Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package expat for openSUSE:Factory checked in at 2025-09-30 17:34:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/expat (Old) and /work/SRC/openSUSE:Factory/.expat.new.11973 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "expat" Tue Sep 30 17:34:20 2025 rev:83 rq:1307863 version:2.7.3 Changes: -------- --- /work/SRC/openSUSE:Factory/expat/expat.changes 2025-09-23 16:05:29.699118052 +0200 +++ /work/SRC/openSUSE:Factory/.expat.new.11973/expat.changes 2025-09-30 17:34:22.669065187 +0200 @@ -1,0 +2,16 @@ +Sat Sep 27 09:21:33 UTC 2025 - Christoph G <[email protected]> + +- version update to 2.7.3 + * Fix alignment of internal allocations for some non-amd64 + architectures (e.g. sparc32); fixes up on the fix to + CVE-2025-59375 (of Expat 2.7.2) + * Fix a class of false positives where input should have been + rejected with error XML_ERROR_ASYNC_ENTITY; regression from + CVE-2024-8176 (of Expat 2.7.0) + * Prove and regression-proof absence of integer overflow + from function expat_realloc + * Remove "harmless" cast that truncated a size_t to unsigned + * xmlwf: Resolve use of functions XML_GetErrorLineNumber + and XML_GetErrorColumnNumber + +------------------------------------------------------------------- Old: ---- expat-2.7.2.tar.xz expat-2.7.2.tar.xz.asc New: ---- expat-2.7.3.tar.xz expat-2.7.3.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ expat.spec ++++++ --- /var/tmp/diff_new_pack.aBudhn/_old 2025-09-30 17:34:26.045208158 +0200 +++ /var/tmp/diff_new_pack.aBudhn/_new 2025-09-30 17:34:26.069209174 +0200 @@ -17,10 +17,10 @@ # -%global unversion 2_7_2 +%global unversion 2_7_3 %define sover 1 Name: expat -Version: 2.7.2 +Version: 2.7.3 Release: 0 Summary: XML Parser Toolkit License: MIT ++++++ expat-2.7.2.tar.xz -> expat-2.7.3.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/CMake.README new/expat-2.7.3/CMake.README --- old/expat-2.7.2/CMake.README 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/CMake.README 2025-09-24 21:20:56.000000000 +0200 @@ -3,25 +3,25 @@ The cmake based buildsystem for expat works on Windows (cygwin, mingw, Visual Studio) and should work on all other platform cmake supports. -Assuming ~/expat-2.7.2 is the source directory of expat, add a subdirectory +Assuming ~/expat-2.7.3 is the source directory of expat, add a subdirectory build and change into that directory: -~/expat-2.7.2$ mkdir build && cd build -~/expat-2.7.2/build$ +~/expat-2.7.3$ mkdir build && cd build +~/expat-2.7.3/build$ From that directory, call cmake first, then call make, make test and make install in the usual way: -~/expat-2.7.2/build$ cmake .. +~/expat-2.7.3/build$ cmake .. -- The C compiler identification is GNU -- The CXX compiler identification is GNU .... -- Configuring done -- Generating done --- Build files have been written to: /home/patrick/expat-2.7.2/build +-- Build files have been written to: /home/patrick/expat-2.7.3/build If you want to specify the install location for your files, append -DCMAKE_INSTALL_PREFIX=/your/install/path to the cmake call. -~/expat-2.7.2/build$ make && make test && make install +~/expat-2.7.3/build$ make && make test && make install Scanning dependencies of target expat [ 5%] Building C object CMakeFiles/expat.dir/lib/xmlparse.c.o [ 11%] Building C object CMakeFiles/expat.dir/lib/xmlrole.c.o diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/CMakeLists.txt new/expat-2.7.3/CMakeLists.txt --- old/expat-2.7.2/CMakeLists.txt 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/CMakeLists.txt 2025-09-24 21:20:56.000000000 +0200 @@ -39,7 +39,7 @@ project(expat VERSION - 2.7.2 + 2.7.3 LANGUAGES C ) @@ -465,7 +465,7 @@ endforeach() set(LIBCURRENT 12) # sync -set(LIBREVISION 0) # with +set(LIBREVISION 1) # with set(LIBAGE 11) # configure.ac! math(EXPR LIBCURRENT_MINUS_AGE "${LIBCURRENT} - ${LIBAGE}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/Changes new/expat-2.7.3/Changes --- old/expat-2.7.2/Changes 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/Changes 2025-09-24 21:20:56.000000000 +0200 @@ -41,6 +41,59 @@ !! THANK YOU! Sebastian Pipping -- Berlin, 2024-03-09 !