summaryrefslogtreecommitdiffstats
path: root/Modules/expat
Commit message (Collapse)AuthorAgeFilesLines
* gh-126623: Update libexpat to 2.6.4, make future updates easier (GH-126792)Seth Michael Larson2024-11-134-11/+79
| | | Update libexpat to 2.6.4, make future updates easier.
* gh-123678: Upgrade libexpat 2.6.3 (#123689)Seth Michael Larson2024-09-043-15/+35
| | | Upgrade libexpat 2.6.3
* gh-116741: Upgrade libexpat to 2.6.2 (#117296)Seth Michael Larson2024-04-233-16/+36
| | | Upgrade libexpat to 2.6.2
* gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) ↵Sebastian Pipping2024-02-291-0/+1
| | | | | | | | | | | | | | | | | | | | | (GH-115623) Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: - `xml.etree.ElementTree.XMLParser.flush` - `xml.etree.ElementTree.XMLPullParser.flush` - `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled` - `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled` - `xml.sax.expatreader.ExpatParser.flush` Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 . ### Notes - Please treat as a security fix related to CVE-2023-52425. Includes code suggested-by: Snild Dolkow <snild@sony.com> and by core dev Serhiy Storchaka.
* gh-115399: Upgrade bundled libexpat to 2.6.0 (#115431)Seth Michael Larson2024-02-1411-262/+401
|
* gh-98739: Update libexpat from 2.4.9 to 2.5.0 (#98742)Shaun Walbridge2022-10-273-18/+35
| | | | | * Update libexpat from 2.4.9 to 2.5.0 to address CVE-2022-43680. Co-authored-by: Shaun Walbridge <shaun.walbridge@gmail.com>
* gh-97005: Update libexpat from 2.4.7 to 2.4.9 (gh-97006)Dong-hee Na2022-09-227-17/+27
| | | Co-authored-by: Gregory P. Smith [Google] <greg@krypto.org>
* bpo-46932: Update bundled libexpat to 2.4.7 (GH-31736)Steve Dower2022-03-072-14/+155
|
* bpo-46794: Bump up the libexpat version into 2.4.6 (GH-31487)Dong-hee Na2022-02-235-62/+132
|
* bpo-46784: Add newly exported expat symbols to the namespace. (GH-31397)Yilei "Dolee" Yang2022-02-181-0/+5
| | | | | | | | | | | | | | | The libexpat 2.4.1 upgrade from introduced the following new exported symbols: * `testingAccountingGetCountBytesDirect` * `testingAccountingGetCountBytesIndirect` * `unsignedCharToPrintable` * `XML_SetBillionLaughsAttackProtectionActivationThreshold` * `XML_SetBillionLaughsAttackProtectionMaximumAmplification` We need to adjust [Modules/expat/pyexpatns.h](https://github.com/python/cpython/blob/master/Modules/expat/pyexpatns.h) (The newer libexpat upgrade has no new symbols). Automerge-Triggered-By: GH:gpshead
* bpo-46400: Update libexpat from 2.4.1 to 2.4.4 (GH-31022)Cyril Jouve2022-02-125-31/+237
|
* bpo-45570: Simplify setup macros for pyexpat (GH-29159)Christian Heimes2021-10-221-0/+4
| | | | | | | | * ``HAVE_EXPAT_CONFIG_H`` is not used by our code and not used by system-wide expat header files * ``USE_PYEXPAT_CAPI`` is no longer used by our code * ``XML_POOR_ENTROPY`` should be defined in expat_config.h Signed-off-by: Christian Heimes <christian@python.org>
* no-issue: Make silence about warning '_POSIX_C_SOURCE redefined' (GH-28948)Dong-hee Na2021-10-141-4/+4
|
* Fix typos in the Modules directory (GH-28761)Christian Clauss2021-10-071-1/+1
|
* bpo-44394: Update libexpat copy to 2.4.1 (GH-26945)Victor Stinner2021-08-2920-177/+1368
| | | | | | | Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS. Co-authored-by: Łukasz Langa <lukasz@langa.pl>
* Fix compiler warning in the xml module (GH-26245)Pablo Galindo2021-05-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | The newest version of gcc complains about passing un-initialized arrays as constant pointers: ``` /Modules/expat/xmltok_ns.c: In function ‘findEncodingNS’: /Modules/expat/xmltok.h:272:10: warning: ‘buf’ may be used uninitialized [-Wmaybe-uninitialized] 272 | (((enc)->utf8Convert)(enc, fromP, fromLim, toP, toLim)) | ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /Modules/expat/xmltok_ns.c:95:3: note: in expansion of macro ‘XmlUtf8Convert’ 95 | XmlUtf8Convert(enc, &ptr, end, &p, p + ENCODING_MAX - 1); | ^~~~~~~~~~~~~~ /Modules/expat/xmltok.h:272:10: note: by argument 5 of type ‘const char *’ to ‘enum XML_Convert_Result(const ENCODING *, const char **, const char *, char **, const char *)’ {aka ‘enum XML_Convert_Result(const struct encoding *, const char **, const char *, char **, const char *)’} 272 | (((enc)->utf8Convert)(enc, fromP, fromLim, toP, toLim)) | ~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ /Modules/expat/xmltok_ns.c:95:3: note: in expansion of macro ‘XmlUtf8Convert’ 95 | XmlUtf8Convert(enc, &ptr, end, &p, p + ENCODING_MAX - 1); | ^~~~~~~~~~~~~~ In file included from /Modules/expat/xmltok.c:1657: /Modules/expat/xmltok_ns.c:92:8: note: ‘buf’ declared here 92 | char buf[ENCODING_MAX]; ```
* bpo-37731: Reorder includes in xmltok.c to avoid redefinition of ↵Pablo Galindo2019-10-121-8/+8
| | | | _POSIX_C_SOURCE (GH-16733)
* closes bpo-38174: Update vendored expat library to 2.2.8. (GH-16346)Benjamin Peterson2019-09-2619-4836/+3973
| | | Fixes CVE-2019-15903. See full changelog at https://github.com/libexpat/libexpat/blob/R_2_2_8/expat/Changes.
