp);
@@ -13875,15 +13817,13 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
* The result is used as the new evaluation set.
*/
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->node = NULL;
ctxt->context->contextSize = -1;
ctxt->context->proximityPosition = -1;
- /* may want to move this past the '}' later */
+ ctxt->context->node = oldnode;
ctxt->context->doc = oldDoc;
valuePush(ctxt,
xmlXPathCacheWrapNodeSet(ctxt->context, newset));
}
- ctxt->context->node = oldnode;
return (total);
}
case XPATH_OP_SORT:
@@ -13906,6 +13846,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlLocationSetPtr newlocset = NULL;
xmlLocationSetPtr oldlocset;
xmlNodeSetPtr oldset;
+ xmlNodePtr oldnode = ctxt->context->node;
int i, j;
if (op->ch1 != -1) {
@@ -13926,22 +13867,14 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
* up a new locset.
*/
CHECK_TYPE0(XPATH_LOCATIONSET);
+
+ if ((ctxt->value->user == NULL) ||
+ (((xmlLocationSetPtr) ctxt->value->user)->locNr == 0))
+ return (total);
+
obj = valuePop(ctxt);
oldlocset = obj->user;
- if ((oldlocset == NULL) || (oldlocset->locNr == 0)) {
- ctxt->context->node = NULL;
- ctxt->context->contextSize = 0;
- ctxt->context->proximityPosition = 0;
- total += xmlXPathCompOpEval(ctxt,&comp->steps[op->ch2]);
- res = valuePop(ctxt);
- if (res != NULL) {
- xmlXPathReleaseObject(ctxt->context, res);
- }
- valuePush(ctxt, obj);
- CHECK_ERROR0;
- return (total);
- }
newlocset = xmlXPtrLocationSetCreate(NULL);
for (i = 0; i < oldlocset->locNr; i++) {
@@ -13962,6 +13895,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeObject(obj);
+ ctxt->context->node = oldnode;
return(0);
}
@@ -13997,14 +13931,11 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
res = valuePop(ctxt);
xmlXPathReleaseObject(ctxt->context, res);
}
-
- ctxt->context->node = NULL;
}
} else { /* Not a location set */
CHECK_TYPE0(XPATH_NODESET);
obj = valuePop(ctxt);
oldset = obj->nodesetval;
- ctxt->context->node = NULL;
newlocset = xmlXPtrLocationSetCreate(NULL);
@@ -14028,6 +13959,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeObject(obj);
+ ctxt->context->node = oldnode;
return(0);
}
@@ -14049,8 +13981,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
res = valuePop(ctxt);
xmlXPathReleaseObject(ctxt->context, res);
}
-
- ctxt->context->node = NULL;
}
}
}
@@ -14059,7 +13989,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
* The result is used as the new evaluation set.
*/
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->node = NULL;
+ ctxt->context->node = oldnode;
ctxt->context->contextSize = -1;
ctxt->context->proximityPosition = -1;
valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
--
2.18.0

443
0008-Improve-restoring-of-context-size-and-position.patch Normal file
View File

