Date: Sun, 05 Apr 2026 06:57:33 +0000 From: Philip Paeps <philip@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 75767bb21294 - stable/13 - contrib/expat: import expat 2.7.5 Message-ID: <69d207dd.33c05.122b05c3@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/13 has been updated by philip: URL: https://cgit.FreeBSD.org/src/commit/?id=75767bb212946444a4ab7a5570a20d836ab964dd commit 75767bb212946444a4ab7a5570a20d836ab964dd Author: Philip Paeps <philip@FreeBSD.org> AuthorDate: 2026-04-02 00:12:18 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2026-04-05 05:37:13 +0000 contrib/expat: import expat 2.7.5 Changes: https://github.com/libexpat/libexpat/blob/R_2_7_5/expat/Changes https://github.com/libexpat/libexpat/blob/R_2_7_4/expat/Changes Security: CVE-2026-32776 Security: CVE-2026-32777 Security: CVE-2026-32778 Security: CVE-2026-24515 Security: CVE-2026-25210 (cherry picked from commit ae04c7bbf065278687fa930e81a96767e9009d38) --- contrib/expat/Changes | 159 +- contrib/expat/Makefile.am | 3 +- contrib/expat/Makefile.in | 6 +- contrib/expat/README.md | 13 +- contrib/expat/configure.ac | 66 +- contrib/expat/doc/Makefile.in | 3 + contrib/expat/doc/reference.html | 5091 +++++++++++++++++------------ contrib/expat/doc/xmlwf.1 | 15 +- contrib/expat/doc/xmlwf.xml | 480 +-- contrib/expat/examples/Makefile.in | 3 + contrib/expat/expat_config.h.in | 3 - contrib/expat/fix-xmltest-log.sh | 5 +- contrib/expat/lib/Makefile.am | 6 +- contrib/expat/lib/Makefile.in | 21 +- contrib/expat/lib/expat.h | 4 +- contrib/expat/lib/expat_external.h | 5 +- contrib/expat/lib/internal.h | 2 +- contrib/expat/lib/libexpat.map.in | 119 + contrib/expat/lib/xmlparse.c | 173 +- contrib/expat/lib/xmlrole.c | 4 +- contrib/expat/lib/xmltok.c | 4 +- contrib/expat/lib/xmltok_ns.c | 7 +- contrib/expat/tests/Makefile.in | 3 + contrib/expat/tests/basic_tests.c | 74 +- contrib/expat/tests/benchmark/Makefile.in | 3 + contrib/expat/tests/handlers.c | 12 +- contrib/expat/tests/handlers.h | 5 +- contrib/expat/tests/misc_tests.c | 35 +- contrib/expat/tests/nsalloc_tests.c | 27 + contrib/expat/xmlwf/Makefile.in | 3 + contrib/expat/xmlwf/xmlfile.c | 4 +- contrib/expat/xmlwf/xmlwf.c | 13 +- contrib/expat/xmlwf/xmlwf_helpgen.py | 186 +- lib/libexpat/expat_config.h | 6 +- lib/libexpat/libbsdxml.3 | 4 +- 35 files changed, 4025 insertions(+), 2542 deletions(-) diff --git a/contrib/expat/Changes b/contrib/expat/Changes index 01e54b676416..2b3704a69b77 100644 --- a/contrib/expat/Changes +++ b/contrib/expat/Changes @@ -10,37 +10,160 @@ !! ~~~~~~~~~~~~ !! !! The following topics need *additional skilled C developers* to progress !! !! in a timely manner or at all (loosely ordered by descending priority): !! +!! _______________________ !! +!! - teaming up on fixing the UNFIXED SECURITY ISSUES listed at: !! +!! """"""""""""""""""""""" !! +!! https://github.com/libexpat/libexpat/issues/1160 !! !! !! !! - teaming up on researching and fixing future security reports and !! !! ClusterFuzz findings with few-days-max response times in communication !! !! in order to (1) have a sound fix ready before the end of a 90 days !! !! grace period and (2) in a sustainable manner, !! -!! - helping CPython Expat bindings with supporting Expat's amplification !! -!! attack protection API (https://github.com/python/cpython/issues/90949): !! -!! - XML_SetAllocTrackerActivationThreshold !! -!! - XML_SetAllocTrackerMaximumAmplification !! -!! - XML_SetBillionLaughsAttackProtectionActivationThreshold !! -!! - XML_SetBillionLaughsAttackProtectionMaximumAmplification !! -!! - helping Perl's XML::Parser Expat bindings with supporting Expat's !! -!! security API (https://github.com/cpan-authors/XML-Parser/issues/102): !! -!! - XML_SetAllocTrackerActivationThreshold !! -!! - XML_SetAllocTrackerMaximumAmplification !! -!! - XML_SetBillionLaughsAttackProtectionActivationThreshold !! -!! - XML_SetBillionLaughsAttackProtectionMaximumAmplification !! -!! - XML_SetReparseDeferralEnabled !! +!! !! !! - implementing and auto-testing XML 1.0r5 support !! !! (needs discussion before pull requests), !! -!! - smart ideas on fixing the Autotools CMake files generation issue !! -!! without breaking CI (needs discussion before pull requests), !! -!! - pushing migration from `int` to `size_t` further !! -!! including edge-cases test coverage (needs discussion before anything). !! !! !! !! For details, please reach out via e-mail to sebastian@pipping.org so we !! !! can schedule a voice call on the topic, in English or German. !! !! !! -!! THANK YOU! Sebastian Pipping -- Berlin, 2024-03-09 !! +!! THANK YOU! Sebastian Pipping -- Berlin, 2026-03-17 !