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! +Release 2.7.3 Wed September 24 2025 + Security fixes: + #1046 #1048 Fix alignment of internal allocations for some non-amd64 + architectures (e.g. sparc32); fixes up on the fix to + CVE-2025-59375 from #1034 (of Expat 2.7.2 and related + backports) + #1059 Fix a class of false positives where input should have been + rejected with error XML_ERROR_ASYNC_ENTITY; regression from + CVE-2024-8176 fix pull request #973 (of Expat 2.7.0 and + related backports). Please check the added unit tests for + example documents. + + Other changes: + #1043 Prove and regression-proof absence of integer overflow + from function expat_realloc + #1062 Remove "harmless" cast that truncated a size_t to unsigned + #1049 Autotools: Remove "ln -s" discovery + #1054 docs: Be consistent with use of floating point around + XML_SetAllocTrackerMaximumAmplification + #1056 docs: Make it explicit that XML_GetCurrentColumnNumber + starts at 0 + #1057 docs: Better integrate the effect of the activation + thresholds + #1058 docs: Fix an in-comment typo in expat.h + #1045 docs: Fix a typo in README.md + #1041 docs: Improve change log of release 2.7.2 + #1053 xmlwf: Resolve use of functions XML_GetErrorLineNumber + and XML_GetErrorColumnNumber + #1032 Windows: Normalize .bat files to CRLF line endings + #1060 #1061 Version info bumped from 12:0:11 (libexpat*.so.1.11.0) + to 12:1:11 (libexpat*.so.1.11.1); see https://verbump.de/ + for what these numbers do + + Infrastructure: + #1047 #1050 CI: Cleanup UndefinedBehaviorSanitizer fatality + #1044 CI|Linux: Stop aborting at first job failure + #1052 CI|FreeBSD: Upgrade to FreeBSD 15.0 + #1039 CI|FreeBSD: Do not install CMake meta-package + + Special thanks to: + Bénédikt Tran + Berkay Eren Ürün + Daniel Engberg + Hanno Böck + Matthew Fernandez + Rolf Eike Beer + Sam James + Tim Bray + and + Clang/GCC UndefinedBehaviorSanitizer + OSS-Fuzz / ClusterFuzz + Z3 Theorem Prover + Release 2.7.2 Tue September 16 2025 Security fixes: #1018 #1034 CVE-2025-59375 -- Disallow use of disproportional amounts of @@ -73,7 +126,7 @@ to the pull request URL could be of help. Other changes: - #1008 #1017 Autotools: Sync CMake templates with CMake 3.31 for macOS + #1008 #1017 Autotools|macOS: Sync CMake templates with CMake 3.31 #1007 CMake: Drop support for CMake <3.15 #1004 CMake: Fix off_t detection for -Werror #1007 CMake|Windows: Fix -DEXPAT_MSVC_STATIC_CRT=ON @@ -89,7 +142,7 @@ #994 docs: Drop AppVeyor badge #1000 tests: Fix portable_strndup #1036 Drop casts around malloc/free/realloc that C99 does not need - #1010 Replace empty for-loops with while loops + #1010 Replace empty for loops with while loops #1011 Add const with internal XmlInitUnknownEncodingNS #14 #1037 Drop an OpenVMS support leftover #999 #1001 Address more clang-tidy warnings @@ -111,6 +164,7 @@ Neil Pang Theo Buehler and + GNU Time OSS-Fuzz / ClusterFuzz Perl XML::Parser diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/README.md new/expat-2.7.3/README.md --- old/expat-2.7.2/README.md 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/README.md 2025-09-24 21:20:56.000000000 +0200 @@ -11,7 +11,7 @@ > at the top of the `Changes` file. -# Expat, Release 2.7.2 +# Expat, Release 2.7.3 This is Expat, a C99 library for parsing [XML 1.0 Fourth Edition](https://www.w3.org/TR/2006/REC-xml-20060816/), started by @@ -120,7 +120,7 @@ FetchContent_Declare( expat GIT_REPOSITORY https://github.com/libexpat/libexpat/ - GIT_TAG 000000000_GIT_COMMIT_SHA1_HERE_000000000 # i.e. Git tag R_0_Y_Z + GIT_TAG 000000000_GIT_COMMIT_SHA1_HERE_000000000 # i.e. Git tag R_X_Y_Z SOURCE_SUBDIR expat/ ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/configure new/expat-2.7.3/configure --- old/expat-2.7.2/configure 2025-09-16 18:09:24.000000000 +0200 +++ new/expat-2.7.3/configure 2025-09-24 21:25:54.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.72 for expat 2.7.2. +# Generated by GNU Autoconf 2.72 for expat 2.7.3. # # Report bugs to <https://github.com/libexpat/libexpat/issues>. # @@ -614,8 +614,8 @@ # Identity of this package. PACKAGE_NAME='expat' PACKAGE_TARNAME='expat' -PACKAGE_VERSION='2.7.2' -PACKAGE_STRING='expat 2.7.2' +PACKAGE_VERSION='2.7.3' +PACKAGE_STRING='expat 2.7.3' PACKAGE_BUGREPORT='https://github.com/libexpat/libexpat/issues' PACKAGE_URL='' @@ -719,6 +719,7 @@ MANIFEST_TOOL RANLIB FILECMD +LN_S NM ac_ct_DUMPBIN DUMPBIN @@ -731,7 +732,6 @@ OBJDUMP DLLTOOL AS -LN_S am__fastdepCC_FALSE am__fastdepCC_TRUE CCDEPMODE @@ -1421,7 +1421,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -'configure' configures expat 2.7.2 to adapt to many kinds of systems. +'configure' configures expat 2.7.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1492,7 +1492,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of expat 2.7.2:";; + short | recursive ) echo "Configuration of expat 2.7.3:";; esac cat <<\_ACEOF @@ -1629,7 +1629,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -expat configure 2.7.2 +expat configure 2.7.3 generated by GNU Autoconf 2.72 Copyright (C) 2023 Free Software Foundation, Inc. @@ -2278,7 +2278,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by expat $as_me 2.7.2, which was +It was created by expat $as_me 2.7.3, which was generated by GNU Autoconf 2.72. Invocation command line was $ $0$ac_configure_args_raw @@ -4055,7 +4055,7 @@ # Define the identity of the package. PACKAGE='expat' - VERSION='2.7.2' + VERSION='2.7.3' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -4273,7 +4273,7 @@ LIBCURRENT=12 # sync -LIBREVISION=0 # with +LIBREVISION=1 # with LIBAGE=11 # CMakeLists.txt! ac_config_headers="$ac_config_headers expat_config.h" @@ -5755,17 +5755,6 @@ esac -{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 -printf %s "checking whether ln -s works... " >&6; } -LN_S=$as_ln_s -if test "$LN_S" = "ln -s"; then - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 -printf "%s\n" "yes" >&6; } -else - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 -printf "%s\n" "no, using $LN_S" >&6; } -fi - { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 printf %s "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } set x ${MAKE-make} @@ -6569,6 +6558,17 @@ { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 printf "%s\n" "$lt_cv_nm_interface" >&6; } +{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +printf %s "checking whether ln -s works... " >&6; } +LN_S=$as_ln_s +if test "$LN_S" = "ln -s"; then + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +printf "%s\n" "yes" >&6; } +else + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +printf "%s\n" "no, using $LN_S" >&6; } +fi + # find the maximum length of command line arguments { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 printf %s "checking the maximum length of command line arguments... " >&6; } @@ -22709,7 +22709,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by expat $as_me 2.7.2, which was +This file was extended by expat $as_me 2.7.3, which was generated by GNU Autoconf 2.72. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -22777,7 +22777,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -expat config.status 2.7.2 +expat config.status 2.7.3 configured by $0, generated by GNU Autoconf 2.72, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/configure.ac new/expat-2.7.3/configure.ac --- old/expat-2.7.2/configure.ac 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/configure.ac 2025-09-24 21:20:56.000000000 +0200 @@ -24,6 +24,7 @@ dnl Copyright (c) 2020 Jeffrey Walton <[email protected]> dnl Copyright (c) 2024 Ferenc Géczi <[email protected]> dnl Copyright (c) 2024 Dag-Erling Smørgrav <[email protected]> +dnl Copyright (c) 2025 Matthew Fernandez <[email protected]> dnl Licensed under the MIT license: dnl dnl Permission is hereby granted, free of charge, to any person obtaining @@ -85,7 +86,7 @@ dnl LIBCURRENT=12 # sync -LIBREVISION=0 # with +LIBREVISION=1 # with LIBAGE=11 # CMakeLists.txt! AC_CONFIG_HEADERS([expat_config.h]) @@ -95,7 +96,6 @@ AM_PROG_AR AC_PROG_INSTALL -AC_PROG_LN_S AC_PROG_MAKE_SET LT_PREREQ([2.4]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/doc/reference.html new/expat-2.7.3/doc/reference.html --- old/expat-2.7.2/doc/reference.html 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/doc/reference.html 2025-09-24 21:20:56.000000000 +0200 @@ -52,7 +52,7 @@ <div> <h1> The Expat XML Parser - <small>Release 2.7.2</small> + <small>Release 2.7.3</small> </h1> </div> <div class="content"> @@ -2137,8 +2137,8 @@ XML_GetCurrentColumnNumber(XML_Parser p); </pre> <div class="fcndef"> -Return the offset, from the beginning of the current line, of -the position. +Return the <em>offset</em>, from the beginning of the current line, of +the position. The first column is reported as <code>0</code>. </div> <h4 id="XML_GetCurrentByteCount">XML_GetCurrentByteCount</h4> @@ -2200,7 +2200,10 @@ returns <code>XML_TRUE</code> upon success and <code>XML_FALSE</code> upon error. </p> - <p>The amplification factor is calculated as ..</p> + <p> + Once the <a href="#XML_SetBillionLaughsAttackProtectionActivationThreshold">threshold for activation</a> is reached, + the amplification factor is calculated as .. + </p> <pre>amplification := (direct + indirect) / direct</pre> <p> .. while parsing, whereas @@ -2317,7 +2320,10 @@ </li> </ul> - <p>The amplification factor is calculated as ..</p> + <p> + Once the <a href="#XML_SetAllocTrackerActivationThreshold">threshold for activation</a> is reached, + the amplification factor is calculated as .. + </p> <pre>amplification := allocated / direct</pre> <p> .. while parsing, whereas @@ -2339,7 +2345,7 @@ <p> <strong>Note:</strong> - Amplifications factors greater than 100 can been observed near the start of parsing + Amplifications factors greater than <code>100.0</code> can been observed near the start of parsing even with benign files in practice. So if you do reduce the maximum allowed amplification, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/doc/xmlwf.1 new/expat-2.7.3/doc/xmlwf.1 --- old/expat-2.7.2/doc/xmlwf.1 2025-09-16 18:09:32.000000000 +0200 +++ new/expat-2.7.3/doc/xmlwf.1 2025-09-24 21:26:01.000000000 +0200 @@ -5,7 +5,7 @@ \\$2 \(la\\$1\(ra\\$3 .. .if \n(.g .mso www.tmac -.TH XMLWF 1 "September 16, 2025" "" "" +.TH XMLWF 1 "September 24, 2025" "" "" .SH NAME xmlwf \- Determines if an XML document is well-formed .SH SYNOPSIS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/doc/xmlwf.xml new/expat-2.7.3/doc/xmlwf.xml --- old/expat-2.7.2/doc/xmlwf.xml 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/doc/xmlwf.xml 2025-09-24 21:20:56.000000000 +0200 @@ -21,7 +21,7 @@ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"; [ <!ENTITY dhfirstname "<firstname>Scott</firstname>"> <!ENTITY dhsurname "<surname>Bronson</surname>"> - <!ENTITY dhdate "<date>September 16, 2025</date>"> + <!ENTITY dhdate "<date>September 24, 2025</date>"> <!-- Please adjust this^^ date whenever cutting a new release. --> <!ENTITY dhsection "<manvolnum>1</manvolnum>"> <!ENTITY dhemail "<email>[email protected]</email>"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/expat_config.h new/expat-2.7.3/expat_config.h --- old/expat-2.7.2/expat_config.h 2025-09-16 18:09:31.000000000 +0200 +++ new/expat-2.7.3/expat_config.h 2025-09-24 21:26:00.000000000 +0200 @@ -83,7 +83,7 @@ #define PACKAGE_NAME "expat" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "expat 2.7.2" +#define PACKAGE_STRING "expat 2.7.3" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "expat" @@ -92,7 +92,7 @@ #define PACKAGE_URL "" /* Define to the version of this package. */ -#define PACKAGE_VERSION "2.7.2" +#define PACKAGE_VERSION "2.7.3" /* Define to 1 if all of the C89 standard headers exist (not just the ones required in a freestanding environment). This macro is provided for @@ -100,7 +100,7 @@ #define STDC_HEADERS 1 /* Version number of package */ -#define VERSION "2.7.2" +#define VERSION "2.7.3" /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most significant byte first (like Motorola and SPARC, unlike Intel). */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/lib/expat.h new/expat-2.7.3/lib/expat.h --- old/expat-2.7.2/lib/expat.h 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/lib/expat.h 2025-09-24 21:20:56.000000000 +0200 @@ -19,6 +19,7 @@ Copyright (c) 2023 Hanno Böck <[email protected]> Copyright (c) 2023 Sony Corporation / Snild Dolkow <[email protected]> Copyright (c) 2024 Taichi Haradaguchi <[email protected]> + Copyright (c) 2025 Matthew Fernandez <[email protected]> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -276,7 +277,7 @@ /* Prepare a parser object to be reused. This is particularly valuable when memory allocation overhead is disproportionately high, - such as when a large number of small documnents need to be parsed. + such as when a large number of small documents need to be parsed. All handlers are cleared from the parser, except for the unknownEncodingHandler. The parser's external state is re-initialized except for the values of ns and ns_triplets. @@ -1081,7 +1082,7 @@ */ # define XML_MAJOR_VERSION 2 # define XML_MINOR_VERSION 7 -# define XML_MICRO_VERSION 2 +# define XML_MICRO_VERSION 3 # ifdef __cplusplus } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/lib/internal.h new/expat-2.7.3/lib/internal.h --- old/expat-2.7.2/lib/internal.h 2025-09-16 00:40:43.000000000 +0200 +++ new/expat-2.7.3/lib/internal.h 2025-09-24 17:05:25.000000000 +0200 @@ -108,6 +108,7 @@ #endif #include <limits.h> // ULONG_MAX +#include <stddef.h> // size_t #if defined(_WIN32) \ && (! defined(__USE_MINGW_ANSI_STDIO) \ @@ -153,6 +154,11 @@ #define EXPAT_ALLOC_TRACKER_ACTIVATION_THRESHOLD_DEFAULT \ 67108864 // 64 MiB, 2^26 +// NOTE: If function expat_alloc was user facing, EXPAT_MALLOC_ALIGNMENT would +// have to take sizeof(long double) into account +#define EXPAT_MALLOC_ALIGNMENT sizeof(long long) // largest parser (sub)member +#define EXPAT_MALLOC_PADDING ((EXPAT_MALLOC_ALIGNMENT) - sizeof(size_t)) + /* NOTE END */ #include "expat.h" // so we can use type XML_Parser below diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/lib/xmlparse.c