@ -0,0 +1,443 @@
From fa33bf317aa9b455e08b211252092dd9110c49fb Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Thu, 25 May 2017 00:45:10 +0200
Subject: [PATCH 08/13] Improve restoring of context size and position
Restore context size and position where it is modified, not in
seemingly random places.
---
xpath.c | 133 ++++++++++++++++++++++----------------------------------
1 file changed, 53 insertions(+), 80 deletions(-)
diff --git a/xpath.c b/xpath.c
index 4b9faaf6..9d223977 100644
--- a/xpath.c
+++ b/xpath.c
@@ -11661,6 +11661,7 @@ xmlXPathCompOpEvalPredicate(xmlXPathParserContextPtr ctxt,
xmlXPathContextPtr xpctxt = ctxt->context;
xmlNodePtr contextNode, oldContextNode;
xmlDocPtr oldContextDoc;
+ int oldcs, oldpp;
int i, res, contextPos = 0, newContextSize;
xmlXPathStepOpPtr exprOp;
xmlXPathObjectPtr contextObj = NULL, exprRes = NULL;
@@ -11697,6 +11698,8 @@ xmlXPathCompOpEvalPredicate(xmlXPathParserContextPtr ctxt,
*/
oldContextNode = xpctxt->node;
oldContextDoc = xpctxt->doc;
+ oldcs = xpctxt->contextSize;
+ oldpp = xpctxt->proximityPosition;
/*
* Get the expression of this predicate.
*/
@@ -11783,8 +11786,8 @@ evaluation_exit:
*/
xpctxt->node = oldContextNode;
xpctxt->doc = oldContextDoc;
- xpctxt->contextSize = -1;
- xpctxt->proximityPosition = -1;
+ xpctxt->contextSize = oldcs;
+ xpctxt->proximityPosition = oldpp;
return(newContextSize);
}
return(contextSize);
@@ -11827,6 +11830,7 @@ xmlXPathCompOpEvalPositionalPredicate(xmlXPathParserContextPtr ctxt,
return (contextSize);
} else {
xmlDocPtr oldContextDoc;
+ int oldcs, oldpp;
int i, pos = 0, newContextSize = 0, contextPos = 0, res;
xmlXPathStepOpPtr exprOp;
xmlXPathObjectPtr contextObj = NULL, exprRes = NULL;
@@ -11847,6 +11851,8 @@ xmlXPathCompOpEvalPositionalPredicate(xmlXPathParserContextPtr ctxt,
*/
oldContextNode = xpctxt->node;
oldContextDoc = xpctxt->doc;
+ oldcs = xpctxt->contextSize;
+ oldpp = xpctxt->proximityPosition;
/*
* Get the expression of this predicate.
*/
@@ -11983,8 +11989,8 @@ evaluation_exit:
*/
xpctxt->node = oldContextNode;
xpctxt->doc = oldContextDoc;
- xpctxt->contextSize = -1;
- xpctxt->proximityPosition = -1;
+ xpctxt->contextSize = oldcs;
+ xpctxt->proximityPosition = oldpp;
return(newContextSize);
}
return(contextSize);
@@ -12829,8 +12835,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
int total = 0, cur;
xmlXPathCompExprPtr comp;
xmlXPathObjectPtr arg1, arg2;
- int pp;
- int cs;
CHECK_ERROR0;
comp = ctxt->comp;
@@ -12838,8 +12842,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
case XPATH_OP_END:
return (0);
case XPATH_OP_UNION:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total =
xmlXPathCompOpEvalLast(ctxt, &comp->steps[op->ch1], last);
CHECK_ERROR0;
@@ -12857,8 +12859,6 @@ xmlXPathCompOpEvalLast(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op,
nodesetval->nodeNr -
1];
}
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
cur =
xmlXPathCompOpEvalLast(ctxt, &comp->steps[op->ch2], last);
CHECK_ERROR0;
@@ -12942,6 +12942,7 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
xmlNodeSetPtr oldset;
xmlNodePtr oldnode;
xmlDocPtr oldDoc;
+ int oldcs, oldpp;
int i;
CHECK_ERROR0;
@@ -13015,6 +13016,8 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
obj = valuePop(ctxt);
oldlocset = obj->user;
oldnode = ctxt->context->node;
+ oldcs = ctxt->context->contextSize;
+ oldpp = ctxt->context->proximityPosition;
newlocset = xmlXPtrLocationSetCreate(NULL);
@@ -13039,9 +13042,8 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
if (op->ch2 != -1)
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
- xmlXPathFreeObject(obj);
- ctxt->context->node = oldnode;
- return(0);
+ xmlXPtrFreeLocationSet(newlocset);
+ goto xptr_error;
}
/*
* The result of the evaluation need to be tested to
@@ -13083,11 +13085,12 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
/*
* The result is used as the new evaluation locset.
*/
- xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->contextSize = -1;
- ctxt->context->proximityPosition = -1;
valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
+xptr_error:
+ xmlXPathReleaseObject(ctxt->context, obj);
ctxt->context->node = oldnode;
+ ctxt->context->contextSize = oldcs;
+ ctxt->context->proximityPosition = oldpp;
return (total);
}
#endif /* LIBXML_XPTR_ENABLED */
@@ -13108,6 +13111,8 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
oldset = obj->nodesetval;
oldnode = ctxt->context->node;
oldDoc = ctxt->context->doc;
+ oldcs = ctxt->context->contextSize;
+ oldpp = ctxt->context->proximityPosition;
/*
* Initialize the new set.
@@ -13142,9 +13147,7 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeNodeSet(newset);
- xmlXPathFreeObject(obj);
- ctxt->context->node = oldnode;
- return(0);
+ goto error;
}
/*
* The result of the evaluation needs to be tested to
@@ -13185,12 +13188,13 @@ xmlXPathCompOpEvalFilterFirst(xmlXPathParserContextPtr ctxt,
/*
* The result is used as the new evaluation set.
*/
+ valuePush(ctxt, xmlXPathCacheWrapNodeSet(ctxt->context, newset));
+error:
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->contextSize = -1;
- ctxt->context->proximityPosition = -1;
ctxt->context->node = oldnode;
ctxt->context->doc = oldDoc;
- valuePush(ctxt, xmlXPathCacheWrapNodeSet(ctxt->context, newset));
+ ctxt->context->contextSize = oldcs;
+ ctxt->context->proximityPosition = oldpp;
}
return(total);
}
@@ -13211,8 +13215,6 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
int equal, ret;
xmlXPathCompExprPtr comp;
xmlXPathObjectPtr arg1, arg2;
- int pp;
- int cs;
CHECK_ERROR0;
comp = ctxt->comp;
@@ -13220,16 +13222,12 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
case XPATH_OP_END:
return (0);
case XPATH_OP_AND:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
xmlXPathBooleanFunction(ctxt, 1);
if ((ctxt->value == NULL) || (ctxt->value->boolval == 0))
return (total);
arg2 = valuePop(ctxt);
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
if (ctxt->error) {
xmlXPathFreeObject(arg2);