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +Release 2.7.5 Tue March 17 2026 + Security fixes: + #1158 CVE-2026-32776 -- Fix NULL function pointer dereference for + empty external parameter entities; it takes use of both + functions XML_ExternalEntityParserCreate and + XML_SetParamEntityParsing for an application to be + vulnerable. + #1161 #1162 CVE-2026-32777 -- Protect from XML_TOK_INSTANCE_START + infinite loop in function entityValueProcessor; it takes + use of both functions XML_ExternalEntityParserCreate and + XML_SetParamEntityParsing for an application to be + vulnerable. + #1163 CVE-2026-32778 -- Fix NULL dereference in function setContext + on retry after an earlier ouf-of-memory condition; it takes + use of function XML_ParserCreateNS or XML_ParserCreate_MM + for an application to be vulnerable. + #1160 Three more unfixed vulnerabilities left + + Other changes: + #1146 #1147 Autotools: Fix condition for symbol versioning check, in + particular when compiling with slibtool (not libtool) + #1156 Address Cppcheck >=2.20.0 warnings + #1153 tests: Make test_buffer_can_grow_to_max work for MinGW on + Ubuntu 24.04 + #1157 #1159 Version info bumped from 12:2:11 (libexpat*.so.1.11.2) + to 12:3:11 (libexpat*.so.1.11.3); see https://verbump.de/ + for what these numbers do + + Infrastructure: + #1148 CI: Fix FreeBSD and Solaris CI + #1149 CI: Bump to WASI SDK 30 + #1153 CI: Adapt to breaking changes with Ubuntu 22.04 + #1156 CI: Adapt to breaking changes in Cppcheck + + Special thanks to: + Berkay Eren Ürün + Christian Ng + Fabio Scaccabarozzi + Francesco Bertolaccini + Mark Brand + Rhodri James + and + AddressSanitizer + Buttercup + OSS-Fuzz / ClusterFuzz + Trail of Bits + +Release 2.7.4 Sat January 31 2026 + Security fixes: + #1131 CVE-2026-24515 -- Function XML_ExternalEntityParserCreate + failed to copy the encoding handler data passed to + XML_SetUnknownEncodingHandler from the parent to the new + subparser. This can cause a NULL dereference (CWE-476) from + external entities that declare use of an unknown encoding. + The expected impact is denial of service. It takes use of + both functions XML_ExternalEntityParserCreate and + XML_SetUnknownEncodingHandler for an application to be + vulnerable. + #1075 CVE-2026-25210 -- Add missing check for integer overflow + related to buffer size determination in function doContent + + Bug fixes: + #1073 lib: Fix missing undoing of group size expansion in doProlog + failure cases + #1107 xmlwf: Fix a memory leak + #1104 WASI: Fix format specifiers for 32bit WASI SDK + + Other changes: + #1105 lib: Fix strict aliasing + #1106 lib: Leverage feature "flexible array member" of C99 + #1051 lib: Swap (size_t)(-1) for C99 equivalent SIZE_MAX + #1109 lib|xmlwf: Return NULL instead of 0 for pointers + #1068 lib|Windows: Clean up use of macro _MSC_EXTENSIONS with MSVC + #1112 lib: Remove unused import + #1110 xmlwf: Warn about XXE in --help output (and man page) + #1102 #1103 WASI: Stop using getpid + #1113 #1130 Autotools: Drop file expat.m4 that provided obsolete Autoconf + macro AM_WITH_EXPAT + #1123 Autotools: Limit -Wno-pedantic-ms-format to MinGW + #1129 #1134 .. + #1087 Autotools|macOS: Sync CMake templates with CMake 4.0 + #1139 #1140 Autotools|CMake: Introduce off-by-default symbol versioning + The related build system flags are: + - For Autotools, configure with --enable-symbol-versioning + - For CMake, configure with -DEXPAT_SYMBOL_VERSIONING=ON + Please double-check for consequences before activating + this inside distro packaging. Bug reports welcome! + #1117 Autotools|CMake: Remove libbsd support + #1105 Autotools|CMake: Stop using -fno-strict-aliasing, and use + -Wstrict-aliasing=3 instead + #1124 Autotools|CMake: Prefer command gsed (GNU sed) over sed + (e.g. for Solaris) inside fix-xmltest-log.sh + #1067 CMake: Detect and warn about unusable check_c_compiler_flag + #1137 CMake: Drop support for CMake <3.17 + #1138 CMake|Windows: Fix libexpat.def.cmake