parser: Don't overwrite error state in xmlParseTextDecl

If a memory allocation fails, this could cause a null deref after
recent changes.

Found by OSS-Fuzz.
1 file changed
tree: 1bf426dc528fb0cabb5342646693611b49ff711a
  1. .gitlab-ci/
  2. doc/
  3. example/
  4. fuzz/
  5. include/
  6. m4/
  7. os400/
  8. python/
  9. result/
  10. test/
  11. vms/
  12. win32/
  13. xstc/
  14. .editorconfig
  15. .gitattributes
  16. .gitignore
  17. .gitlab-ci.yml
  18. autogen.sh
  19. buf.c
  20. c14n.c
  21. catalog.c
  22. check-relaxng-test-suite.py
  23. check-relaxng-test-suite2.py
  24. check-xinclude-test-suite.py
  25. check-xml-test-suite.py
  26. check-xsddata-test-suite.py
  27. chvalid.c
  28. chvalid.def
  29. CMakeLists.txt
  30. config.h.cmake.in
  31. configure.ac
  32. Copyright
  33. dbgen.pl
  34. dbgenattr.pl
  35. debugXML.c
  36. dict.c
  37. encoding.c
  38. entities.c
  39. error.c
  40. genChRanges.py
  41. gentest.py
  42. genUnicode.py
  43. globals.c
  44. hash.c
  45. HTMLparser.c
  46. HTMLtree.c
  47. legacy.c
  48. libxml-2.0-uninstalled.pc.in
  49. libxml-2.0.pc.in
  50. libxml.h
  51. libxml.m4
  52. libxml2-config.cmake.cmake.in
  53. libxml2-config.cmake.in
  54. libxml2.doap
  55. libxml2.syms
  56. list.c
  57. MAINTAINERS.md
  58. Makefile.am
  59. nanoftp.c
  60. nanohttp.c
  61. NEWS
  62. parser.c
  63. parserInternals.c
  64. pattern.c
  65. README.md
  66. README.zOS
  67. relaxng.c
  68. rngparser.c
  69. runsuite.c
  70. runtest.c
  71. runxmlconf.c
  72. SAX.c
  73. SAX2.c
  74. schematron.c
  75. testapi.c
  76. testchar.c
  77. testdict.c
  78. testdso.c
  79. testlimits.c
  80. testModule.c
  81. testOOM.c
  82. testOOMlib.c
  83. testOOMlib.h
  84. testrecurse.c
  85. testThreads.c
  86. threads.c
  87. timsort.h
  88. tree.c
  89. trio.c
  90. trio.h
  91. triodef.h
  92. trionan.c
  93. trionan.h
  94. triop.h
  95. triostr.c
  96. triostr.h
  97. uri.c
  98. valid.c
  99. xinclude.c
  100. xlink.c
  101. xml2-config.in
  102. xmlcatalog.c
  103. xmlIO.c
  104. xmllint.c
  105. xmlmemory.c
  106. xmlmodule.c
  107. xmlreader.c
  108. xmlregexp.c
  109. xmlsave.c
  110. xmlschemas.c
  111. xmlschemastypes.c
  112. xmlstring.c
  113. xmlunicode.c
  114. xmlwriter.c
  115. xpath.c
  116. xpointer.c
  117. xzlib.c
README.md

libxml2

libxml2 is an XML toolkit implemented in C, originally developed for the GNOME Project.

Official releases can be downloaded from https://download.gnome.org/sources/libxml2/

The git repository is hosted on GNOME's GitLab server: https://gitlab.gnome.org/GNOME/libxml2

Bugs should be reported at https://gitlab.gnome.org/GNOME/libxml2/-/issues

Documentation is available at https://gitlab.gnome.org/GNOME/libxml2/-/wikis

License

This code is released under the MIT License, see the Copyright file.

Build instructions

libxml2 can be built with GNU Autotools, CMake, or several other build systems in platform-specific subdirectories.