@@ -13242,16 +13240,12 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathReleaseObject(ctxt->context, arg2);
return (total);
case XPATH_OP_OR:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
xmlXPathBooleanFunction(ctxt, 1);
if ((ctxt->value == NULL) || (ctxt->value->boolval == 1))
return (total);
arg2 = valuePop(ctxt);
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
if (ctxt->error) {
xmlXPathFreeObject(arg2);
@@ -13264,12 +13258,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathReleaseObject(ctxt->context, arg2);
return (total);
case XPATH_OP_EQUAL:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
CHECK_ERROR0;
if (op->value)
@@ -13279,25 +13269,17 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
valuePush(ctxt, xmlXPathCacheNewBoolean(ctxt->context, equal));
return (total);
case XPATH_OP_CMP:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
CHECK_ERROR0;
ret = xmlXPathCompareValues(ctxt, op->value, op->value2);
valuePush(ctxt, xmlXPathCacheNewBoolean(ctxt->context, ret));
return (total);
case XPATH_OP_PLUS:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
if (op->ch2 != -1) {
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
}
CHECK_ERROR0;
@@ -13313,12 +13295,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
}
return (total);
case XPATH_OP_MULT:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
CHECK_ERROR0;
if (op->value == 0)
@@ -13329,12 +13307,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathModValues(ctxt);
return (total);
case XPATH_OP_UNION:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
CHECK_ERROR0;
- ctxt->context->proximityPosition = pp;
- ctxt->context->contextSize = cs;
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
CHECK_ERROR0;
@@ -13489,18 +13463,12 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
return (total);
}
case XPATH_OP_ARG:
- pp = ctxt->context->proximityPosition;
- cs = ctxt->context->contextSize;
if (op->ch1 != -1) {
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch1]);
- ctxt->context->contextSize = cs;
- ctxt->context->proximityPosition = pp;
CHECK_ERROR0;
}
if (op->ch2 != -1) {
total += xmlXPathCompOpEval(ctxt, &comp->steps[op->ch2]);
- ctxt->context->contextSize = cs;
- ctxt->context->proximityPosition = pp;
CHECK_ERROR0;
}
return (total);
@@ -13512,6 +13480,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlNodeSetPtr oldset;
xmlNodePtr oldnode;
xmlDocPtr oldDoc;
+ int oldcs, oldpp;
int i;
/*
@@ -13636,6 +13605,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
obj = valuePop(ctxt);
oldlocset = obj->user;
oldnode = ctxt->context->node;
+ oldcs = ctxt->context->contextSize;
+ oldpp = ctxt->context->proximityPosition;
newlocset = xmlXPtrLocationSetCreate(NULL);
@@ -13656,9 +13627,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathCompOpEval(ctxt,
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
- xmlXPathFreeObject(obj);
- ctxt->context->node = oldnode;
- return(0);
+ xmlXPtrFreeLocationSet(newlocset);
+ goto filter_xptr_error;
}
/*
@@ -13687,11 +13657,12 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
/*
* The result is used as the new evaluation locset.
*/
- xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->contextSize = -1;
- ctxt->context->proximityPosition = -1;
valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
+filter_xptr_error:
+ xmlXPathReleaseObject(ctxt->context, obj);
ctxt->context->node = oldnode;
+ ctxt->context->contextSize = oldcs;
+ ctxt->context->proximityPosition = oldpp;
return (total);
}
#endif /* LIBXML_XPTR_ENABLED */
@@ -13709,6 +13680,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
oldset = obj->nodesetval;
oldnode = ctxt->context->node;
oldDoc = ctxt->context->doc;
+ oldcs = ctxt->context->contextSize;
+ oldpp = ctxt->context->proximityPosition;
tmp = NULL;
/*
* Initialize the new set.
@@ -13774,9 +13747,7 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
xmlXPathFreeNodeSet(newset);
- xmlXPathFreeObject(obj);
- ctxt->context->node = oldnode;
- return(0);
+ goto filter_error;
}
/*
@@ -13816,13 +13787,14 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
/*
* The result is used as the new evaluation set.
*/
+ valuePush(ctxt,
+ xmlXPathCacheWrapNodeSet(ctxt->context, newset));
+filter_error:
xmlXPathReleaseObject(ctxt->context, obj);
- ctxt->context->contextSize = -1;
- ctxt->context->proximityPosition = -1;
ctxt->context->node = oldnode;
ctxt->context->doc = oldDoc;
- valuePush(ctxt,
- xmlXPathCacheWrapNodeSet(ctxt->context, newset));
+ ctxt->context->contextSize = oldcs;
+ ctxt->context->proximityPosition = oldpp;
}
return (total);
}
@@ -13847,6 +13819,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlLocationSetPtr oldlocset;
xmlNodeSetPtr oldset;
xmlNodePtr oldnode = ctxt->context->node;
+ int oldcs = ctxt->context->contextSize;
+ int oldpp = ctxt->context->proximityPosition;
int i, j;
if (op->ch1 != -1) {
@@ -13894,9 +13868,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathCompOpEval(ctxt,
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
- xmlXPathFreeObject(obj);
- ctxt->context->node = oldnode;
- return(0);
+ xmlXPtrFreeLocationSet(newlocset);
+ goto rangeto_error;
}
res = valuePop(ctxt);
@@ -13958,9 +13931,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
xmlXPathCompOpEval(ctxt,
&comp->steps[op->ch2]);
if (ctxt->error != XPATH_EXPRESSION_OK) {
- xmlXPathFreeObject(obj);
- ctxt->context->node = oldnode;
- return(0);
+ xmlXPtrFreeLocationSet(newlocset);
+ goto rangeto_error;
}
res = valuePop(ctxt);
@@ -13988,11 +13960,12 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
/*
* The result is used as the new evaluation set.
*/
+ valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
+rangeto_error:
xmlXPathReleaseObject(ctxt->context, obj);
ctxt->context->node = oldnode;
- ctxt->context->contextSize = -1;
- ctxt->context->proximityPosition = -1;
- valuePush(ctxt, xmlXPtrWrapLocationSet(newlocset));
+ ctxt->context->contextSize = oldcs;
+ ctxt->context->proximityPosition = oldpp;
return (total);
}
#endif /* LIBXML_XPTR_ENABLED */
--
2.18.0