version comments + + #1086 #1110 docs: Add warning about external reference handlers and XXE + #1066 docs: Be explicit that parent parsers need to outlive + subparsers + #1089 .. + #1090 #1091 .. + #1092 #1093 .. + #1094 #1098 .. + #1115 #1116 docs: Misc non-content improvements to doc/reference.html + #1132 #1133 Version info bumped from 12:1:11 (libexpat*.so.1.11.1) + to 12:2:11 (libexpat*.so.1.11.2); see https://verbump.de/ + for what these numbers do + + Infrastructure: + #1119 #1121 Document guidelines for contributing to Expat + #1120 Introduce a pull request template + #1074 CI: Stop using about-to-be-removed image "macos-13" + #1083 #1088 CI: Mitigate random Wine crashes + #1104 CI: Cover compilation with WASI SDK + #1116 CI: Enforce clean doc XML formatting + #1124 .. + #1135 #1136 CI: Cover Solaris 11.4 + #1125 CI: Extend CI coverage of FreeBSD + #1139 #1140 CI: Cover symbol versioning + #1114 xmlwf: Reformat helpgen code (using Black 25.12.0) + #1071 .gitignore: Add files CPackConfig.cmake and + CPackSourceConfig.cmake + + Special thanks to: + Alfonso Gregory + Bénédikt Tran + Gordon Messmer + Hanno Böck + Jakub Kulík + Matthew Fernandez + Neil Pang + Rosen Penev + and + Artiphishell Inc. + Release 2.7.3 Wed September 24 2025 Security fixes: #1046 #1048 Fix alignment of internal allocations for some non-amd64 diff --git a/contrib/expat/Makefile.am b/contrib/expat/Makefile.am index d612d432becb..72f2fca59d6f 100644 --- a/contrib/expat/Makefile.am +++ b/contrib/expat/Makefile.am @@ -6,7 +6,7 @@ # \___/_/\_\ .__/ \__,_|\__| # |_| XML parser # -# Copyright (c) 2017-2025 Sebastian Pipping <sebastian@pipping.org> +# Copyright (c) 2017-2026 Sebastian Pipping <sebastian@pipping.org> # Copyright (c) 2018 KangLin <kl222@126.com> # Copyright (c) 2022 Johnny Jazeix <jazeix@gmail.com> # Copyright (c) 2023 Sony Corporation / Snild Dolkow <snild@sony.com> @@ -94,7 +94,6 @@ EXTRA_DIST = \ $(_EXTRA_DIST_CMAKE) \ $(_EXTRA_DIST_WINDOWS) \ \ - conftools/expat.m4 \ conftools/get-version.sh \ \ fuzz/xml_lpm_fuzzer.cpp \ diff --git a/contrib/expat/Makefile.in b/contrib/expat/Makefile.in index b799591f2fc2..aa41b152525d 100644 --- a/contrib/expat/Makefile.in +++ b/contrib/expat/Makefile.in @@ -22,7 +22,7 @@ # \___/_/\_\ .__/ \__,_|\__| # |_| XML parser # -# Copyright (c) 2017-2025 Sebastian Pipping <sebastian@pipping.org> +# Copyright (c) 2017-2026 Sebastian Pipping <sebastian@pipping.org> # Copyright (c) 2018 KangLin <kl222@126.com> # Copyright (c) 2022 Johnny Jazeix <jazeix@gmail.com> # Copyright (c) 2023 Sony Corporation / Snild Dolkow <snild@sony.com> @@ -395,6 +395,9 @@ SO_MINOR = @SO_MINOR@ SO_PATCH = @SO_PATCH@ STRIP = @STRIP@ VERSION = @VERSION@ +VSCRIPT_LDFLAGS = @VSCRIPT_LDFLAGS@ +_EXPAT_COMMENT_ATTR_INFO = @_EXPAT_COMMENT_ATTR_INFO@ +_EXPAT_COMMENT_DTD_OR_GE = @_EXPAT_COMMENT_DTD_OR_GE@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ @@ -497,7 +500,6 @@ EXTRA_DIST = \ $(_EXTRA_DIST_CMAKE) \ $(_EXTRA_DIST_WINDOWS) \ \ - conftools/expat.m4 \ conftools/get-version.sh \ \ fuzz/xml_lpm_fuzzer.cpp \ diff --git a/contrib/expat/README.md b/contrib/expat/README.md index c2f288ca1242..a67548be7fc9 100644 --- a/contrib/expat/README.md +++ b/contrib/expat/README.md @@ -11,7 +11,7 @@ > at the top of the `Changes` file. -# Expat, Release 2.7.3 +# Expat, Release 2.7.5 This is Expat, a C99 library for parsing [XML 1.0 Fourth Edition](https://www.w3.org/TR/2006/REC-xml-20060816/), started by @@ -234,11 +234,6 @@ overrides the in-makefile set `DESTDIR`, because variable-setting priority is Note: This only applies to the Expat library itself, building UTF-16 versions of xmlwf and the tests is currently not supported. -When using Expat with a project using autoconf for configuration, you -can use the probing macro in `conftools/expat.m4` to determine how to -include Expat. See the comments at the top of that file for more -information. - A reference manual is available in the file `doc/reference.html` in this distribution. @@ -297,15 +292,15 @@ EXPAT_OSSFUZZ_BUILD:BOOL=OFF // Build a shared expat library EXPAT_SHARED_LIBS:BOOL=ON +// Define to provide symbol versioning for dependency generation +EXPAT_SYMBOL_VERSIONING:BOOL=OFF + // Treat all compiler warnings as errors EXPAT_WARNINGS_AS_ERRORS:BOOL=OFF // Make use of getrandom function (ON|OFF|AUTO) [default=AUTO] EXPAT_WITH_GETRANDOM:STRING=AUTO -// Utilize libbsd (for arc4random_buf) -EXPAT_WITH_LIBBSD:BOOL=OFF - // Make use of syscall SYS_getrandom (ON|OFF|AUTO) [default=AUTO] EXPAT_WITH_SYS_GETRANDOM:STRING=AUTO ``` diff --git a/contrib/expat/configure.ac b/contrib/expat/configure.ac index 072fea41ee8c..6d028b5f6658 100644 --- a/contrib/expat/configure.ac +++ b/contrib/expat/configure.ac @@ -11,7 +11,7 @@ dnl Copyright (c) 2000 Clark Cooper <coopercc@users.sourceforge.net> dnl Copyright (c) 2000-2005 Fred L. Drake, Jr. <fdrake@users.sourceforge.net> dnl Copyright (c) 2001-2003 Greg Stein <gstein@users.sourceforge.net> dnl Copyright (c) 2006-2012 Karl Waclawek <karl@waclawek.net> -dnl Copyright (c) 2016-2025 Sebastian Pipping <sebastian@pipping.org> +dnl Copyright (c) 2016-2026 Sebastian Pipping <sebastian@pipping.org> dnl Copyright (c) 2017 S. P. Zeidler <spz@netbsd.org> dnl Copyright (c) 2017 Stephen Groat <stephen@groat.us> dnl Copyright (c) 2017-2020 Joe Orton <jorton@redhat.com> @@ -25,6 +25,10 @@ dnl Copyright (c) 2020 Jeffrey Walton <noloader@gmail.com> dnl Copyright (c) 2024 Ferenc Géczi <ferenc.gm@gmail.com> dnl Copyright (c) 2024 Dag-Erling Smørgrav <des@des.dev> dnl Copyright (c) 2025 Matthew Fernandez <matthew.fernandez@gmail.com> +dnl Copyright (c) 2025 Alfonso Gregory <gfunni234@gmail.com> +dnl Copyright (c) 2026 Rosen Penev <rosenp@gmail.com> +dnl Copyright (c) 2026 Gordon Messmer <gordon.messmer@gmail.com> +dnl Copyright (c) 2026 Fabio Scaccabarozzi <fsvm88@gmail.com> dnl Licensed under the MIT license: dnl dnl Permission is hereby granted, free of charge, to any person obtaining @@ -86,7 +90,7 @@ dnl If the API changes incompatibly set LIBAGE back to 0 dnl LIBCURRENT=12 # sync -LIBREVISION=1 # with +LIBREVISION=3 # with LIBAGE=11 # CMakeLists.txt! AC_CONFIG_HEADERS([expat_config.h]) @@ -117,10 +121,12 @@ AS_IF([test "$GCC" = yes], dnl GCC don't support it and it causes extra warnings that are only dnl distracting; avoid. AX_APPEND_COMPILE_FLAGS([-fexceptions], [AM_CFLAGS]) - AX_APPEND_COMPILE_FLAGS([-fno-strict-aliasing -Wmissing-prototypes -Wstrict-prototypes], [AM_CFLAGS]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-aliasing=3 -Wmissing-prototypes -Wstrict-prototypes], [AM_CFLAGS]) AX_APPEND_COMPILE_FLAGS([-pedantic -Wduplicated-cond -Wduplicated-branches -Wlogical-op], [AM_CFLAGS]) AX_APPEND_COMPILE_FLAGS([-Wrestrict -Wnull-dereference -Wjump-misses-init -Wdouble-promotion], [AM_CFLAGS]) - AX_APPEND_COMPILE_FLAGS([-Wshadow -Wformat=2 -Wno-pedantic-ms-format -Wmisleading-indentation], [AM_CFLAGS])]) + AX_APPEND_COMPILE_FLAGS([-Wshadow -Wformat=2 -Wmisleading-indentation], [AM_CFLAGS]) + AS_CASE(["${host_os}"], [mingw*], [AX_APPEND_COMPILE_FLAGS([-Wno-pedantic-ms-format], [AM_CFLAGS])]) + ]) AC_LANG_PUSH([C++]) AC_PROG_CXX @@ -131,11 +137,23 @@ AS_IF([test "$GCC" = yes], dnl GCC don't support it and it causes extra warnings that are only dnl distracting; avoid. AX_APPEND_COMPILE_FLAGS([-fexceptions], [AM_CXXFLAGS]) - AX_APPEND_COMPILE_FLAGS([-fno-strict-aliasing], [AM_CXXFLAGS])]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-aliasing=3], [AM_CXXFLAGS])]) AC_LANG_POP([C++]) AS_IF([test "$GCC" = yes], - [AX_APPEND_LINK_FLAGS([-fno-strict-aliasing],[AM_LDFLAGS])]) + [AX_APPEND_LINK_FLAGS([-Wstrict-aliasing=3],[AM_LDFLAGS])]) + +AC_ARG_ENABLE([symbol-versioning], + [AS_HELP_STRING([--enable-symbol-versioning], + [provide symbol versioning for dependency generation @<:@default=no@:>@])], + [enable_symbol_versioning=$enableval], + [enable_symbol_versioning=no]) +AS_IF([test "x$enable_symbol_versioning" != xno], + [VSCRIPT_LDFLAGS="-Wl,--version-script" + AC_SUBST([VSCRIPT_LDFLAGS]) + ]) +AM_CONDITIONAL([HAVE_VSCRIPT], + [test "x$enable_symbol_versioning" != xno]) dnl patching ${archive_cmds} to affect generation of file "libtool" to fix linking with clang (issue #312) AS_CASE(["$LD"],[*clang*], @@ -199,23 +217,9 @@ AM_CONDITIONAL([_INTERNAL_LARGE_SIZE], [echo -- "${CPPFLAGS}${CFLAGS}" | ${FGREP LT_LIB_M -AC_ARG_WITH([libbsd], - [AS_HELP_STRING([--with-libbsd], [utilize libbsd (for arc4random_buf)])], - [], - [with_libbsd=no]) -AS_IF([test "x${with_libbsd}" != xno], - [AC_CHECK_LIB([bsd], - [arc4random_buf], - [], - [AS_IF([test "x${with_libbsd}" = xyes], - [AC_MSG_ERROR([Enforced use of libbsd cannot