From 5033aa77aacaa5505636f150e8d54baac5bdca9c Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Mon, 10 Sep 2018 21:04:00 -0700 Subject: [PATCH] bpo-34625: Update vendorized expat version to 2.2.6. (GH-9150) --- .../2018-09-10-17-46-51.bpo-34625.D2YfDz.rst | 1 + Modules/expat/expat.h | 4 +- Modules/expat/siphash.h | 17 +++++ Modules/expat/xmlparse.c | 66 ++++++++++++------- Modules/expat/xmltok_impl.c | 9 ++- 5 files changed, 70 insertions(+), 27 deletions(-) create mode 100644 Misc/NEWS.d/next/Library/2018-09-10-17-46-51.bpo-34625.D2YfDz.rst diff --git a/Misc/NEWS.d/next/Library/2018-09-10-17-46-51.bpo-34625.D2YfDz.rst b/Misc/NEWS.d/next/Library/2018-09-10-17-46-51.bpo-34625.D2YfDz.rst new file mode 100644 index 00000000000000..0747ec54470f0e --- /dev/null +++ b/Misc/NEWS.d/next/Library/2018-09-10-17-46-51.bpo-34625.D2YfDz.rst @@ -0,0 +1 @@ +Update vendorized expat library version to 2.2.6. diff --git a/Modules/expat/expat.h b/Modules/expat/expat.h index 1f608c02d6fdbf..174c3fafda3f27 100644 --- a/Modules/expat/expat.h +++ b/Modules/expat/expat.h @@ -264,7 +264,7 @@ XML_ParserCreate_MM(const XML_Char *encoding, const XML_Char *namespaceSeparator); /* Prepare a parser object to be re-used. This is particularly - valuable when memory allocation overhead is disproportionatly high, + valuable when memory allocation overhead is disproportionately high, such as when a large number of small documnents need to be parsed. All handlers are cleared from the parser, except for the unknownEncodingHandler. The parser's external state is re-initialized @@ -1076,7 +1076,7 @@ XML_GetFeatureList(void); */ #define XML_MAJOR_VERSION 2 #define XML_MINOR_VERSION 2 -#define XML_MICRO_VERSION 5 +#define XML_MICRO_VERSION 6 #ifdef __cplusplus } diff --git a/Modules/expat/siphash.h b/Modules/expat/siphash.h index 581872df7b4992..4d6786d7839a2c 100644 --- a/Modules/expat/siphash.h +++ b/Modules/expat/siphash.h @@ -11,6 +11,12 @@ * -------------------------------------------------------------------------- * HISTORY: * + * 2018-07-08 (Anton Maklakov) + * - Add "fall through" markers for GCC's -Wimplicit-fallthrough + * + * 2017-11-03 (Sebastian Pipping) + * - Hide sip_tobin and sip_binof unless SIPHASH_TOBIN macro is defined + * * 2017-07-25 (Vadim Zeitlin) * - Fix use of SIPHASH_MAIN macro * @@ -151,6 +157,8 @@ static struct sipkey *sip_tokey(struct sipkey *key, const void *src) { } /* sip_tokey() */ +#ifdef SIPHASH_TOBIN + #define sip_binof(v) sip_tobin((unsigned char[8]){ 0 }, (v)) static void *sip_tobin(void *dst, uint64_t u64) { @@ -158,6 +166,8 @@ static void *sip_tobin(void *dst, uint64_t u64) { return dst; } /* sip_tobin() */ +#endif /* SIPHASH_TOBIN */ + static void sip_round(struct siphash *H, const int rounds) { int i; @@ -231,12 +241,19 @@ static uint64_t sip24_final(struct siphash *H) { switch (left) { case 7: b |= (uint64_t)H->buf[6] << 48; + /* fall through */ case 6: b |= (uint64_t)H->buf[5] << 40; + /* fall through */ case 5: b |= (uint64_t)H->buf[4] << 32; + /* fall through */ case 4: b |= (uint64_t)H->buf[3] << 24; + /* fall through */ case 3: b |= (uint64_t)H->buf[2] << 16; + /* fall through */ case 2: b |= (uint64_t)H->buf[1] << 8; + /* fall through */ case 1: b |= (uint64_t)H->buf[0] << 0; + /* fall through */ case 0: break; } diff --git a/Modules/expat/xmlparse.c b/Modules/expat/xmlparse.c index 90a237f30eb8cd..c4f3ffc215c9ef 100644 --- a/Modules/expat/xmlparse.c +++ b/Modules/expat/xmlparse.c @@ -1,4 +1,4 @@ -/* 4b74aa710b4ed5ce464b0ce544852cb47bf905c85a49c7bae2749f5885cb966d (2.2.5+) +/* 19ac4776051591216f1874e34ee99b6a43a3784c8bd7d70efeb9258dd22b906a (2.2.6+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -161,6 +161,9 @@ typedef char ICHAR; /* Round up n to be a multiple of sz, where sz is a power of 2. */ #define ROUND_UP(n, sz) (((n) + ((sz) - 1)) & ~((sz) - 1)) +/* Do safe (NULL-aware) pointer arithmetic */ +#define EXPAT_SAFE_PTR_DIFF(p, q) (((p) && (q)) ? ((p) - (q)) : 0) + /* Handle the case where memmove() doesn't exist. */ #ifndef HAVE_MEMMOVE #ifdef HAVE_BCOPY @@ -1820,6 +1823,7 @@ XML_Parse(XML_Parser parser, const char *s, int len, int isFinal) parser->m_errorCode = XML_ERROR_NO_MEMORY; return XML_STATUS_ERROR; } + /* fall through */ default: parser->m_parsingStatus.parsing = XML_PARSING; } @@ -1969,6 +1973,7 @@ XML_ParseBuffer(XML_Parser parser, int len, int isFinal) parser->m_errorCode = XML_ERROR_NO_MEMORY; return XML_STATUS_ERROR; } + /* fall through */ default: parser->m_parsingStatus.parsing = XML_PARSING; } @@ -2026,39 +2031,46 @@ XML_GetBuffer(XML_Parser parser, int len) default: ; } - if (len > parser->m_bufferLim - parser->m_bufferEnd) { + if (len > EXPAT_SAFE_PTR_DIFF(parser->m_bufferLim, parser->m_bufferEnd)) { #ifdef XML_CONTEXT_BYTES int keep; #endif /* defined XML_CONTEXT_BYTES */ /* Do not invoke signed arithmetic overflow: */ - int neededSize = (int) ((unsigned)len + (unsigned)(parser->m_bufferEnd - parser->m_bufferPtr)); + int neededSize = (int) ((unsigned)len + + (unsigned)EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, + parser->m_bufferPtr)); if (neededSize < 0) { parser->m_errorCode = XML_ERROR_NO_MEMORY; return NULL; } #ifdef XML_CONTEXT_BYTES - keep = (int)(parser->m_bufferPtr - parser->m_buffer); + keep = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer); if (keep > XML_CONTEXT_BYTES) keep = XML_CONTEXT_BYTES; neededSize += keep; #endif /* defined XML_CONTEXT_BYTES */ - if (neededSize <= parser->m_bufferLim - parser->m_buffer) { + if (neededSize <= EXPAT_SAFE_PTR_DIFF(parser->m_bufferLim, parser->m_buffer)) { #ifdef XML_CONTEXT_BYTES - if (keep < parser->m_bufferPtr - parser->m_buffer) { - int offset = (int)(parser->m_bufferPtr - parser->m_buffer) - keep; + if (keep < EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer)) { + int offset = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer) - keep; + /* The buffer pointers cannot be NULL here; we have at least some bytes in the buffer */ memmove(parser->m_buffer, &parser->m_buffer[offset], parser->m_bufferEnd - parser->m_bufferPtr + keep); parser->m_bufferEnd -= offset; parser->m_bufferPtr -= offset; } #else - memmove(parser->m_buffer, parser->m_bufferPtr, parser->m_bufferEnd - parser->m_bufferPtr); - parser->m_bufferEnd = parser->m_buffer + (parser->m_bufferEnd - parser->m_bufferPtr); - parser->m_bufferPtr = parser->m_buffer; + if (parser->m_buffer && parser->m_bufferPtr) { + memmove(parser->m_buffer, parser->m_bufferPtr, + EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, parser->m_bufferPtr)); + parser->m_bufferEnd = parser->m_buffer + + EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, parser->m_bufferPtr); + parser->m_bufferPtr = parser->m_buffer; + } #endif /* not defined XML_CONTEXT_BYTES */ } else { char *newBuf; - int bufferSize = (int)(parser->m_bufferLim - parser->m_bufferPtr); + int bufferSize = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferLim, parser->m_bufferPtr); if (bufferSize == 0) bufferSize = INIT_BUFFER_SIZE; do { @@ -2077,25 +2089,34 @@ XML_GetBuffer(XML_Parser parser, int len) parser->m_bufferLim = newBuf + bufferSize; #ifdef XML_CONTEXT_BYTES if (parser->m_bufferPtr) { - int keep = (int)(parser->m_bufferPtr - parser->m_buffer); + int keep = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer); if (keep > XML_CONTEXT_BYTES) keep = XML_CONTEXT_BYTES; - memcpy(newBuf, &parser->m_bufferPtr[-keep], parser->m_bufferEnd - parser->m_bufferPtr + keep); + memcpy(newBuf, &parser->m_bufferPtr[-keep], + EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, parser->m_bufferPtr) + keep); FREE(parser, parser->m_buffer); parser->m_buffer = newBuf; - parser->m_bufferEnd = parser->m_buffer + (parser->m_bufferEnd - parser->m_bufferPtr) + keep; + parser->m_bufferEnd = parser->m_buffer + + EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, parser->m_bufferPtr) + keep; parser->m_bufferPtr = parser->m_buffer + keep; } else { - parser->m_bufferEnd = newBuf + (parser->m_bufferEnd - parser->m_bufferPtr); + /* This must be a brand new buffer with no data in it yet */ + parser->m_bufferEnd = newBuf; parser->m_bufferPtr = parser->m_buffer = newBuf; } #else if (parser->m_bufferPtr) { - memcpy(newBuf, parser->m_bufferPtr, parser->m_bufferEnd - parser->m_bufferPtr); + memcpy(newBuf, parser->m_bufferPtr, + EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, parser->m_bufferPtr)); FREE(parser, parser->m_buffer); + parser->m_bufferEnd = newBuf + + EXPAT_SAFE_PTR_DIFF(parser->m_bufferEnd, parser->m_bufferPtr); + } + else { + /* This must be a brand new buffer with no data in it yet */ + parser->m_bufferEnd = newBuf; } - parser->m_bufferEnd = newBuf + (parser->m_bufferEnd - parser->m_bufferPtr); parser->m_bufferPtr = parser->m_buffer = newBuf; #endif /* not defined XML_CONTEXT_BYTES */ } @@ -2908,9 +2929,11 @@ doContent(XML_Parser parser, poolClear(&parser->m_tempPool); freeBindings(parser, bindings); } - if ((parser->m_tagLevel == 0) && - !((parser->m_parsingStatus.parsing == XML_FINISHED) || (parser->m_parsingStatus.parsing == XML_SUSPENDED))) { - return epilogProcessor(parser, next, end, nextPtr); + if ((parser->m_tagLevel == 0) && (parser->m_parsingStatus.parsing != XML_FINISHED)) { + if (parser->m_parsingStatus.parsing == XML_SUSPENDED) + parser->m_processor = epilogProcessor; + else + return epilogProcessor(parser, next, end, nextPtr); } break; case XML_TOK_END_TAG: @@ -4746,8 +4769,8 @@ doProlog(XML_Parser parser, return XML_ERROR_NO_MEMORY; parser->m_declEntity->publicId = NULL; } - /* fall through */ #endif /* XML_DTD */ + /* fall through */ case XML_ROLE_ENTITY_SYSTEM_ID: if (dtd->keepProcessing && parser->m_declEntity) { parser->m_declEntity->systemId = poolStoreString(&dtd->pool, enc, @@ -6643,7 +6666,6 @@ hash(XML_Parser parser, KEY s) { struct siphash state; struct sipkey key; - (void)sip_tobin; (void)sip24_valid; copy_salt_to_sipkey(parser, &key); sip24_init(&state, &key); diff --git a/Modules/expat/xmltok_impl.c b/Modules/expat/xmltok_impl.c index 0403dd3d09a0b6..4d9ae7dc3896b8 100644 --- a/Modules/expat/xmltok_impl.c +++ b/Modules/expat/xmltok_impl.c @@ -74,6 +74,7 @@ *nextTokPtr = ptr; \ return XML_TOK_INVALID; \ } \ + /* fall through */ \ case BT_NMSTRT: \ case BT_HEX: \ case BT_DIGIT: \ @@ -102,6 +103,7 @@ *nextTokPtr = ptr; \ return XML_TOK_INVALID; \ } \ + /* fall through */ \ case BT_NMSTRT: \ case BT_HEX: \ ptr += MINBPC(enc); \ @@ -602,7 +604,7 @@ PREFIX(scanAtts)(const ENCODING *enc, const char *ptr, const char *end, return XML_TOK_INVALID; } } - /* fall through */ + /* fall through */ case BT_EQUALS: { int open; @@ -1442,6 +1444,7 @@ PREFIX(isPublicId)(const ENCODING *enc, const char *ptr, const char *end, case BT_NMSTRT: if (!(BYTE_TO_ASCII(enc, ptr) & ~0x7f)) break; + /* fall through */ default: switch (BYTE_TO_ASCII(enc, ptr)) { case 0x24: /* $ */ @@ -1659,8 +1662,8 @@ PREFIX(nameMatchesAscii)(const ENCODING *UNUSED_P(enc), const char *ptr1, { for (; *ptr2; ptr1 += MINBPC(enc), ptr2++) { if (end1 - ptr1 < MINBPC(enc)) { - /* This line cannot be executed. THe incoming data has already - * been tokenized once, so imcomplete characters like this have + /* This line cannot be executed. The incoming data has already + * been tokenized once, so incomplete characters like this have * already been eliminated from the input. Retaining the * paranoia check is still valuable, however. */