28
0009-HTML-noscript-should-not-close-p.patch Normal file
View File

@ -0,0 +1,28 @@
From 35e83488505d501864826125cfe6a7950d6cba78 Mon Sep 17 00:00:00 2001
From: Daniel Veillard <veillard@redhat.com>
Date: Wed, 18 Apr 2018 15:58:42 +0200
Subject: [PATCH 09/13] HTML noscript should not close p
For https://bugzilla.gnome.org/show_bug.cgi?id=795343
- HTMLparser.c: noscript should not close <p> but it should close <script>
---
HTMLparser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/HTMLparser.c b/HTMLparser.c
index 7e243e60..96a1bf40 100644
--- a/HTMLparser.c
+++ b/HTMLparser.c
@@ -1084,7 +1084,7 @@ static const char * const htmlStartClose[] = {
"menu", "p", "head", "ul", NULL,
"p", "p", "head", "h1", "h2", "h3", "h4", "h5", "h6", FONTSTYLE, NULL,
"div", "p", "head", NULL,
-"noscript", "p", NULL,
+"noscript", "script", NULL,
"center", "font", "b", "i", "p", "head", NULL,
"a", "a", "head", NULL,
"caption", "p", NULL,
--
2.18.0

33
0010-Remove-a-misleading-line-from-xmlCharEncOutput.patch Normal file
View File