be satisfied.])])])]) -AC_MSG_CHECKING([for arc4random_buf (BSD, libbsd or glibc 2.36+)]) +AC_MSG_CHECKING([for arc4random_buf (BSD or glibc 2.36+)]) AC_LINK_IFELSE([AC_LANG_SOURCE([ - #if defined(HAVE_LIBBSD) - # include <bsd/stdlib.h> - #else - # include <stdlib.h> /* for arc4random_buf on BSD */ - #endif + #include <stdlib.h> int main(void) { char dummy[[123]]; // double brackets for m4 arc4random_buf(dummy, 0U); @@ -226,13 +230,9 @@ AC_LINK_IFELSE([AC_LANG_SOURCE([ AC_MSG_RESULT([yes])], [AC_MSG_RESULT([no]) - AC_MSG_CHECKING([for arc4random (BSD, macOS, libbsd or glibc 2.36+)]) + AC_MSG_CHECKING([for arc4random (BSD, macOS, or glibc 2.36+)]) AC_LINK_IFELSE([AC_LANG_SOURCE([ - #if defined(HAVE_LIBBSD) - # include <bsd/stdlib.h> - #else - # include <stdlib.h> - #endif + #include <stdlib.h> int main(void) { arc4random(); return 0; @@ -381,9 +381,14 @@ dnl NOTE: The *_TRUE variables read here are Automake conditionals dnl that are either set to "" when enabled or to "#" when disabled dnl (because they are used to dynamically comment out certain things) AS_IF([test "x${enable_xml_attr_info}" = xyes], - [EXPAT_ATTR_INFO=ON], - [EXPAT_ATTR_INFO=OFF]) + [EXPAT_ATTR_INFO=ON + _EXPAT_COMMENT_ATTR_INFO=" "], + [EXPAT_ATTR_INFO=OFF + _EXPAT_COMMENT_ATTR_INFO="#"]) +AC_SUBST([_EXPAT_COMMENT_ATTR_INFO]) EXPAT_DTD=ON +_EXPAT_COMMENT_DTD_OR_GE=" " +AC_SUBST([_EXPAT_COMMENT_DTD_OR_GE]) AS_IF([test "x${_INTERNAL_LARGE_SIZE_TRUE}" = x], [EXPAT_LARGE_SIZE=ON], [EXPAT_LARGE_SIZE=OFF]) @@ -461,6 +466,7 @@ AC_CONFIG_FILES([Makefile] [doc/Makefile] [examples/Makefile] [lib/Makefile] + [lib/libexpat.map] [tests/Makefile] [tests/benchmark/Makefile] [xmlwf/Makefile]) diff --git a/contrib/expat/doc/Makefile.in b/contrib/expat/doc/Makefile.in index 13be5107f89b..0bda758420f0 100644 --- a/contrib/expat/doc/Makefile.in +++ b/contrib/expat/doc/Makefile.in @@ -293,6 +293,9 @@ SO_MINOR = @SO_MINOR@ SO_PATCH = @SO_PATCH@ STRIP = @STRIP@ VERSION = @VERSION@ +VSCRIPT_LDFLAGS = @VSCRIPT_LDFLAGS@ +_EXPAT_COMMENT_ATTR_INFO = @_EXPAT_COMMENT_ATTR_INFO@ +_EXPAT_COMMENT_DTD_OR_GE = @_EXPAT_COMMENT_DTD_OR_GE@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ diff --git a/contrib/expat/doc/reference.html b/contrib/expat/doc/reference.html index d2dded499435..5faa8d6515af 100644 --- a/contrib/expat/doc/reference.html +++ b/contrib/expat/doc/reference.html @@ -1,9 +1,9 @@ -<?xml version="1.0" encoding="iso-8859-1"?> +<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">; -<html> -<head> -<!-- + "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">; +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <!-- __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -14,12 +14,12 @@ Copyright (c) 2000 Clark Cooper <coopercc@users.sourceforge.net> Copyright (c) 2000-2004 Fred L. Drake, Jr. <fdrake@users.sourceforge.net> Copyright (c) 2002-2012 Karl Waclawek <karl@waclawek.net> - Copyright (c) 2017-2025 Sebastian Pipping <sebastian@pipping.org> + Copyright (c) 2017-2026 Sebastian Pipping <sebastian@pipping.org> Copyright (c) 2017 Jakub Wilk <jwilk@jwilk.net> Copyright (c) 2021 Tomas Korbar <tkorbar@redhat.com> Copyright (c) 2021 Nicolas Cavallari <nicolas.cavallari@green-communications.fr> Copyright (c) 2022 Thijs Schreijer <thijs@thijsschreijer.nl> - Copyright (c) 2023 Hanno Böck <hanno@gentoo.org> + Copyright (c) 2023-2025 Hanno Böck <hanno@gentoo.org> Copyright (c) 2023 Sony Corporation / Snild Dolkow <snild@sony.com> Licensed under the MIT license: @@ -42,205 +42,489 @@ OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. --> - <title>Expat XML Parser</title> - <meta name="author" content="Clark Cooper, coopercc@netheaven.com" /> - <meta http-equiv="Content-Style-Type" content="text/css" /> - <link href="ok.min.css" rel="stylesheet" type="text/css" /> - <link href="style.css" rel="stylesheet" type="text/css" /> -</head> -<body> - <div> - <h1> - The Expat XML Parser - <small>Release 2.7.3</small> - </h1> - </div> -<div class="content"> - -<p>Expat is a library, written in C, for parsing XML documents. It's -the underlying XML parser for the open source Mozilla project, Perl's -<code>XML::Parser</code>, Python's <code>xml.parsers.expat</code>, and -other open-source XML parsers.