Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / libxml2 / b3edafd72dd259396941f07e6edc2081b051d054^! / .
commitb3edafd72dd259396941f07e6edc2081b051d054[log] [tgz]
authorDaniel Veillard <veillard@src.gnome.org>Fri Jan 11 08:00:57 2008 +0000
committerDaniel Veillard <veillard@src.gnome.org>Fri Jan 11 08:00:57 2008 +0000
tree03687019c004c88da6927f29a926163692af43bf
parentc5b43cc03a52684e8780a17ed4f5154b568bc3c5 [diff]
avoid a warning on 64bits introduced earlier make more checking on the

* parser.c: avoid a warning on 64bits introduced earlier
* parserInternals.c: make more checking on the UTF-8 input
Daniel

svn path=/trunk/; revision=3676

diff --git a/ChangeLog b/ChangeLog
index 83a592a..bacb7a8 100644
--- a/ChangeLog
+++ b/ChangeLog

@@ -1,3 +1,8 @@
+Fri Jan 11 08:58:49 CET 2008 Daniel Veillard <daniel@veillard.com>
+
+	* parser.c: avoid a warning on 64bits introduced earlier
+	* parserInternals.c: make more checking on the UTF-8 input
+
 Fri Jan 11 15:37:05 CST 2008 Daniel Veillard <daniel@veillard.com>
 
 	* HTMLparser.c: avoid stopping parsing when encountering

diff --git a/parser.c b/parser.c
index 378d873..529e061 100644
--- a/parser.c
+++ b/parser.c

@@ -994,7 +994,7 @@
                             const xmlChar *unused ATTRIBUTE_UNUSED) {
     xmlParserCtxtPtr ctxt = (xmlParserCtxtPtr) data;
 
-    if (((int) payload) == XML_ATTRIBUTE_CDATA) {
+    if (((long) payload) == XML_ATTRIBUTE_CDATA) {
         xmlHashRemoveEntry2(ctxt->attsSpecial, fullname, fullattr, NULL);
     }
 }

diff --git a/parserInternals.c b/parserInternals.c
index f4da58d..d7aa4cf 100644
--- a/parserInternals.c
+++ b/parserInternals.c

@@ -638,14 +638,13 @@
 
 	c = *cur;
 	if (c & 0x80) {
-	    if (c == 0xC0)
+	    if (((c & 0x40) == 0) || (c == 0xC0))
 		goto encoding_error;
 	    if (cur[1] == 0)
 		xmlParserInputGrow(ctxt->input, INPUT_CHUNK);
 	    if ((cur[1] & 0xc0) != 0x80)
 		goto encoding_error;
 	    if ((c & 0xe0) == 0xe0) {
-
 		if (cur[2] == 0)
 		    xmlParserInputGrow(ctxt->input, INPUT_CHUNK);
 		if ((cur[2] & 0xc0) != 0x80)
@@ -662,18 +661,24 @@
 		    val |= (cur[1] & 0x3f) << 12;
 		    val |= (cur[2] & 0x3f) << 6;
 		    val |= cur[3] & 0x3f;
+		    if (val < 0x10000)
+			goto encoding_error;
 		} else {
 		  /* 3-byte code */
 		    *len = 3;
 		    val = (cur[0] & 0xf) << 12;
 		    val |= (cur[1] & 0x3f) << 6;
 		    val |= cur[2] & 0x3f;
+		    if (val < 0x800)
+			goto encoding_error;
 		}
 	    } else {
 	      /* 2-byte code */
 		*len = 2;
 		val = (cur[0] & 0x1f) << 6;
 		val |= cur[1] & 0x3f;
+		if (val < 0x80)
+		    goto encoding_error;
 	    }
 	    if (!IS_CHAR(val)) {
 	        xmlErrEncodingInt(ctxt, XML_ERR_INVALID_CHAR,
@@ -683,6 +688,13 @@
 	} else {
 	    /* 1-byte code */
 	    *len = 1;
+	    if (*ctxt->input->cur == 0)
+		xmlParserInputGrow(ctxt->input, INPUT_CHUNK);
+	    if ((*ctxt->input->cur == 0) &&
+	        (ctxt->input->end > ctxt->input->cur)) {
+	        xmlErrEncodingInt(ctxt, XML_ERR_INVALID_CHAR,
+				  "Char 0x0 out of allowed range\n", 0);
+	    }
 	    if (*ctxt->input->cur == 0xD) {
 		if (ctxt->input->cur[1] == 0xA) {
 		    ctxt->nbChars++;