@ -0,0 +1,33 @@
From d2293cdbc83b3ca79b9d7132c5a62dfd7e3751be Mon Sep 17 00:00:00 2001
From: Andrey Bienkowski <abenkovskii@gmail.com>
Date: Tue, 30 Jan 2018 15:04:11 +0300
Subject: [PATCH 10/13] Remove a misleading line from xmlCharEncOutput
Closes: https://bugzilla.gnome.org/show_bug.cgi?id=793028
It seams this line was accidentally copied over from xmlCharEncOutFunc.
In xmlCharEncOutput output is a pointer so incrementing it by ret can
point it where it wasn't supposed to be pointing. Luckily the current
implementation doesn't dereference the pointer after advancing it.
Signed-off-by: Daniel Veillard <veillard@redhat.com>
---
encoding.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/encoding.c b/encoding.c
index de7b511a..a3aaf10e 100644
--- a/encoding.c
+++ b/encoding.c
@@ -2460,8 +2460,6 @@ retry:
ret = -3;
}
- if (ret >= 0) output += ret;
-
/*
* Attempt to handle error cases
*/
--
2.18.0

28
0011-Remove-stray-character-from-comment.patch Normal file
View File

@ -0,0 +1,28 @@
From b7c50b8ddeae4662c639369360f34b832b6b2e49 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Tue, 17 Apr 2018 12:07:08 +0200
Subject: [PATCH 11/13] Remove stray character from comment
Fixes bug #795316:
https://bugzilla.gnome.org/show_bug.cgi?id=795316
---
xpath.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xpath.c b/xpath.c
index 9d223977..3fae0bf4 100644
--- a/xpath.c
+++ b/xpath.c
@@ -2,7 +2,7 @@
* xpath.c: XML Path Language implementation
* XPath is a language for addressing parts of an XML document,
* designed to be used by both XSLT and XPointer
- *f
+ *
* Reference: W3C Recommendation 16 November 1999
* http://www.w3.org/TR/1999/REC-xpath-19991116
* Public reference:
--
2.18.0

54
0012-Fix-nullptr-deref-with-XPath-logic-ops.patch Normal file
View File

@ -0,0 +1,54 @@
From a436374994c47b12d5de1b8b1d191a098fa23594 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Mon, 30 Jul 2018 12:54:38 +0200
Subject: [PATCH 12/13] Fix nullptr deref with XPath logic ops
If the XPath stack is corrupted, for example by a misbehaving extension
function, the "and" and "or" XPath operators could dereference NULL
pointers. Check that the XPath stack isn't empty and optimize the
logic operators slightly.
Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/5
Also see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817
https://bugzilla.redhat.com/show_bug.cgi?id=1595985
This is CVE-2018-14404.
Thanks to Guy Inbar for the report.
---
xpath.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/xpath.c b/xpath.c
index 3fae0bf4..5e3bb9ff 100644
--- a/xpath.c
+++ b/xpath.c
@@ -13234,9 +13234,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
return(0);
}
xmlXPathBooleanFunction(ctxt, 1);
- arg1 = valuePop(ctxt);
- arg1->boolval &= arg2->boolval;
- valuePush(ctxt, arg1);
+ if (ctxt->value != NULL)
+ ctxt->value->boolval &= arg2->boolval;
xmlXPathReleaseObject(ctxt->context, arg2);
return (total);
case XPATH_OP_OR:
@@ -13252,9 +13251,8 @@ xmlXPathCompOpEval(xmlXPathParserContextPtr ctxt, xmlXPathStepOpPtr op)
return(0);
}
xmlXPathBooleanFunction(ctxt, 1);
- arg1 = valuePop(ctxt);
- arg1->boolval |= arg2->boolval;
- valuePush(ctxt, arg1);
+ if (ctxt->value != NULL)
+ ctxt->value->boolval |= arg2->boolval;
xmlXPathReleaseObject(ctxt->context, arg2);
return (total);
case XPATH_OP_EQUAL:
--
2.18.0