</p> - -<p>This library is the creation of James Clark, who's also given us -groff (an nroff look-alike), Jade (an implementation of ISO's DSSSL -stylesheet language for SGML), XP (a Java XML parser package), XT (a -Java XSL engine). James was also the technical lead on the XML -Working Group at W3C that produced the XML specification.</p> - -<p>This is free software, licensed under the <a -href="../COPYING">MIT/X Consortium license</a>. You may download it -from <a href="https://libexpat.github.io/">the Expat home page</a>. -</p> - -<p>The bulk of this document was originally commissioned as an article -by <a href="https://www.xml.com/">XML.com</a>. They graciously allowed -Clark Cooper to retain copyright and to distribute it with Expat. -This version has been substantially extended to include documentation -on features which have been added since the original article was -published, and additional information on using the original -interface.</p> - -<hr /> -<h2>Table of Contents</h2> -<ul> - <li><a href="#overview">Overview</a></li> - <li><a href="#building">Building and Installing</a></li> - <li><a href="#using">Using Expat</a></li> - <li><a href="#reference">Reference</a> - <ul> - <li><a href="#creation">Parser Creation Functions</a> - <ul> - <li><a href="#XML_ParserCreate">XML_ParserCreate</a></li> - <li><a href="#XML_ParserCreateNS">XML_ParserCreateNS</a></li> - <li><a href="#XML_ParserCreate_MM">XML_ParserCreate_MM</a></li> - <li><a href="#XML_ExternalEntityParserCreate">XML_ExternalEntityParserCreate</a></li> - <li><a href="#XML_ParserFree">XML_ParserFree</a></li> - <li><a href="#XML_ParserReset">XML_ParserReset</a></li> - </ul> - </li> - <li><a href="#parsing">Parsing Functions</a> - <ul> - <li><a href="#XML_Parse">XML_Parse</a></li> - <li><a href="#XML_ParseBuffer">XML_ParseBuffer</a></li> - <li><a href="#XML_GetBuffer">XML_GetBuffer</a></li> - <li><a href="#XML_StopParser">XML_StopParser</a></li> - <li><a href="#XML_ResumeParser">XML_ResumeParser</a></li> - <li><a href="#XML_GetParsingStatus">XML_GetParsingStatus</a></li> - </ul> - </li> - <li><a href="#setting">Handler Setting Functions</a> - <ul> - <li><a href="#XML_SetStartElementHandler">XML_SetStartElementHandler</a></li> - <li><a href="#XML_SetEndElementHandler">XML_SetEndElementHandler</a></li> - <li><a href="#XML_SetElementHandler">XML_SetElementHandler</a></li> - <li><a href="#XML_SetCharacterDataHandler">XML_SetCharacterDataHandler</a></li> - <li><a href="#XML_SetProcessingInstructionHandler">XML_SetProcessingInstructionHandler</a></li> - <li><a href="#XML_SetCommentHandler">XML_SetCommentHandler</a></li> - <li><a href="#XML_SetStartCdataSectionHandler">XML_SetStartCdataSectionHandler</a></li> - <li><a href="#XML_SetEndCdataSectionHandler">XML_SetEndCdataSectionHandler</a></li> - <li><a href="#XML_SetCdataSectionHandler">XML_SetCdataSectionHandler</a></li> - <li><a href="#XML_SetDefaultHandler">XML_SetDefaultHandler</a></li> - <li><a href="#XML_SetDefaultHandlerExpand">XML_SetDefaultHandlerExpand</a></li> - <li><a href="#XML_SetExternalEntityRefHandler">XML_SetExternalEntityRefHandler</a></li> - <li><a href="#XML_SetExternalEntityRefHandlerArg">XML_SetExternalEntityRefHandlerArg</a></li> - <li><a href="#XML_SetSkippedEntityHandler">XML_SetSkippedEntityHandler</a></li> - <li><a href="#XML_SetUnknownEncodingHandler">XML_SetUnknownEncodingHandler</a></li> - <li><a href="#XML_SetStartNamespaceDeclHandler">XML_SetStartNamespaceDeclHandler</a></li> - <li><a href="#XML_SetEndNamespaceDeclHandler">XML_SetEndNamespaceDeclHandler</a></li> - <li><a href="#XML_SetNamespaceDeclHandler">XML_SetNamespaceDeclHandler</a></li> - <li><a href="#XML_SetXmlDeclHandler">XML_SetXmlDeclHandler</a></li> - <li><a href="#XML_SetStartDoctypeDeclHandler">XML_SetStartDoctypeDeclHandler</a></li> - <li><a href="#XML_SetEndDoctypeDeclHandler">XML_SetEndDoctypeDeclHandler</a></li> - <li><a href="#XML_SetDoctypeDeclHandler">XML_SetDoctypeDeclHandler</a></li> - <li><a href="#XML_SetElementDeclHandler">XML_SetElementDeclHandler</a></li> - <li><a href="#XML_SetAttlistDeclHandler">XML_SetAttlistDeclHandler</a></li> - <li><a href="#XML_SetEntityDeclHandler">XML_SetEntityDeclHandler</a></li> - <li><a href="#XML_SetUnparsedEntityDeclHandler">XML_SetUnparsedEntityDeclHandler</a></li> - <li><a href="#XML_SetNotationDeclHandler">XML_SetNotationDeclHandler</a></li> - <li><a