Autotools (for POSIX systems like Linux, BSD, macOS)

If you build from a Git tree, you have to install Autotools and start by generating the configuration files with:

./autogen.sh [configuration options]

If you build from a source tarball, extract the archive with:

tar xf libxml2-xxx.tar.gz
cd libxml2-xxx

Then you can configure and build the library:

./configure [configuration options]
make

The following options disable or enable code modules and relevant symbols:

--with-c14n             Canonical XML 1.0 support (on)
--with-catalog          XML Catalogs support (on)
--with-debug            debugging module and shell (on)
--with-history          history support for shell (off)
--with-readline[=DIR]   use readline in DIR (for shell history)
--with-html             HTML parser (on)
--with-http             HTTP support (on)
--with-iconv[=DIR]      iconv support (on)
--with-icu              ICU support (off)
--with-iso8859x         ISO-8859-X support if no iconv (on)
--with-lzma[=DIR]       use liblzma in DIR (on)
--with-mem-debug        memory debugging module (off)
--with-modules          dynamic modules support (on)
--with-output           serialization support (on)
--with-pattern          xmlPattern selection interface (on)
--with-push             push parser interfaces (on)
--with-python           Python bindings (on)
--with-reader           xmlReader parsing interface (on)
--with-regexps          regular expressions support (on)
--with-run-debug        runtime debugging module (off)
--with-sax1             older SAX1 interface (on)
--with-schemas          XML Schemas 1.0 and RELAX NG support (on)
--with-schematron       Schematron support (on)
--with-threads          multithreading support (on)
--with-thread-alloc     per-thread malloc hooks (off)
--with-tree             DOM like tree manipulation APIs (on)
--with-valid            DTD validation support (on)
--with-writer           xmlWriter serialization interface (on)
--with-xinclude         XInclude 1.0 support (on)
--with-xpath            XPath 1.0 support (on)
--with-xptr             XPointer support (on)
--with-zlib[=DIR]       use libz in DIR (on)

Other options:

--with-minimum          build a minimally sized library (off)
--with-legacy           maximum ABI compatibility (off)

Note that by default, no optimization options are used. You have to enable them manually, for example with:

CFLAGS='-O2 -fno-semantic-interposition' ./configure

Now you can run the test suite with:

make check

Please report test failures to the mailing list or bug tracker.

Then you can install the library:

make install

At that point you may have to rerun ldconfig or a similar utility to update your list of installed shared libs.

CMake (mainly for Windows)

Another option for compiling libxml is using CMake:

cmake -E tar xf libxml2-xxx.tar.gz
cmake -S libxml2-xxx -B libxml2-xxx-build [possible options]
cmake --build libxml2-xxx-build
cmake --install libxml2-xxx-build

Common CMake options include:

-D BUILD_SHARED_LIBS=OFF            # build static libraries
-D CMAKE_BUILD_TYPE=Release         # specify build type
-D CMAKE_INSTALL_PREFIX=/usr/local  # specify the install path
-D LIBXML2_WITH_ICONV=OFF           # disable iconv
-D LIBXML2_WITH_LZMA=OFF            # disable liblzma
-D LIBXML2_WITH_PYTHON=OFF          # disable Python
-D LIBXML2_WITH_ZLIB=OFF            # disable libz

You can also open the libxml source directory with its CMakeLists.txt directly in various IDEs such as CLion, QtCreator, or Visual Studio.

Dependencies

Libxml does not require any other libraries. A platform with somewhat recent POSIX support should be sufficient (please report any violation to this rule you may find).

However, if found at configuration time, libxml will detect and use the following libraries:

  • libz, a highly portable and widely available compression library.
  • liblzma, another compression library.
  • libiconv, a character encoding conversion library. The iconv function is part of POSIX.1-2001, so libiconv isn't required on modern UNIX-like systems like Linux, BSD or macOS.
  • ICU, a Unicode library. Mainly useful as an alternative to iconv on Windows. Unnecessary on most other systems.

Contributing

The current version of the code can be found in GNOME's GitLab at at https://gitlab.gnome.org/GNOME/libxml2. The best way to get involved is by creating issues and merge requests on GitLab. Alternatively, you can start discussions and send patches to the mailing list. If you want to work with patches, please format them with git-format-patch and use plain text attachments.

All code must conform to C89 and pass the GitLab CI tests. Add regression tests if possible.

Authors

  • Daniel Veillard
  • Bjorn Reese
  • William Brack
  • Igor Zlatkovic for the Windows port
  • Aleksey Sanin
  • Nick Wellnhofer