50
0013-Fix-infinite-loop-in-LZMA-decompression.patch Normal file
View File

@ -0,0 +1,50 @@
From 2240fbf5912054af025fb6e01e26375100275e74 Mon Sep 17 00:00:00 2001
From: Nick Wellnhofer <wellnhofer@aevum.de>
Date: Mon, 30 Jul 2018 13:14:11 +0200
Subject: [PATCH 13/13] Fix infinite loop in LZMA decompression
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Check the liblzma error code more thoroughly to avoid infinite loops.
Closes: https://gitlab.gnome.org/GNOME/libxml2/issues/13
Closes: https://bugzilla.gnome.org/show_bug.cgi?id=794914
This is CVE-2018-9251 and CVE-2018-14567.
Thanks to Dongliang Mu and Simon Wörner for the reports.
---
xzlib.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/xzlib.c b/xzlib.c
index a839169e..0ba88cfa 100644
--- a/xzlib.c
+++ b/xzlib.c
@@ -562,6 +562,10 @@ xz_decomp(xz_statep state)
"internal error: inflate stream corrupt");
return -1;
}
+ /*
+ * FIXME: Remapping a couple of error codes and falling through
+ * to the LZMA error handling looks fragile.
+ */
if (ret == Z_MEM_ERROR)
ret = LZMA_MEM_ERROR;
if (ret == Z_DATA_ERROR)
@@ -587,6 +591,11 @@ xz_decomp(xz_statep state)
xz_error(state, LZMA_PROG_ERROR, "compression error");
return -1;
}
+ if ((state->how != GZIP) &&
+ (ret != LZMA_OK) && (ret != LZMA_STREAM_END)) {
+ xz_error(state, ret, "lzma error");
+ return -1;
+ }
} while (strm->avail_out && ret != LZMA_STREAM_END);
/* update available output and crc check value */
--
2.18.0

26
libxml2.spec
View File

@ -1,16 +1,32 @@
Name: libxml2 Name: libxml2
Version: 2.9.8 Version: 2.9.8
Release: 3%{?dist} Release: 4%{?dist}
Summary: Library providing XML and HTML support Summary: Library providing XML and HTML support
License: MIT License: MIT
URL: http://xmlsoft.org/ URL: http://xmlsoft.org/
Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz Source: ftp://xmlsoft.org/libxml2/libxml2-%{version}.tar.gz
Patch0: libxml2-multilib.patch Patch0: libxml2-multilib.patch
# https://git.gnome.org/browse/libxml2/commit/?id=7a1bd7f6497ac33a9023d556f6f47a48f01deac0 # Backports from upstream
Patch1: 0001-Revert-Change-calls-to-xmlCharEncInput-to-set-flush-.patch Patch0001: 0001-NaN-and-Inf-fixes-for-pre-C99-compilers.patch
Patch0002: 0002-Revert-Change-calls-to-xmlCharEncInput-to-set-flush-.patch
Patch0003: 0003-Fix-inconsistency-in-xmlXPathIsInf.patch
Patch0004: 0004-Stop-using-XPATH_OP_RESET.patch
Patch0005: 0005-Don-t-change-context-node-in-xmlXPathRoot.patch
Patch0006: 0006-Avoid-unnecessary-backups-of-the-context-node.patch
Patch0007: 0007-Simplify-and-harden-nodeset-filtering.patch
Patch0008: 0008-Improve-restoring-of-context-size-and-position.patch
Patch0009: 0009-HTML-noscript-should-not-close-p.patch
Patch0010: 0010-Remove-a-misleading-line-from-xmlCharEncOutput.patch
Patch0011: 0011-Remove-stray-character-from-comment.patch
Patch0012: 0012-Fix-nullptr-deref-with-XPath-logic-ops.patch
Patch0013: 0013-Fix-infinite-loop-in-LZMA-decompression.patch
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: gcc BuildRequires: gcc
BuildRequires: make
BuildRequires: cmake-rpm-macros BuildRequires: cmake-rpm-macros
BuildRequires: pkgconfig(zlib) BuildRequires: pkgconfig(zlib)
BuildRequires: pkgconfig(liblzma) BuildRequires: pkgconfig(liblzma)
@ -91,6 +107,7 @@ at parse time or later once the document has been modified.
find doc -type f -executable -print -exec chmod 0644 {} ';' find doc -type f -executable -print -exec chmod 0644 {} ';'
%build %build
autoreconf -vfi
mkdir py2 py3 mkdir py2 py3
%global _configure ../configure %global _configure ../configure
%global _configure_disable_silent_rules 1 %global _configure_disable_silent_rules 1
@ -165,6 +182,9 @@ gzip -9 -c doc/libxml2-api.xml > doc/libxml2-api.xml.gz
%{python3_sitearch}/libxml2mod.so %{python3_sitearch}/libxml2mod.so
%changelog %changelog
* Thu Aug 02 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.9.8-4
- Backport patches from upstream
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.8-3 * Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.9.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild