summaryrefslogtreecommitdiffstats
path: root/contrib/libs/libxml/xmlstring.c
diff options
context:
space:
mode:
authorsetser <[email protected]>2022-05-09 00:13:37 +0300
committersetser <[email protected]>2022-05-09 00:13:37 +0300
commite87e3fc8d0e04eb7ba3eee221bb91613b527ad85 (patch)
tree5279c128bdbdf902b9a08d9fae8e55b91910a553 /contrib/libs/libxml/xmlstring.c
parentf4f3e4024a1f32bd0bc3fa20239025a1b179e42d (diff)
Update libxml to 2.9.13
ref:f572491d236694e847142c36f0f5546c649e05d7
Diffstat (limited to 'contrib/libs/libxml/xmlstring.c')
-rw-r--r--contrib/libs/libxml/xmlstring.c94
1 files changed, 51 insertions, 43 deletions
diff --git a/contrib/libs/libxml/xmlstring.c b/contrib/libs/libxml/xmlstring.c
index 8d2e06f66cd..5a6875f562f 100644
--- a/contrib/libs/libxml/xmlstring.c
+++ b/contrib/libs/libxml/xmlstring.c
@@ -18,6 +18,7 @@
#include <stdlib.h>
#include <string.h>
+#include <limits.h>
#include <libxml/xmlmemory.h>
#include <libxml/parserInternals.h>
#include <libxml/xmlstring.h>
@@ -42,7 +43,7 @@ xmlStrndup(const xmlChar *cur, int len) {
xmlChar *ret;
if ((cur == NULL) || (len < 0)) return(NULL);
- ret = (xmlChar *) xmlMallocAtomic((len + 1) * sizeof(xmlChar));
+ ret = (xmlChar *) xmlMallocAtomic(((size_t) len + 1) * sizeof(xmlChar));
if (ret == NULL) {
xmlErrMemory(NULL, NULL);
return(NULL);
@@ -87,7 +88,7 @@ xmlCharStrndup(const char *cur, int len) {
xmlChar *ret;
if ((cur == NULL) || (len < 0)) return(NULL);
- ret = (xmlChar *) xmlMallocAtomic((len + 1) * sizeof(xmlChar));
+ ret = (xmlChar *) xmlMallocAtomic(((size_t) len + 1) * sizeof(xmlChar));
if (ret == NULL) {
xmlErrMemory(NULL, NULL);
return(NULL);
@@ -130,16 +131,18 @@ xmlCharStrdup(const char *cur) {
int
xmlStrcmp(const xmlChar *str1, const xmlChar *str2) {
- register int tmp;
-
if (str1 == str2) return(0);
if (str1 == NULL) return(-1);
if (str2 == NULL) return(1);
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ return(strcmp((const char *)str1, (const char *)str2));
+#else
do {
- tmp = *str1++ - *str2;
+ int tmp = *str1++ - *str2;
if (tmp != 0) return(tmp);
} while (*str2++ != 0);
return 0;
+#endif
}
/**
@@ -158,10 +161,14 @@ xmlStrEqual(const xmlChar *str1, const xmlChar *str2) {
if (str1 == str2) return(1);
if (str1 == NULL) return(0);
if (str2 == NULL) return(0);
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ return(strcmp((const char *)str1, (const char *)str2) == 0);
+#else
do {
if (*str1++ != *str2) return(0);
} while (*str2++);
return(1);
+#endif
}
/**
@@ -204,18 +211,15 @@ xmlStrQEqual(const xmlChar *pref, const xmlChar *name, const xmlChar *str) {
int
xmlStrncmp(const xmlChar *str1, const xmlChar *str2, int len) {
- register int tmp;
-
if (len <= 0) return(0);
if (str1 == str2) return(0);
if (str1 == NULL) return(-1);
if (str2 == NULL) return(1);
-#ifdef __GNUC__
- tmp = strncmp((const char *)str1, (const char *)str2, len);
- return tmp;
+#ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
+ return(strncmp((const char *)str1, (const char *)str2, len));
#else
do {
- tmp = *str1++ - *str2;
+ int tmp = *str1++ - *str2;
if (tmp != 0 || --len == 0) return(tmp);
} while (*str2++ != 0);
return 0;
@@ -420,14 +424,14 @@ xmlStrsub(const xmlChar *str, int start, int len) {
int
xmlStrlen(const xmlChar *str) {
- int len = 0;
+ size_t len = 0;
if (str == NULL) return(0);
while (*str != 0) { /* non input consuming */
str++;
len++;
}
- return(len);
+ return(len > INT_MAX ? 0 : len);
}
/**
@@ -457,9 +461,9 @@ xmlStrncat(xmlChar *cur, const xmlChar *add, int len) {
return(xmlStrndup(add, len));
size = xmlStrlen(cur);
- if (size < 0)
+ if ((size < 0) || (size > INT_MAX - len))
return(NULL);
- ret = (xmlChar *) xmlRealloc(cur, (size + len + 1) * sizeof(xmlChar));
+ ret = (xmlChar *) xmlRealloc(cur, ((size_t) size + len + 1) * sizeof(xmlChar));
if (ret == NULL) {
xmlErrMemory(NULL, NULL);
return(cur);
@@ -497,9 +501,9 @@ xmlStrncatNew(const xmlChar *str1, const xmlChar *str2, int len) {
return(xmlStrndup(str2, len));
size = xmlStrlen(str1);
- if (size < 0)
+ if ((size < 0) || (size > INT_MAX - len))
return(NULL);
- ret = (xmlChar *) xmlMalloc((size + len + 1) * sizeof(xmlChar));
+ ret = (xmlChar *) xmlMalloc(((size_t) size + len + 1) * sizeof(xmlChar));
if (ret == NULL) {
xmlErrMemory(NULL, NULL);
return(xmlStrndup(str1, size));
@@ -664,7 +668,7 @@ xmlUTF8Charcmp(const xmlChar *utf1, const xmlChar *utf2) {
*/
int
xmlUTF8Strlen(const xmlChar *utf) {
- int ret = 0;
+ size_t ret = 0;
if (utf == NULL)
return(-1);
@@ -691,7 +695,7 @@ xmlUTF8Strlen(const xmlChar *utf) {
}
ret++;
}
- return(ret);
+ return(ret > INT_MAX ? 0 : ret);
}
/**
@@ -793,26 +797,28 @@ xmlCheckUTF8(const unsigned char *utf)
* 1110xxxx 10xxxxxx 10xxxxxx valid 3-byte
* 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx valid 4-byte
*/
- for (ix = 0; (c = utf[ix]);) { /* string is 0-terminated */
+ while ((c = utf[0])) { /* string is 0-terminated */
+ ix = 0;
if ((c & 0x80) == 0x00) { /* 1-byte code, starts with 10 */
- ix++;
+ ix = 1;
} else if ((c & 0xe0) == 0xc0) {/* 2-byte code, starts with 110 */
- if ((utf[ix+1] & 0xc0 ) != 0x80)
+ if ((utf[1] & 0xc0 ) != 0x80)
return 0;
- ix += 2;
+ ix = 2;
} else if ((c & 0xf0) == 0xe0) {/* 3-byte code, starts with 1110 */
- if (((utf[ix+1] & 0xc0) != 0x80) ||
- ((utf[ix+2] & 0xc0) != 0x80))
+ if (((utf[1] & 0xc0) != 0x80) ||
+ ((utf[2] & 0xc0) != 0x80))
return 0;
- ix += 3;
+ ix = 3;
} else if ((c & 0xf8) == 0xf0) {/* 4-byte code, starts with 11110 */
- if (((utf[ix+1] & 0xc0) != 0x80) ||
- ((utf[ix+2] & 0xc0) != 0x80) ||
- ((utf[ix+3] & 0xc0) != 0x80))
+ if (((utf[1] & 0xc0) != 0x80) ||
+ ((utf[2] & 0xc0) != 0x80) ||
+ ((utf[3] & 0xc0) != 0x80))
return 0;
- ix += 4;
+ ix = 4;
} else /* unknown encoding */
return 0;
+ utf += ix;
}
return(1);
}
@@ -831,8 +837,9 @@ xmlCheckUTF8(const unsigned char *utf)
int
xmlUTF8Strsize(const xmlChar *utf, int len) {
- const xmlChar *ptr=utf;
- xmlChar ch;
+ const xmlChar *ptr=utf;
+ int ch;
+ size_t ret;
if (utf == NULL)
return(0);
@@ -849,7 +856,8 @@ xmlUTF8Strsize(const xmlChar *utf, int len) {
ptr++;
}
}
- return (ptr - utf);
+ ret = ptr - utf;
+ return (ret > INT_MAX ? 0 : ret);
}
@@ -869,11 +877,8 @@ xmlUTF8Strndup(const xmlChar *utf, int len) {
if ((utf == NULL) || (len < 0)) return(NULL);
i = xmlUTF8Strsize(utf, len);
- ret = (xmlChar *) xmlMallocAtomic((i + 1) * sizeof(xmlChar));
+ ret = (xmlChar *) xmlMallocAtomic(((size_t) i + 1) * sizeof(xmlChar));
if (ret == NULL) {
- xmlGenericError(xmlGenericErrorContext,
- "malloc of %ld byte failed\n",
- (len + 1) * (long)sizeof(xmlChar));
return(NULL);
}
memcpy(ret, utf, i * sizeof(xmlChar));
@@ -893,7 +898,7 @@ xmlUTF8Strndup(const xmlChar *utf, int len) {
*/
const xmlChar *
xmlUTF8Strpos(const xmlChar *utf, int pos) {
- xmlChar ch;
+ int ch;
if (utf == NULL) return(NULL);
if (pos < 0)
@@ -925,14 +930,15 @@ xmlUTF8Strpos(const xmlChar *utf, int pos) {
*/
int
xmlUTF8Strloc(const xmlChar *utf, const xmlChar *utfchar) {
- int i, size;
- xmlChar ch;
+ size_t i;
+ int size;
+ int ch;
if (utf==NULL || utfchar==NULL) return -1;
size = xmlUTF8Strsize(utfchar, 1);
for(i=0; (ch=*utf) != 0; i++) {
if (xmlStrncmp(utf, utfchar, size)==0)
- return(i);
+ return(i > INT_MAX ? 0 : i);
utf++;
if ( ch & 0x80 ) {
/* if not simple ascii, verify proper format */
@@ -962,8 +968,8 @@ xmlUTF8Strloc(const xmlChar *utf, const xmlChar *utfchar) {
xmlChar *
xmlUTF8Strsub(const xmlChar *utf, int start, int len) {
- int i;
- xmlChar ch;
+ int i;
+ int ch;
if (utf == NULL) return(NULL);
if (start < 0) return(NULL);
@@ -1019,6 +1025,8 @@ xmlEscapeFormatString(xmlChar **msg)
if (count == 0)
return(*msg);
+ if ((count > INT_MAX) || (msgLen > INT_MAX - count))
+ return(NULL);
resultLen = msgLen + count + 1;
result = (xmlChar *) xmlMallocAtomic(resultLen * sizeof(xmlChar));
if (result == NULL) {
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-09 23:03:14 +0000