href="#XML_SetNotStandaloneHandler">XML_SetNotStandaloneHandler</a></li> - </ul> - </li> - <li><a href="#position">Parse Position and Error Reporting Functions</a> - <ul> - <li><a href="#XML_GetErrorCode">XML_GetErrorCode</a></li> - <li><a href="#XML_ErrorString">XML_ErrorString</a></li> - <li><a href="#XML_GetCurrentByteIndex">XML_GetCurrentByteIndex</a></li> - <li><a href="#XML_GetCurrentLineNumber">XML_GetCurrentLineNumber</a></li> - <li><a href="#XML_GetCurrentColumnNumber">XML_GetCurrentColumnNumber</a></li> - <li><a href="#XML_GetCurrentByteCount">XML_GetCurrentByteCount</a></li> - <li><a href="#XML_GetInputContext">XML_GetInputContext</a></li> - </ul> - </li> - <li> - <a href="#attack-protection">Attack Protection</a> + + <title> + Expat XML Parser + </title> + <meta name="author" content="Clark Cooper, coopercc@netheaven.com" /> + <link href="ok.min.css" rel="stylesheet" /> + <link href="style.css" rel="stylesheet" /> + </head> + <body> + <div> + <h1> + The Expat XML Parser <small>Release 2.7.5</small> + </h1> + </div> + + <div class="content"> + <p> + Expat is a library, written in C, for parsing XML documents. It's the underlying + XML parser for the open source Mozilla project, Perl's <code>XML::Parser</code>, + Python's <code>xml.parsers.expat</code>, and other open-source XML parsers. + </p> + + <p> + This library is the creation of James Clark, who's also given us groff (an nroff + look-alike), Jade (an implementation of ISO's DSSSL stylesheet language for + SGML), XP (a Java XML parser package), XT (a Java XSL engine). James was also the + technical lead on the XML Working Group at W3C that produced the XML + specification. + </p> + + <p> + This is free software, licensed under the <a href="../COPYING">MIT/X Consortium + license</a>. You may download it from <a href="https://libexpat.github.io/">the + Expat home page</a>. + </p> + + <p> + The bulk of this document was originally commissioned as an article by <a href= + "https://www.xml.com/">XML.com</a>. They graciously allowed Clark Cooper to + retain copyright and to distribute it with Expat. This version has been + substantially extended to include documentation on features which have been added + since the original article was published, and additional information on using the + original interface. + </p> + + <hr /> + + <h2> + Table of Contents + </h2> + <ul> - <li><a href="#XML_SetBillionLaughsAttackProtectionMaximumAmplification">XML_SetBillionLaughsAttackProtectionMaximumAmplification</a></li> - <li><a href="#XML_SetBillionLaughsAttackProtectionActivationThreshold">XML_SetBillionLaughsAttackProtectionActivationThreshold</a></li> - <li><a href="#XML_SetAllocTrackerMaximumAmplification">XML_SetAllocTrackerMaximumAmplification</a></li> - <li><a href="#XML_SetAllocTrackerActivationThreshold">XML_SetAllocTrackerActivationThreshold</a></li> - <li><a href="#XML_SetReparseDeferralEnabled">XML_SetReparseDeferralEnabled</a></li> + <li> + <a href="#overview">Overview</a> + </li> + + <li> + <a href="#building">Building and Installing</a> + </li> + + <li> + <a href="#using">Using Expat</a> + </li> + + <li> + <a href="#reference">Reference</a> + <ul> + <li> + <a href="#creation">Parser Creation Functions</a> + <ul> + <li> + <a href="#XML_ParserCreate">XML_ParserCreate</a> + </li> + + <li> + <a href="#XML_ParserCreateNS">XML_ParserCreateNS</a> + </li> + + <li> + <a href="#XML_ParserCreate_MM">XML_ParserCreate_MM</a> + </li> + + <li> + <a href= + "#XML_ExternalEntityParserCreate">XML_ExternalEntityParserCreate</a> + </li> + + <li> + <a href="#XML_ParserFree">XML_ParserFree</a> + </li> + + <li> + <a href="#XML_ParserReset">XML_ParserReset</a> + </li> + </ul> + </li> + + <li> + <a href="#parsing">Parsing Functions</a> + <ul> + <li> + <a href="#XML_Parse">XML_Parse</a> + </li> + + <li> + <a href="#XML_ParseBuffer">XML_ParseBuffer</a> + </li> + + <li> + <a href="#XML_GetBuffer">XML_GetBuffer</a> + </li> + + <li> + <a href="#XML_StopParser">XML_StopParser</a> + </li> + + <li> + <a href="#XML_ResumeParser">XML_ResumeParser</a> + </li> + + <li> + <a href="#XML_GetParsingStatus">XML_GetParsingStatus</a> + </li> + </ul> + </li> + + <li> + <a href="#setting">Handler Setting Functions</a> + <ul> + <li> + <a href="#XML_SetStartElementHandler">XML_SetStartElementHandler</a> + </li> + + <li> + <a