diff options
| author | Alexander Smirnov <alex@ydb.tech> | 2024-11-22 09:21:01 +0000 |
|---|---|---|
| committer | Alexander Smirnov <alex@ydb.tech> | 2024-11-22 09:21:01 +0000 |
| commit | a7cac42c868ca5722777ccee944217410812e72c (patch) | |
| tree | 7bff7ce2a3ade72f6f15dfc634490d13628066ee /contrib/libs | |
| parent | a18f18d81996ca8e681bb6cabd441b52833d99bf (diff) | |
| parent | 9478cfdab4217d3710b96329466825bf47111d7d (diff) | |
| download | ydb-a7cac42c868ca5722777ccee944217410812e72c.tar.gz | |
Merge branch 'rightlib' into mergelibs-241122-0919
Diffstat (limited to 'contrib/libs')
| -rw-r--r-- | contrib/libs/expat/.yandex_meta/devtools.copyrights.report | 78 | ||||
| -rw-r--r-- | contrib/libs/expat/.yandex_meta/devtools.licenses.report | 6 | ||||
| -rw-r--r-- | contrib/libs/expat/.yandex_meta/licenses.list.txt | 1 | ||||
| -rw-r--r-- | contrib/libs/expat/.yandex_meta/override.nix | 4 | ||||
| -rw-r--r-- | contrib/libs/expat/Changes | 31 | ||||
| -rw-r--r-- | contrib/libs/expat/README.md | 47 | ||||
| -rw-r--r-- | contrib/libs/expat/expat.h | 6 | ||||
| -rw-r--r-- | contrib/libs/expat/expat_config.h | 6 | ||||
| -rw-r--r-- | contrib/libs/expat/lib/xmlparse.c | 18 | ||||
| -rw-r--r-- | contrib/libs/expat/ya.make | 4 | ||||
| -rw-r--r-- | contrib/libs/poco/Foundation/include/Poco/Dynamic/VarHolder.h | 26 |
11 files changed, 169 insertions, 58 deletions
diff --git a/contrib/libs/expat/.yandex_meta/devtools.copyrights.report b/contrib/libs/expat/.yandex_meta/devtools.copyrights.report index c3106544c7..b67c3a92e5 100644 --- a/contrib/libs/expat/.yandex_meta/devtools.copyrights.report +++ b/contrib/libs/expat/.yandex_meta/devtools.copyrights.report @@ -85,7 +85,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmltok_impl.c [9:20] KEEP COPYRIGHT_SERVICE_LABEL 17566be0ee85deadbd5b2fcedc8b66a9 @@ -96,7 +96,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 1916cbefc2e0a780a3d503ba26f3780a BELONGS ya.make @@ -129,7 +129,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmltok.c [9:27] KEEP COPYRIGHT_SERVICE_LABEL 262c58e3a627f5cee77a882379e1364f @@ -151,7 +151,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 338b8ad8ee9b8449a90a88a0559aefd9 BELONGS ya.make @@ -161,7 +161,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 347b7c5a6d0cfaa5712b5fb2bfd1a69a BELONGS ya.make @@ -182,7 +182,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 387a03e23bfe968e0bc1919b0ef65164 BELONGS ya.make @@ -202,7 +202,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 4010f67351b9e656cc500aa367c0c393 BELONGS ya.make @@ -212,7 +212,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmlrole.c [9:19] lib/xmltok.c [9:27] @@ -235,7 +235,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmltok.c [9:27] KEEP COPYRIGHT_SERVICE_LABEL 50da2a76d12ee3df6d928d81ca59a715 @@ -266,7 +266,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 576486d7fb5eeab148dcf39027acec46 BELONGS ya.make @@ -276,7 +276,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 581b53ae6f0fb8a0cc30c73b46bc3441 BELONGS ya.make @@ -319,7 +319,7 @@ BELONGS ya.make Match type : COPYRIGHT Files with this license: expat.h [9:22] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 5fe78d330bca84f8e39670e48c92ba39 BELONGS ya.make @@ -330,7 +330,7 @@ BELONGS ya.make Match type : COPYRIGHT Files with this license: lib/internal.h [28:36] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 60e5da68428d71447ddd4bd7750453bb BELONGS ya.make @@ -340,7 +340,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 6451d5e490271b354ad3b567c7a03423 BELONGS ya.make @@ -350,7 +350,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 660431f3ef648d1a8e72ca1d307af738 BELONGS ya.make @@ -360,7 +360,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 7588a9020c401c85f6b542a5629c0c92 BELONGS ya.make @@ -380,7 +380,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL 7c09099ef5f35bf3be4611e6cbb14510 BELONGS ya.make @@ -409,7 +409,7 @@ BELONGS ya.make lib/nametab.h [9:11] lib/utf8tab.h [9:13] lib/winconfig.h [9:14] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmlrole.c [9:19] lib/xmlrole.h [9:14] lib/xmltok.c [9:27] @@ -460,11 +460,21 @@ BELONGS ya.make Match type : COPYRIGHT Files with this license: lib/internal.h [28:36] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmlrole.c [9:19] lib/xmltok.c [9:27] lib/xmltok_impl.c [9:20] +KEEP COPYRIGHT_SERVICE_LABEL 9b348497698951665d1e43c1d376a510 +BELONGS ya.make + Note: matched license text is too long. Read it in the source files. + Scancode info: + Original SPDX id: COPYRIGHT_SERVICE_LABEL + Score : 100.00 + Match type : COPYRIGHT + Files with this license: + lib/xmlparse.c [9:44] + KEEP COPYRIGHT_SERVICE_LABEL 9fdb85dcaaf74d518b27233b48fffa52 BELONGS ya.make Note: matched license text is too long. Read it in the source files. @@ -475,7 +485,7 @@ BELONGS ya.make Files with this license: expat.h [9:22] expat_external.h [9:18] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL a0fdd1392c0b9b2558b9ccfe44592143 BELONGS ya.make @@ -527,7 +537,7 @@ BELONGS ya.make Match type : COPYRIGHT Files with this license: expat.h [9:22] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmltok.c [9:27] lib/xmltok_impl.c [9:20] @@ -539,7 +549,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL ac721fcd634b3e5674a847f5ed2f1c8e BELONGS ya.make @@ -559,7 +569,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL b646d644160a51f7f42f9fd9f89d8b3f BELONGS ya.make @@ -620,7 +630,7 @@ BELONGS ya.make lib/iasciitab.h [9:13] lib/latin1tab.h [9:13] lib/utf8tab.h [9:13] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmlrole.c [9:19] lib/xmlrole.h [9:14] lib/xmltok.c [9:27] @@ -637,7 +647,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL d548c6beaeae204247905b60d5feff91 BELONGS ya.make @@ -647,7 +657,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmltok_impl.c [9:20] KEEP COPYRIGHT_SERVICE_LABEL d9ac29affff64c14b3c82b78ed157a77 @@ -658,7 +668,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmlrole.c [9:19] lib/xmltok.c [9:27] @@ -670,7 +680,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL dd3e49797101e1ae2e966f0ebdd58da4 BELONGS ya.make @@ -700,7 +710,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL e3d6c1b6030b59aad9996cc0a9efeda5 BELONGS ya.make @@ -710,7 +720,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL e526eb605bd716769dd1ed15786af827 BELONGS ya.make @@ -730,7 +740,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL ef0dda0153a00710149f327147a79b7f BELONGS ya.make @@ -771,7 +781,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL f792720cb266393d3d3fb2199660c4ea BELONGS ya.make @@ -783,7 +793,7 @@ BELONGS ya.make Files with this license: expat.h [9:22] lib/internal.h [28:36] - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] lib/xmltok.c [9:27] lib/xmltok.h [9:15] @@ -813,7 +823,7 @@ BELONGS ya.make Score : 100.00 Match type : COPYRIGHT Files with this license: - lib/xmlparse.c [9:43] + lib/xmlparse.c [9:44] KEEP COPYRIGHT_SERVICE_LABEL ffabe442e64111946b696c0384a52a77 BELONGS ya.make diff --git a/contrib/libs/expat/.yandex_meta/devtools.licenses.report b/contrib/libs/expat/.yandex_meta/devtools.licenses.report index e38dc31f64..f11728285f 100644 --- a/contrib/libs/expat/.yandex_meta/devtools.licenses.report +++ b/contrib/libs/expat/.yandex_meta/devtools.licenses.report @@ -42,7 +42,7 @@ BELONGS ya.make KEEP MIT 6bb6514a1d779748b76a73215a89ae66 BELONGS ya.make -FILE_INCLUDE AUTHORS found in files: expat.h at line 38, expat_external.h at line 34, lib/ascii.h at line 30, lib/asciitab.h at line 29, lib/iasciitab.h at line 29, lib/internal.h at line 52, lib/latin1tab.h at line 29, lib/utf8tab.h at line 29, lib/winconfig.h at line 30, lib/xmlparse.c at line 59, lib/xmlrole.c at line 35, lib/xmlrole.h at line 30, lib/xmltok.c at line 43, lib/xmltok.h at line 31, lib/xmltok_impl.c at line 36, lib/xmltok_impl.h at line 28, lib/xmltok_ns.c at line 31 +FILE_INCLUDE AUTHORS found in files: expat.h at line 38, expat_external.h at line 34, lib/ascii.h at line 30, lib/asciitab.h at line 29, lib/iasciitab.h at line 29, lib/internal.h at line 52, lib/latin1tab.h at line 29, lib/utf8tab.h at line 29, lib/winconfig.h at line 30, lib/xmlparse.c at line 60, lib/xmlrole.c at line 35, lib/xmlrole.h at line 30, lib/xmltok.c at line 43, lib/xmltok.h at line 31, lib/xmltok_impl.c at line 36, lib/xmltok_impl.h at line 28, lib/xmltok_ns.c at line 31 Note: matched license text is too long. Read it in the source files. Scancode info: Original SPDX id: MIT @@ -59,7 +59,7 @@ FILE_INCLUDE AUTHORS found in files: expat.h at line 38, expat_external.h at lin lib/latin1tab.h [15:32] lib/utf8tab.h [15:32] lib/winconfig.h [16:33] - lib/xmlparse.c [45:62] + lib/xmlparse.c [46:63] lib/xmlrole.c [21:38] lib/xmlrole.h [16:33] lib/xmltok.c [29:46] @@ -100,7 +100,7 @@ BELONGS ya.make lib/nametab.h [11:11] lib/utf8tab.h [13:13] lib/winconfig.h [14:14] - lib/xmlparse.c [43:43] + lib/xmlparse.c [44:44] lib/xmlrole.c [19:19] lib/xmlrole.h [14:14] lib/xmltok.c [27:27] diff --git a/contrib/libs/expat/.yandex_meta/licenses.list.txt b/contrib/libs/expat/.yandex_meta/licenses.list.txt index 10480569cc..e23955221e 100644 --- a/contrib/libs/expat/.yandex_meta/licenses.list.txt +++ b/contrib/libs/expat/.yandex_meta/licenses.list.txt @@ -67,6 +67,7 @@ Copyright (c) 2023 Owain Davies <owaind@bath.edu> Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <snild@sony.com> Copyright (c) 2024 Berkay Eren Ürün <berkay.ueruen@siemens.com> + Copyright (c) 2024 Hanno Böck <hanno@gentoo.org> Licensed under the MIT license: diff --git a/contrib/libs/expat/.yandex_meta/override.nix b/contrib/libs/expat/.yandex_meta/override.nix index 380531bb62..a7493ed82e 100644 --- a/contrib/libs/expat/.yandex_meta/override.nix +++ b/contrib/libs/expat/.yandex_meta/override.nix @@ -1,12 +1,12 @@ pkgs: attrs: with pkgs; with attrs; rec { - version = "2.6.3"; + version = "2.6.4"; versionTag = "R_${lib.replaceStrings ["."] ["_"] version}"; src = fetchFromGitHub { owner = "libexpat"; repo = "libexpat"; rev = "${versionTag}"; - hash = "sha256-xxjUNbkcJkCMzlMt5yNnnUl0pJ/pP3Z9F5qnlYQXLOQ="; + hash = "sha256-ek8/3c8bKG+z7fIM+QCNsH7eoVGAt7z3bXBHZ3QjlS8="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/contrib/libs/expat/Changes b/contrib/libs/expat/Changes index c1d22efa5a..aa19f70ae2 100644 --- a/contrib/libs/expat/Changes +++ b/contrib/libs/expat/Changes @@ -30,6 +30,37 @@ !! THANK YOU! Sebastian Pipping -- Berlin, 2024-03-09 !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +Release 2.6.4 Wed November 6 2024 + Security fixes: + #915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser + from a NULL pointer dereference by disallowing function + XML_StopParser to (stop or) suspend an unstarted parser. + A new error code XML_ERROR_NOT_STARTED was introduced to + properly communicate this situation. // CWE-476 CWE-754 + + Other changes: + #903 CMake: Add alias target "expat::expat" + #905 docs: Document use via CMake >=3.18 with FetchContent + and SOURCE_SUBDIR and its consequences + #902 tests: Reduce use of global parser instance + #904 tests: Resolve duplicate handler + #317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903) + #914 Fix signedness of format strings + #919 #920 Version info bumped from 10:3:9 (libexpat*.so.1.9.3) + to 11:0:10 (libexpat*.so.1.10.0); see https://verbump.de/ + for what these numbers do + + Infrastructure: + #907 CI: Upgrade Clang from 18 to 19 + #913 CI: Drop macos-12 and add macos-15 + #910 CI: Adapt to breaking changes in GitHub Actions + #898 Add missing entries to .gitignore + + Special thanks to: + Hanno Böck + José Eduardo Gutiérrez Conejo + José Ricardo Cardona Quesada + Release 2.6.3 Wed September 4 2024 Security fixes: #887 #890 CVE-2024-45490 -- Calling function XML_ParseBuffer with diff --git a/contrib/libs/expat/README.md b/contrib/libs/expat/README.md index 180a68e4ab..23d26dad2b 100644 --- a/contrib/libs/expat/README.md +++ b/contrib/libs/expat/README.md @@ -11,7 +11,7 @@ > at the top of the `Changes` file. -# Expat, Release 2.6.3 +# Expat, Release 2.6.4 This is Expat, a C99 library for parsing [XML 1.0 Fourth Edition](https://www.w3.org/TR/2006/REC-xml-20060816/), started by @@ -43,9 +43,9 @@ This license is the same as the MIT/X Consortium license. ## Using libexpat in your CMake-Based Project -There are two ways of using libexpat with CMake: +There are three documented ways of using libexpat with CMake: -### a) Module Mode +### a) `find_package` with Module Mode This approach leverages CMake's own [module `FindEXPAT`](https://cmake.org/cmake/help/latest/module/FindEXPAT.html). @@ -70,7 +70,7 @@ target_include_directories(hello PRIVATE ${EXPAT_INCLUDE_DIRS}) target_link_libraries(hello PUBLIC ${EXPAT_LIBRARIES}) ``` -### b) Config Mode +### b) `find_package` with Config Mode This approach requires files from… @@ -98,6 +98,45 @@ add_executable(hello target_link_libraries(hello PUBLIC expat::expat) ``` +### c) The `FetchContent` module + +This approach — as demonstrated below — requires CMake >=3.18 for both the +[`FetchContent` module](https://cmake.org/cmake/help/latest/module/FetchContent.html) +and its support for the `SOURCE_SUBDIR` option to be available. + +Please note that: +- Use of the `FetchContent` module with *non-release* SHA1s or `master` + of libexpat is neither advised nor considered officially supported. +- Pinning to a specific commit is great for robust CI. +- Pinning to a specific commit needs updating every time there is a new + release of libexpat — either manually or through automation —, + to not miss out on libexpat security updates. + +For an example that pulls in libexpat via Git: + +```cmake +cmake_minimum_required(VERSION 3.18) + +include(FetchContent) + +project(hello VERSION 1.0.0) + +FetchContent_Declare( + expat + GIT_REPOSITORY https://github.com/libexpat/libexpat/ + GIT_TAG 000000000_GIT_COMMIT_SHA1_HERE_000000000 # i.e. Git tag R_0_Y_Z + SOURCE_SUBDIR expat/ +) + +FetchContent_MakeAvailable(expat) + +add_executable(hello + hello.c +) + +target_link_libraries(hello PUBLIC expat) +``` + ## Building from a Git Clone diff --git a/contrib/libs/expat/expat.h b/contrib/libs/expat/expat.h index d0d6015a66..523b37d8d5 100644 --- a/contrib/libs/expat/expat.h +++ b/contrib/libs/expat/expat.h @@ -130,7 +130,9 @@ enum XML_Error { /* Added in 2.3.0. */ XML_ERROR_NO_BUFFER, /* Added in 2.4.0. */ - XML_ERROR_AMPLIFICATION_LIMIT_BREACH + XML_ERROR_AMPLIFICATION_LIMIT_BREACH, + /* Added in 2.6.4. */ + XML_ERROR_NOT_STARTED, }; enum XML_Content_Type { @@ -1066,7 +1068,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled); */ #define XML_MAJOR_VERSION 2 #define XML_MINOR_VERSION 6 -#define XML_MICRO_VERSION 3 +#define XML_MICRO_VERSION 4 #ifdef __cplusplus } diff --git a/contrib/libs/expat/expat_config.h b/contrib/libs/expat/expat_config.h index a3e5f4a3d3..48d7b064fa 100644 --- a/contrib/libs/expat/expat_config.h +++ b/contrib/libs/expat/expat_config.h @@ -83,7 +83,7 @@ #define PACKAGE_NAME "expat" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "expat 2.6.3" +#define PACKAGE_STRING "expat 2.6.4" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "expat" @@ -92,7 +92,7 @@ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "2.6.3" +#define PACKAGE_VERSION "2.6.4" /* Define to 1 if all of the C90 standard headers exist (not just the ones required in a freestanding environment). This macro is provided for @@ -100,7 +100,7 @@ #define STDC_HEADERS 1 /* Version number of package */ -#define VERSION "2.6.3" +#define VERSION "2.6.4" /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most significant byte first (like Motorola and SPARC, unlike Intel). */ diff --git a/contrib/libs/expat/lib/xmlparse.c b/contrib/libs/expat/lib/xmlparse.c index 949c226ce8..e3e46da03b 100644 --- a/contrib/libs/expat/lib/xmlparse.c +++ b/contrib/libs/expat/lib/xmlparse.c @@ -1,4 +1,4 @@ -/* ba4cdf9bdb534f355a9def4c9e25d20ee8e72f95b0a4d930be52e563f5080196 (2.6.3+) +/* c5625880f4bf417c1463deee4eb92d86ff413f802048621c57e25fe483eb59e4 (2.6.4+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -40,6 +40,7 @@ Copyright (c) 2023 Owain Davies <owaind@bath.edu> Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <snild@sony.com> Copyright (c) 2024 Berkay Eren Ürün <berkay.ueruen@siemens.com> + Copyright (c) 2024 Hanno Böck <hanno@gentoo.org> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -2234,6 +2235,9 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable) { if (parser == NULL) return XML_STATUS_ERROR; switch (parser->m_parsingStatus.parsing) { + case XML_INITIALIZED: + parser->m_errorCode = XML_ERROR_NOT_STARTED; + return XML_STATUS_ERROR; case XML_SUSPENDED: if (resumable) { parser->m_errorCode = XML_ERROR_SUSPENDED; @@ -2244,7 +2248,7 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable) { case XML_FINISHED: parser->m_errorCode = XML_ERROR_FINISHED; return XML_STATUS_ERROR; - default: + case XML_PARSING: if (resumable) { #ifdef XML_DTD if (parser->m_isParamEntity) { @@ -2255,6 +2259,9 @@ XML_StopParser(XML_Parser parser, XML_Bool resumable) { parser->m_parsingStatus.parsing = XML_SUSPENDED; } else parser->m_parsingStatus.parsing = XML_FINISHED; + break; + default: + assert(0); } return XML_STATUS_OK; } @@ -2519,6 +2526,9 @@ XML_ErrorString(enum XML_Error code) { case XML_ERROR_AMPLIFICATION_LIMIT_BREACH: return XML_L( "limit on input amplification factor (from DTD and entities) breached"); + /* Added in 2.6.4. */ + case XML_ERROR_NOT_STARTED: + return XML_L("parser not started"); } return NULL; } @@ -7856,7 +7866,7 @@ accountingReportDiff(XML_Parser rootParser, assert(! rootParser->m_parentParser); fprintf(stderr, - " (+" EXPAT_FMT_PTRDIFF_T("6") " bytes %s|%d, xmlparse.c:%d) %*s\"", + " (+" EXPAT_FMT_PTRDIFF_T("6") " bytes %s|%u, xmlparse.c:%d) %*s\"", bytesMore, (account == XML_ACCOUNT_DIRECT) ? "DIR" : "EXP", levelsAwayFromRootParser, source_line, 10, ""); @@ -7969,7 +7979,7 @@ entityTrackingReportStats(XML_Parser rootParser, ENTITY *entity, fprintf( stderr, - "expat: Entities(%p): Count %9d, depth %2d/%2d %*s%s%s; %s length %d (xmlparse.c:%d)\n", + "expat: Entities(%p): Count %9u, depth %2u/%2u %*s%s%s; %s length %d (xmlparse.c:%d)\n", (void *)rootParser, rootParser->m_entity_stats.countEverOpened, rootParser->m_entity_stats.currentDepth, rootParser->m_entity_stats.maximumDepthSeen, diff --git a/contrib/libs/expat/ya.make b/contrib/libs/expat/ya.make index 45fbab7888..489ae45db1 100644 --- a/contrib/libs/expat/ya.make +++ b/contrib/libs/expat/ya.make @@ -10,9 +10,9 @@ LICENSE( LICENSE_TEXTS(.yandex_meta/licenses.list.txt) -VERSION(2.6.3) +VERSION(2.6.4) -ORIGINAL_SOURCE(https://github.com/libexpat/libexpat/archive/R_2_6_3.tar.gz) +ORIGINAL_SOURCE(https://github.com/libexpat/libexpat/archive/R_2_6_4.tar.gz) ADDINCL( contrib/libs/expat diff --git a/contrib/libs/poco/Foundation/include/Poco/Dynamic/VarHolder.h b/contrib/libs/poco/Foundation/include/Poco/Dynamic/VarHolder.h index 85af40f449..9a85a24aee 100644 --- a/contrib/libs/poco/Foundation/include/Poco/Dynamic/VarHolder.h +++ b/contrib/libs/poco/Foundation/include/Poco/Dynamic/VarHolder.h @@ -452,15 +452,33 @@ private: template <typename F, typename T> void checkUpperLimitFloat(const F& from) const { - if (from > std::numeric_limits<T>::max()) - throw RangeException("Value too large."); + if (std::is_floating_point<T>::value) + { + if (from > std::numeric_limits<T>::max()) + throw RangeException("Value too large."); + } + else + { + // Avoid clang -Wimplicit-int-float-conversion warning with an explicit cast. + if (from > static_cast<F>(std::numeric_limits<T>::max())) + throw RangeException("Value too large."); + } } template <typename F, typename T> void checkLowerLimitFloat(const F& from) const { - if (from < -std::numeric_limits<T>::max()) - throw RangeException("Value too small."); + if (std::is_floating_point<T>::value) + { + if (from < -std::numeric_limits<T>::max()) + throw RangeException("Value too small."); + } + else + { + // Avoid clang -Wimplicit-int-float-conversion warning with an explicit cast. + if (from < static_cast<F>(std::numeric_limits<T>::min())) + throw RangeException("Value too small."); + } } template <typename F, typename T> |