rpm/expat
SHA256
1
0
Fork 0
forked from pool/expat
Code Pull Requests Activity
5c08cf2073
expat/expatfaq.html
David Anes 5c08cf2073 - Update to 2.6.3: 
* Security fixes:
    - CVE-2024-45490, bsc#1229930 -- Calling function XML_ParseBuffer with
      len < 0 without noticing and then calling XML_GetBuffer
      will have XML_ParseBuffer fail to recognize the problem
      and XML_GetBuffer corrupt memory.
      With the fix, XML_ParseBuffer now complains with error
      XML_ERROR_INVALID_ARGUMENT just like sibling XML_Parse
      has been doing since Expat 2.2.1, and now documented.
      Impact is denial of service to potentially artitrary code
      execution.
    - CVE-2024-45491, bsc#1229931 -- Internal function dtdCopy can have an
      integer overflow for nDefaultAtts on 32-bit platforms
      (where UINT_MAX equals SIZE_MAX).
      Impact is denial of service to potentially artitrary code
      execution.
    - CVE-2024-45492, bsc#1229932 -- Internal function nextScaffoldPart can
      have an integer overflow for m_groupSize on 32-bit
      platforms (where UINT_MAX equals SIZE_MAX).
      Impact is denial of service to potentially artitrary code
      execution.
  * Other changes:
    - Autotools: Sync CMake templates with CMake 3.28
    - Autotools: Always provide path to find(1) for portability
    - Autotools: Ensure that the m4 directory always exists.
    - Autotools: Simplify handling of SIZEOF_VOID_P
    - Autotools: Support non-GNU sed
    - Autotools|CMake: Fix main() to main(void)
    - Autotools|CMake: Fix compile tests for HAVE_SYSCALL_GETRANDOM
    - Autotools|CMake: Stop requiring dos2unix

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/expat?expand=0&rev=114
2024-09-05 10:33:41 +00:00

101 lines
3.0 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"
"http://www.w3.org/TR/REC-html40/loose.dtd">
<!--
Note for SuSE package maintainers: this file was taken
verbatim from http://www.jclark.com/xml/expatfaq.html
and has since has obsolete information removed.
-->
<HTML>
<TITLE>expat FAQ</TITLE>
<BODY>
<H1>Frequently Asked Questions about Expat</H1>
<H4>Where can I get help in using expat?</H4>
<p>Try the xml-dev mailing list (subscribe by mailing to <a
href="mailto:majordomo@xml.org&BODY=subscribe%20xml-dev">majordomo@xml.org</a>
with the message <code>subscribe xml-dev</code>). Alternatively try
the mailing lists hosted by <A
href="http://expat.sourceforge.net">sourceforge.net</A>.</P>
<H4>Where is expat's API documented?</H4>
<p>In <code>xmlparse/xmlparse.h</code>. There's also an advanced,
low-level API you can use which is documented in
<code>xmltok/xmltok.h</code>.</p>
<p>There's also an excellent <a
href="http://www.xml.com/pub/1999/09/expat/index.html">article</a>
about expat on XML.com by Clark Cooper.</p>
<H4>Is there a simple example of using expat's API?</H4>
<p>See <code>sample/elements.c</code></p>
<H4>How can I get expat to deal with non-ASCII characters?</H4>
<P>By default, expat assumes that documents are encoded in UTF-8. In
UTF-8, ASCII characters are represented by a single byte as they would
be in ASCII, but non-ASCII characters are represented by a sequence of
two or more bytes all with the 8th bit set. The encoding most widely
used for European languages is ISO 8859-1 which is not compatible with
UTF-8. To use this encoding, expat must be told either by supplying
an argument of <code>"iso-8859-1"</code> to
<code>XML_ParserCreate</code>, or by starting the document with
<code>&lt;?xml version="1.0" encoding="iso-8859-1"?&gt;</code>.</P>
<H4>What encodings does expat support?</H4>
<P>expat has built in support for the following encodings:</P>
<ul>
<li><code>utf-8</code></li>
<li><code>utf-16</code></li>
<li><code>iso-8859-1</code></li>
<li><code>us-ascii</code></li>
</ul>
<P>Additional encodings can be supported by using
<code>XML_SetUnknownEncodingHandler</code>.</P>
<H4>How can I get expat to validate my XML documents?</H4>
<p>You can't. expat is not a validating parser.</p>
<H4>How can I get expat to read my DTD?</H4>
<p>Compile with <code>-DXML_DTD</code> and call
<code>XML_SetParamEntityParsing</code>.</p>
<H4>How can I get expat to recover from errors?</H4>
<p>You can't. All well-formedness errors stop processing. Note that
the XML Recommendation does not permit conforming XML processors to
continue normal processing after a fatal error.</p>
<H4>How do I get at the characters between tags?</H4>
<p>Use <code>XML_SetCharacterDataHandler</code>.</p>
<H4>How can I minimize the size of expat?</H4>
<p>Compile with <code>-DXML_MIN_SIZE</code>. With Visual C++, use the
<code>Win32 MinSize</code> configuration: this creates an
<code>xmlparse.dll</code> that does not require
<code>xmltok.dll</code>.</p>
<ADDRESS>
<A HREF="mailto:jjc@jclark.com">James Clark</A>
</ADDRESS>
</BODY>
</HTML>
View Git Blame Copy Permalink