href="#XML_SetEndElementHandler">XML_SetEndElementHandler</a> + </li> + + <li> + <a href="#XML_SetElementHandler">XML_SetElementHandler</a> + </li> + + <li> + <a href="#XML_SetCharacterDataHandler">XML_SetCharacterDataHandler</a> + </li> + + <li> + <a href= + "#XML_SetProcessingInstructionHandler">XML_SetProcessingInstructionHandler</a> + </li> + + <li> + <a href="#XML_SetCommentHandler">XML_SetCommentHandler</a> + </li> + + <li> + <a href= + "#XML_SetStartCdataSectionHandler">XML_SetStartCdataSectionHandler</a> + </li> + + <li> + <a href= + "#XML_SetEndCdataSectionHandler">XML_SetEndCdataSectionHandler</a> + </li> + + <li> + <a href="#XML_SetCdataSectionHandler">XML_SetCdataSectionHandler</a> + </li> + + <li> + <a href="#XML_SetDefaultHandler">XML_SetDefaultHandler</a> + </li> + + <li> + <a href="#XML_SetDefaultHandlerExpand">XML_SetDefaultHandlerExpand</a> + </li> + + <li> + <a href= + "#XML_SetExternalEntityRefHandler">XML_SetExternalEntityRefHandler</a> + </li> + + <li> + <a href= + "#XML_SetExternalEntityRefHandlerArg">XML_SetExternalEntityRefHandlerArg</a> + </li> + + <li> + <a href="#XML_SetSkippedEntityHandler">XML_SetSkippedEntityHandler</a> + </li> + + <li> + <a href= + "#XML_SetUnknownEncodingHandler">XML_SetUnknownEncodingHandler</a> + </li> + + <li> + <a href= + "#XML_SetStartNamespaceDeclHandler">XML_SetStartNamespaceDeclHandler</a> + </li> + + <li> + <a href= + "#XML_SetEndNamespaceDeclHandler">XML_SetEndNamespaceDeclHandler</a> + </li> + + <li> + <a href="#XML_SetNamespaceDeclHandler">XML_SetNamespaceDeclHandler</a> + </li> + + <li> + <a href="#XML_SetXmlDeclHandler">XML_SetXmlDeclHandler</a> + </li> + + <li> + <a href= + "#XML_SetStartDoctypeDeclHandler">XML_SetStartDoctypeDeclHandler</a> + </li> + + <li> + <a href= + "#XML_SetEndDoctypeDeclHandler">XML_SetEndDoctypeDeclHandler</a> + </li> + + <li> + <a href="#XML_SetDoctypeDeclHandler">XML_SetDoctypeDeclHandler</a> + </li> + + <li> + <a href="#XML_SetElementDeclHandler">XML_SetElementDeclHandler</a> + </li> + + <li> + <a href="#XML_SetAttlistDeclHandler">XML_SetAttlistDeclHandler</a> + </li> + + <li> + <a href="#XML_SetEntityDeclHandler">XML_SetEntityDeclHandler</a> + </li> + + <li> + <a href= + "#XML_SetUnparsedEntityDeclHandler">XML_SetUnparsedEntityDeclHandler</a> + </li> + + <li> + <a href="#XML_SetNotationDeclHandler">XML_SetNotationDeclHandler</a> + </li> + + <li> + <a href="#XML_SetNotStandaloneHandler">XML_SetNotStandaloneHandler</a> + </li> + </ul> + </li> + + <li> + <a href="#position">Parse Position and Error Reporting Functions</a> + <ul> + <li> + <a href="#XML_GetErrorCode">XML_GetErrorCode</a> + </li> + + <li> + <a href="#XML_ErrorString">XML_ErrorString</a> + </li> + + <li> + <a href="#XML_GetCurrentByteIndex">XML_GetCurrentByteIndex</a> + </li> + + <li> + <a href="#XML_GetCurrentLineNumber">XML_GetCurrentLineNumber</a> + </li> + + <li> + <a href="#XML_GetCurrentColumnNumber">XML_GetCurrentColumnNumber</a> + </li> + + <li> + <a href="#XML_GetCurrentByteCount">XML_GetCurrentByteCount</a> + </li> + + <li> + <a href="#XML_GetInputContext">XML_GetInputContext</a> + </li> + </ul> + </li> + + <li> + <a href="#attack-protection">Attack Protection</a> + <ul> + <li> + <a href= + "#XML_SetBillionLaughsAttackProtectionMaximumAmplification">XML_SetBillionLaughsAttackProtectionMaximumAmplification</a> + </li> + + <li> + <a href= + "#XML_SetBillionLaughsAttackProtectionActivationThreshold">XML_SetBillionLaughsAttackProtectionActivationThreshold</a> + </li> + + <li> + <a href= + "#XML_SetAllocTrackerMaximumAmplification">XML_SetAllocTrackerMaximumAmplification</a> + </li> + + <li> + <a href= + "#XML_SetAllocTrackerActivationThreshold">XML_SetAllocTrackerActivationThreshold</a> + </li> + + <li> + <a href= + "#XML_SetReparseDeferralEnabled">XML_SetReparseDeferralEnabled</a> + </li> + </ul> + </li> + + <li> + <a href="#miscellaneous">Miscellaneous Functions</a> + <ul> + <li> + <a href="#XML_SetUserData">XML_SetUserData</a> + </li> + + <li> + <a href="#XML_GetUserData">XML_GetUserData</a> + </li> + + <li> + <a href="#XML_UseParserAsHandlerArg">XML_UseParserAsHandlerArg</a> + </li> + + <li> + <a href="#XML_SetBase">XML_SetBase</a> + </li> + + <li> + <a href="#XML_GetBase">XML_GetBase</a> *** 7585 LINES SKIPPED ***home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69d207dd.33c05.122b05c3>