forked from pool/tinyxml2
Compare commits
3 Commits
Author | SHA256 | Date | |
---|---|---|---|
df95c60481 | |||
|
73b2c5e275 | ||
5d52b48c39 |
52
0001-Make-DocPrinter-support-DynArrays-larger-than-2G.patch
Normal file
52
0001-Make-DocPrinter-support-DynArrays-larger-than-2G.patch
Normal file
@@ -0,0 +1,52 @@
|
||||
From 04bbc06cd0d1fbbcebd91a8cd376a0d3c5b3cb27 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Engelhardt <jengelh@inai.de>
|
||||
Date: Wed, 14 Aug 2024 15:19:05 +0200
|
||||
Subject: [PATCH] Make DocPrinter support DynArrays larger than 2G
|
||||
References: https://github.com/leethomason/tinyxml2/pull/993
|
||||
|
||||
If the DynArray within an XMLPrinter object carries 2 gigabytes of
|
||||
data or more, XMLPrinter::CStrSize returns a truncated result. If a
|
||||
program casts this back to size_t without thought, sign extension
|
||||
leads to bad things(tm).
|
||||
|
||||
```c++
|
||||
int main()
|
||||
{
|
||||
tinyxml2::XMLDocument doc;
|
||||
doc.InsertEndChild(doc.NewDeclaration());
|
||||
auto root = doc.NewElement("root");
|
||||
size_t sz = 0x80000002;
|
||||
auto blank = new char[sz];
|
||||
memset(blank, ' ', sz);
|
||||
blank[sz-1]='\0';
|
||||
root->SetText(blank);
|
||||
doc.InsertEndChild(root);
|
||||
tinyxml2::XMLPrinter printer(nullptr);
|
||||
doc.Print(&printer);
|
||||
std::string_view sv{printer.CStr(), static_cast<size_t>(printer.CStrSize())};
|
||||
// sv.size() is way too big, causing overflows on access
|
||||
std::string dup(sv); // boom
|
||||
}
|
||||
```
|
||||
|
||||
Fixes: 2.0.2-873-geb3ab0d
|
||||
---
|
||||
tinyxml2.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tinyxml2.h b/tinyxml2.h
|
||||
index d5a3afd..cdd6880 100644
|
||||
--- a/tinyxml2.h
|
||||
+++ b/tinyxml2.h
|
||||
@@ -2314,7 +2314,7 @@ public:
|
||||
of the XML file in memory. (Note the size returned
|
||||
includes the terminating null.)
|
||||
*/
|
||||
- int CStrSize() const {
|
||||
+ size_t CStrSize() const {
|
||||
return _buffer.Size();
|
||||
}
|
||||
/**
|
||||
--
|
||||
2.46.0
|
||||
|
244
0001-Make-DynArray-support-objects-larger-than-1-gigabyte.patch
Normal file
244
0001-Make-DynArray-support-objects-larger-than-1-gigabyte.patch
Normal file
@@ -0,0 +1,244 @@
|
||||
From eb3ab0df5d184b84eb283c0806f6abee71e3409b Mon Sep 17 00:00:00 2001
|
||||
From: Jan Engelhardt <jengelh@inai.de>
|
||||
Date: Mon, 1 Jul 2024 14:23:34 +0200
|
||||
Subject: [PATCH] Make DynArray support objects larger than 1 gigabyte
|
||||
References: https://github.com/leethomason/tinyxml2/pull/990
|
||||
|
||||
The expression ``const int newAllocated = cap * 2;`` easily causes
|
||||
overflow, as soon as the input is 1.0 GiB. This goes unnoticed because
|
||||
release builds of tinyxml2 do not have active assertions.
|
||||
|
||||
The change in commit 9.0.0-20-g8fd6cc6 did not do anything useful;
|
||||
the signed multiplication overflow (and thus undefined behavior)
|
||||
still occurs.
|
||||
|
||||
Using ``int`` in this class is really archaic, because it limits the
|
||||
class to a gigabyte even on 64-bit platforms.
|
||||
|
||||
The multiplication overflow check also needs to include sizeof(T),
|
||||
otherwise you can run into unsigned multiplication overflow (defined,
|
||||
but undesirable) in the memcpy() call.