* Fix typos mostly in comments, docs and test names (GH-15209)Min ho Kim2019-08-302-5/+5
|
* Fix typos in comments, docs and test names (#15018)Min ho Kim2019-07-301-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | * Fix typos in comments, docs and test names * Update test_pyparse.py account for change in string length * Apply suggestion: splitable -> splittable Co-Authored-By: Terry Jan Reedy <tjreedy@udel.edu> * Apply suggestion: splitable -> splittable Co-Authored-By: Terry Jan Reedy <tjreedy@udel.edu> * Apply suggestion: Dealloccte -> Deallocate Co-Authored-By: Terry Jan Reedy <tjreedy@udel.edu> * Update posixmodule checksum. * Reverse idlelib changes.
* Put pyexpatns.h include back. bpo-37437 (GH-14539)Benjamin Peterson2019-07-021-0/+4
|
* closes bpo-37437: Update vendorized expat to 2.2.7. (GH-14436)Benjamin Peterson2019-06-286-32/+21
|
* bpo-31374: expat doesn't include <pyconfig.h> on Windows (GH-11079)Victor Stinner2018-12-101-1/+3
|
* bpo-31374: Include pyconfig.h earlier in expat (GH-11064)Victor Stinner2018-12-101-0/+1
| | | | | | Include <pyconfig.h> ealier in Modules/expat/xmltok.c to define properly _POSIX_C_SOURCE. Python defines _POSIX_C_SOURCE as 200809L, whereas <features.h> (included indirectly by <string.h>) defines _POSIX_C_SOURCE as 199506L.
* bpo-35011: Restore use of pyexpatns.h in libexpat (GH-9939)Gregory P. Smith2018-10-181-0/+4
| | | | | | | | Restores the use of pyexpatns.h to isolate our embedded copy of the expat C library so that its symbols do not conflict at link or dynamic loading time with an embedding application or other extension modules with their own version of libexpat. https://github.com/python/cpython/commit/5dc3f23b5fb0b510926012cb3732dae63cddea60#diff-3afaf7274c90ce1b7405f75ad825f545 inadvertently removed it when upgrading expat.
* bpo-34625: Update vendorized expat version to 2.2.6. (GH-9150)Benjamin Peterson2018-09-114-27/+69
|
* bpo-33956: update vendored expat to 2.2.5 (GH-7925)Benjamin Peterson2018-06-278-1465/+1353
|
* Fix miscellaneous typos (#4275)luzpaz2017-11-051-1/+1
|
* remove configure check for memmove (#3716)Benjamin Peterson2017-09-241-0/+2
| | | Python requires C implementations provide memmove, so we shouldn't need to check for it. The only place using this configure check was expat, where we can simply always define HAVE_MEMMOVE.
* bpo-31462: Remove trailing whitespaces. (#3564)Serhiy Storchaka2017-09-141-1/+1
|
* bpo-31170: Update libexpat from 2.2.3 to 2.2.4 (#3315)Victor Stinner2017-09-0419-57/+567
| | | | | | | | | * bpo-31170: Update libexpat from 2.2.3 to 2.2.4 Fix copying of partial characters for UTF-8 input (libexpat bug 115): https://github.com/libexpat/libexpat/issues/115 * Add NEWS entry.
* bpo-30947: Update libexpat from 2.2.1 to 2.2.3 (#3106)Victor Stinner2017-08-187-100/+718
| | | | | | | | | | | | | | * bpo-30947: Update libexpat from 2.2.1 to 2.2.3 * Add NEWS entry * Add new loadlibrary.c * expat_external.h: restore include "pyexpatns.h" * PCbuild: add expat/loadlibrary.c * Define XML_POOR_ENTROPY to compile expat
* Avoid _GNU_SOURCE redefined warning in xmlparse.c (#2670)Segev Finer2017-07-111-1/+1
|
* bpo-30726: expat: Fix compiler warnings on Windows 64-bit (#2368)Victor Stinner2017-06-231-2/+2
| | | | | Explicitly cast on integer downcasting to fix compiler warnings. (cherry picked from libexpat commit 788bff7a3baad1983b15b17c29e19e1a1a795c48)
* bpo-30694: Upgrade Modules/expat/ to libexpat 2.2.1 (#2300)Victor Stinner2017-06-218-158/+878
| | | New file: Modules/expat/siphash.h.
* bpo-29591: Upgrade Modules/expat to libexpat 2.2 (#2164)Victor Stinner2017-06-1412-472/+521
| | | | | | | | | | | | | | | | | | | | | * bpo-29591: Upgrade Modules/expat to libexpat 2.2 * bpo-29591: Restore Python changes on expat * bpo-29591: Remove expat config of unsupported platforms Remove the configuration (Modules/expat/*config.h) of unsupported platforms: * Amiga * MacOS Classic on PPC32 * Open Watcom * bpo-29591: Remove useless XML_HAS_SET_HASH_SALT The XML_HAS_SET_HASH_SALT define of Modules/expat/expat.h became useless since our local expat copy was upgrade to expat 2.1 (it's now expat 2.2.0).
* revert expat changesBenjamin Peterson2016-09-201-1/+1
|
* merge 3.5 (#28184)Benjamin Peterson2016-09-201-1/+1
|
* sync ordering of stddef.h includes with expat 2.1.1Benjamin Peterson2016-06-142-4/+4
|
* upgrade expt to 2.1.1 (closes #26556)Benjamin Peterson2016-06-113-6/+24
|
* Issue #25523: Correct "a" article to "an" articleMartin Panter2015-11-021-1/+1
| | | | | | This changes the main documentation, doc strings, source code comments, and a couple error messages in the test suite. In some cases the word was removed or edited some other way to fix the grammar.
* merge 3.3 (#19186)Benjamin Peterson2014-02-041-0/+4
|\
| * restore namespacing of pyexpat symbols (closes #19186)Benjamin Peterson2014-02-041-0/+4
| |
* | Load expat_config.h and therefore pyconfig.h before C stdlib headers are loaded.Christian Heimes2013-12-063-10/+10
|/ | | | This silences the pre-processor warning '_POSIX_C_SOURCE redefined'.
* Issue #17047: remove doubled words found in 2.7 to 3.4 Modules/*,Terry Jan Reedy2013-03-111-1/+1
| | | | as reported by Serhiy Storchaka and Matthew Barnett.
* Update the embedded copy of the expat XML parser to 2.1.0. It bringsGregory P. Smith2012-07-1412-258/+374
| | | | | | | | | with it a vareity of bug fixes, both security and behavior. See http://www.libexpat.org/ for the list. NOTE: I already backported the expat hash randomization fix in March. Fixes issue #14340.
* Fixes Issue 14234: fix for the previous commit, keep compilation whenGregory P. Smith2012-03-151-0/+2
| | | | | using --with-system-expat working when the system expat does not have salted hash support.
* Fixes issue #14234: CVE-2012-0876: Randomize hashes of xml attributesGregory P. Smith2012-03-143-59/+128
| | | | | | in the hash table internal to the pyexpat module's copy of the expat library to avoid a denial of service due to hash collisions. Patch by David Malcolm with some modifications by the expat project.
* Merged revisions 84743 via svnmerge fromMatthias Klose2010-09-121-0/+21
| | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ........ r84743 | matthias.klose | 2010-09-12 18:31:58 +0200 (So, 12 Sep 2010) | 3 lines - Issue #9817: Add expat COPYING file; add expat, libffi and expat licenses to Doc/license.rst. ........
* Merged revisions 77682 via svnmerge fromMatthias Klose2010-01-221-0/+3
| | | | | | | | | | | | | | | | | | svn+ssh://pythondev@svn.python.org/python/branches/py3k ................ r77682 | matthias.klose | 2010-01-22 02:10:19 +0100 (Fr, 22 Jan 2010) | 10 lines Merged revisions 77680 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r77680 | matthias.klose | 2010-01-22 01:39:04 +0100 (Fr, 22 Jan 2010) | 3 lines - Expat: Fix DoS via XML document with malformed UTF-8 sequences (CVE_2009_3560). ........ ................
generated by cgit v0.12 at 2025-01-22 00:41:22 (GMT)