|
||||
|
||||
testcase:
|
||||
|
||||
int main()
|
||||
{
|
||||
tinyxml2::XMLDocument doc;
|
||||
doc.InsertEndChild(doc.NewDeclaration());
|
||||
auto root = doc.NewElement("root");
|
||||
size_t sz = 0x80000001;
|
||||
auto blank = new char[sz];
|
||||
memset(blank, ' ', sz);
|
||||
blank[sz-1]='\0';
|
||||
root->SetText(blank);
|
||||
doc.InsertEndChild(root);
|
||||
tinyxml2::XMLPrinter printer(nullptr);
|
||||
doc.Print(&printer);
|
||||
}
|
||||
---
|
||||
tinyxml2.cpp | 2 +-
|
||||
tinyxml2.h | 65 ++++++++++++++++++++++++++--------------------------
|
||||
2 files changed, 33 insertions(+), 34 deletions(-)
|
||||
|
||||
diff --git a/tinyxml2.cpp b/tinyxml2.cpp
|
||||
index 6d6c200..0fed8dc 100644
|
||||
--- a/tinyxml2.cpp
|
||||
+++ b/tinyxml2.cpp
|
||||
@@ -2221,7 +2221,7 @@ void XMLDocument::MarkInUse(const XMLNode* const node)
|
||||
TIXMLASSERT(node);
|
||||
TIXMLASSERT(node->_parent == 0);
|
||||
|
||||
- for (int i = 0; i < _unlinked.Size(); ++i) {
|
||||
+ for (size_t i = 0; i < _unlinked.Size(); ++i) {
|
||||
if (node == _unlinked[i]) {
|
||||
_unlinked.SwapRemove(i);
|
||||
break;
|
||||
diff --git a/tinyxml2.h b/tinyxml2.h
|
||||
index 7586f7b..d5a3afd 100644
|
||||
--- a/tinyxml2.h
|
||||
+++ b/tinyxml2.h
|
||||
@@ -199,7 +199,7 @@ private:
|
||||
Has a small initial memory pool, so that low or no usage will not
|
||||
cause a call to new/delete
|
||||
*/
|
||||
-template <class T, int INITIAL_SIZE>
|
||||
+template <class T, size_t INITIAL_SIZE>
|
||||
class DynArray
|
||||
{
|
||||
public:
|
||||
@@ -227,9 +227,8 @@ public:
|
||||
++_size;
|
||||
}
|
||||
|
||||
- T* PushArr( int count ) {
|
||||
- TIXMLASSERT( count >= 0 );
|
||||
- TIXMLASSERT( _size <= INT_MAX - count );
|
||||
+ T* PushArr( size_t count ) {
|
||||
+ TIXMLASSERT( _size <= SIZE_MAX - count );
|
||||
EnsureCapacity( _size+count );
|
||||
T* ret = &_mem[_size];
|
||||
_size += count;
|
||||
@@ -242,7 +241,7 @@ public:
|
||||
return _mem[_size];
|
||||
}
|
||||
|
||||
- void PopArr( int count ) {
|
||||
+ void PopArr( size_t count ) {
|
||||
TIXMLASSERT( _size >= count );
|
||||
_size -= count;
|
||||
}
|
||||
@@ -251,13 +250,13 @@ public:
|
||||
return _size == 0;
|
||||
}
|
||||
|
||||
- T& operator[](int i) {
|
||||
- TIXMLASSERT( i>= 0 && i < _size );
|
||||
+ T& operator[](size_t i) {
|
||||
+ TIXMLASSERT( i < _size );
|
||||
return _mem[i];
|
||||
}
|
||||
|
||||
- const T& operator[](int i) const {
|
||||
- TIXMLASSERT( i>= 0 && i < _size );
|
||||
+ const T& operator[](size_t i) const {
|
||||
+ TIXMLASSERT( i < _size );
|
||||
return _mem[i];
|
||||
}
|
||||
|
||||
@@ -266,18 +265,18 @@ public:
|
||||
return _mem[ _size - 1];
|
||||
}
|
||||
|
||||
- int Size() const {
|
||||
+ size_t Size() const {
|
||||
TIXMLASSERT( _size >= 0 );
|
||||
return _size;
|
||||
}
|
||||
|
||||
- int Capacity() const {
|
||||
+ size_t Capacity() const {
|
||||
TIXMLASSERT( _allocated >= INITIAL_SIZE );
|
||||
return _allocated;
|
||||
}
|
||||
|
||||
- void SwapRemove(int i) {
|
||||
- TIXMLASSERT(i >= 0 && i < _size);
|
||||
+ void SwapRemove(size_t i) {
|
||||
+ TIXMLASSERT(i < _size);
|
||||
TIXMLASSERT(_size > 0);
|
||||
_mem[i] = _mem[_size - 1];
|
||||
--_size;
|
||||
@@ -297,14 +296,14 @@ private:
|
||||
DynArray( const DynArray& ); // not supported
|
||||
void operator=( const DynArray& ); // not supported
|
||||
|
||||
- void EnsureCapacity( int cap ) {
|
||||
+ void EnsureCapacity( size_t cap ) {
|
||||
TIXMLASSERT( cap > 0 );
|
||||
if ( cap > _allocated ) {
|
||||
- TIXMLASSERT( cap <= INT_MAX / 2 );
|
||||
- const int newAllocated = cap * 2;
|
||||
- T* newMem = new T[static_cast<unsigned int>(newAllocated)];
|
||||
+ TIXMLASSERT( cap <= SIZE_MAX / 2 / sizeof(T));
|
||||
+ const size_t newAllocated = cap * 2;
|
||||
+ T* newMem = new T[newAllocated];
|
||||
TIXMLASSERT( newAllocated >= _size );
|
||||
- memcpy( newMem, _mem, sizeof(T)*static_cast<size_t>(_size) ); // warning: not using constructors, only works for PODs
|
||||
+ memcpy( newMem, _mem, sizeof(T) * _size ); // warning: not using constructors, only works for PODs
|
||||
if ( _mem != _pool ) {
|
||||
delete [] _mem;
|
||||
}
|
||||
@@ -314,9 +313,9 @@ private:
|
||||
}
|
||||
|
||||
T* _mem;
|
||||
- T _pool[static_cast<size_t>(INITIAL_SIZE)];
|
||||
- int _allocated; // objects allocated
|
||||
- int _size; // number objects in use
|
||||
+ T _pool[INITIAL_SIZE];
|
||||
+ size_t _allocated; // objects allocated
|
||||
+ size_t _size; // number objects in use
|
||||
};
|
||||
|
||||
|
||||
@@ -330,7 +329,7 @@ public:
|
||||
MemPool() {}
|
||||
virtual ~MemPool() {}
|
||||
|
||||
- virtual int ItemSize() const = 0;
|
||||
+ virtual size_t ItemSize() const = 0;
|
||||
virtual void* Alloc() = 0;
|
||||
virtual void Free( void* ) = 0;
|
||||
virtual void SetTracked() = 0;
|
||||
@@ -340,7 +339,7 @@ public:
|
||||
/*
|
||||
Template child class to create pools of the correct type.
|
||||
*/
|
||||
-template< int ITEM_SIZE >
|
||||
+template< size_t ITEM_SIZE >
|
||||
class MemPoolT : public MemPool
|
||||
{
|
||||
public:
|
||||
@@ -362,10 +361,10 @@ public:
|
||||
_nUntracked = 0;
|
||||
}
|
||||
|
||||
- virtual int ItemSize() const override{
|
||||
+ virtual size_t ItemSize() const override {
|
||||
return ITEM_SIZE;
|
||||
}
|
||||
- int CurrentAllocs() const {
|
||||
+ size_t CurrentAllocs() const {
|
||||
return _currentAllocs;
|
||||
}
|
||||
|
||||
@@ -376,7 +375,7 @@ public:
|
||||
_blockPtrs.Push( block );
|
||||
|
||||
Item* blockItems = block->items;
|
||||
- for( int i = 0; i < ITEMS_PER_BLOCK - 1; ++i ) {
|
||||
+ for( size_t i = 0; i < ITEMS_PER_BLOCK - 1; ++i ) {
|
||||
blockItems[i].next = &(blockItems[i + 1]);
|
||||
}
|
||||
blockItems[ITEMS_PER_BLOCK - 1].next = 0;
|
||||
@@ -417,7 +416,7 @@ public:
|
||||
--_nUntracked;
|
||||
}
|
||||
|
||||
- int Untracked() const {
|
||||
+ size_t Untracked() const {
|
||||
return _nUntracked;
|
||||
}
|
||||
|
||||
@@ -448,10 +447,10 @@ private:
|
||||
DynArray< Block*, 10 > _blockPtrs;
|
||||
Item* _root;
|
||||
|
||||
- int _currentAllocs;
|
||||
- int _nAllocs;
|
||||
- int _maxAllocs;
|
||||
- int _nUntracked;
|
||||
+ size_t _currentAllocs;
|
||||
+ size_t _nAllocs;
|
||||
+ size_t _maxAllocs;
|
||||
+ size_t _nUntracked;
|
||||
};
|
||||
|
||||
|
||||
@@ -1981,11 +1980,11 @@ private:
|
||||
void PushDepth();
|
||||
void PopDepth();
|
||||
|
||||
- template<class NodeType, int PoolElementSize>
|
||||
+ template<class NodeType, size_t PoolElementSize>
|
||||
NodeType* CreateUnlinkedNode( MemPoolT<PoolElementSize>& pool );
|
||||
};
|
||||
|
||||
-template<class NodeType, int PoolElementSize>
|
||||
+template<class NodeType, size_t PoolElementSize>
|
||||
inline NodeType* XMLDocument::CreateUnlinkedNode( MemPoolT<PoolElementSize>& pool )
|
||||
{
|
||||
TIXMLASSERT( sizeof( NodeType ) == PoolElementSize );
|
||||
--
|
||||
2.45.2
|
||||
|
BIN
10.0.0.tar.gz
(Stored with Git LFS)
Normal file
BIN
10.0.0.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
11.0.0.tar.gz
(Stored with Git LFS)
BIN
11.0.0.tar.gz
(Stored with Git LFS)
Binary file not shown.
4
_scmsync.obsinfo
Normal file
4
_scmsync.obsinfo
Normal file
@@ -0,0 +1,4 @@
|
||||
mtime: 1724054347
|
||||
commit: e7d6f1849b5649d1fb903f11afcf88f4db5b3fb92e9261375c4155ad4c8d4eec
|
||||
url: https://src.opensuse.org/jengelh/tinyxml2
|
||||
revision: master
|
3
build.specials.obscpio
Normal file
3
build.specials.obscpio
Normal file
@@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:f4676df1ad4a6e27feee335a3416bdad4d128f3594df3cc812140848abe28805
|
||||
size 256
|
@@ -1,21 +1,3 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun Mar 16 09:10:55 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
- Update to release 11
|
||||
* Bump version to address ABI incompatibility between 10.0
|
||||
and 10.1 both producing the same SONAME.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Mar 8 20:25:46 UTC 2025 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
- Update to release 10.1.0
|
||||
* Build fixes, typo fixes.
|
||||
* Fix CVE-2024-50615 which was a problem parsing character
|
||||
encodings.
|
||||
- Delete 0001-Make-DocPrinter-support-DynArrays-larger-than-2G.patch
|
||||
0001-Make-DynArray-support-objects-larger-than-1-gigabyte.patch
|
||||
(merged)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 19 07:58:36 UTC 2024 - Jan Engelhardt <jengelh@inai.de>
|
||||
|
||||
|
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package tinyxml2
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -16,19 +16,21 @@
|
||||
#
|
||||
|
||||
|
||||
%define so_version 11
|
||||
%define so_version 10
|
||||
%define lib_package lib%{name}-%{so_version}
|
||||
Name: tinyxml2
|
||||
Version: 11.0.0
|
||||
Version: 10.0.0
|
||||
Release: 0
|
||||
Summary: Basic XML parser in C++
|
||||
License: Zlib
|
||||
Group: Development/Libraries/C and C++
|
||||
URL: https://github.com/leethomason/tinyxml2
|
||||
Source: https://github.com/leethomason/tinyxml2/archive/%{version}.tar.gz
|
||||
Patch1: 0001-Make-DynArray-support-objects-larger-than-1-gigabyte.patch
|
||||
Patch2: 0001-Make-DocPrinter-support-DynArrays-larger-than-2G.patch
|
||||
BuildRequires: cmake >= 3.15
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: pkg-config
|
||||
BuildRequires: pkgconfig
|
||||
|
||||
%description
|
||||
TinyXML is a feature-bounded XML parser in C++ that can be integrated
|
||||
@@ -73,8 +75,8 @@ developing applications that use libtinyxml2.
|
||||
find %{buildroot} -type f -name "*.la" -delete -print
|
||||
# /usr/lib/cmake is not owned by cmake; avoid any further conflicts
|
||||
if [ ! -d "%{buildroot}/%{_libdir}/cmake/%{name}" ]; then
|
||||
mkdir -pv %{buildroot}/%{_libdir}/cmake/%{name}
|
||||
mv -v %{buildroot}%{_prefix}/lib/cmake/tinyxml2 %{buildroot}/%{_libdir}/cmake/tinyxml2
|
||||
mkdir -p %{buildroot}/%{_libdir}/cmake/%{name}
|
||||
mv %{buildroot}%{_prefix}/lib/cmake/tinyxml2 %{buildroot}/%{_libdir}/cmake/tinyxml2
|
||||
fi
|
||||
|
||||
%check
|
||||
|
Reference in New Issue
Block a user