new/expat-2.7.3/lib/xmlparse.c --- old/expat-2.7.2/lib/xmlparse.c 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/lib/xmlparse.c 2025-09-24 21:20:56.000000000 +0200 @@ -1,4 +1,4 @@ -/* 60e137abb91af642d6c3988f8f133d23329b32638659c74d47125fc0faf6ddd5 (2.7.2+) +/* 28bcd8b1ba7eb595d82822908257fd9c3589b4243e3c922d0369f35bfcd7b506 (2.7.3+) __ __ _ ___\ \/ /_ __ __ _| |_ / _ \\ /| '_ \ / _` | __| @@ -41,6 +41,7 @@ Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <[email protected]> Copyright (c) 2024-2025 Berkay Eren Ürün <[email protected]> Copyright (c) 2024 Hanno Böck <[email protected]> + Copyright (c) 2025 Matthew Fernandez <[email protected]> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining @@ -850,14 +851,14 @@ # endif expat_malloc(XML_Parser parser, size_t size, int sourceLine) { // Detect integer overflow - if (SIZE_MAX - size < sizeof(size_t)) { + if (SIZE_MAX - size < sizeof(size_t) + EXPAT_MALLOC_PADDING) { return NULL; } const XML_Parser rootParser = getRootParserOf(parser, NULL); assert(rootParser->m_parentParser == NULL); - const size_t bytesToAllocate = sizeof(size_t) + size; + const size_t bytesToAllocate = sizeof(size_t) + EXPAT_MALLOC_PADDING + size; if ((XmlBigCount)-1 - rootParser->m_alloc_tracker.bytesAllocated < bytesToAllocate) { @@ -894,7 +895,7 @@ rootParser->m_alloc_tracker.peakBytesAllocated, sourceLine); } - return (char *)mallocedPtr + sizeof(size_t); + return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING; } # if defined(XML_TESTING) @@ -914,8 +915,9 @@ // Extract size (to the eyes of malloc_fcn/realloc_fcn) and // the original pointer returned by malloc/realloc - void *const mallocedPtr = (char *)ptr - sizeof(size_t); - const size_t bytesAllocated = sizeof(size_t) + *(size_t *)mallocedPtr; + void *const mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t); + const size_t bytesAllocated + = sizeof(size_t) + EXPAT_MALLOC_PADDING + *(size_t *)mallocedPtr; // Update accounting assert(rootParser->m_alloc_tracker.bytesAllocated >= bytesAllocated); @@ -954,7 +956,7 @@ // Extract original size (to the eyes of the caller) and the original // pointer returned by malloc/realloc - void *mallocedPtr = (char *)ptr - sizeof(size_t); + void *mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t); const size_t prevSize = *(size_t *)mallocedPtr; // Classify upcoming change @@ -969,8 +971,13 @@ } } + // NOTE: Integer overflow detection has already been done for us + // by expat_heap_increase_tolerable(..) above + assert(SIZE_MAX - sizeof(size_t) - EXPAT_MALLOC_PADDING >= size); + // Actually allocate - mallocedPtr = parser->m_mem.realloc_fcn(mallocedPtr, sizeof(size_t) + size); + mallocedPtr = parser->m_mem.realloc_fcn( + mallocedPtr, sizeof(size_t) + EXPAT_MALLOC_PADDING + size); if (mallocedPtr == NULL) { return NULL; @@ -1001,7 +1008,7 @@ // Update in-block recorded size *(size_t *)mallocedPtr = size; - return (char *)mallocedPtr + sizeof(size_t); + return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING; } #endif // XML_GE == 1 @@ -1337,7 +1344,8 @@ XML_Parser parser = NULL; #if XML_GE == 1 - const size_t increase = sizeof(size_t) + sizeof(struct XML_ParserStruct); + const size_t increase + = sizeof(size_t) + EXPAT_MALLOC_PADDING + sizeof(struct XML_ParserStruct); if (parentParser != NULL) { const XML_Parser rootParser = getRootParserOf(parentParser, NULL); @@ -1352,11 +1360,13 @@ if (memsuite) { XML_Memory_Handling_Suite *mtemp; #if XML_GE == 1 - void *const sizeAndParser = memsuite->malloc_fcn( - sizeof(size_t) + sizeof(struct XML_ParserStruct)); + void *const sizeAndParser + = memsuite->malloc_fcn(sizeof(size_t) + EXPAT_MALLOC_PADDING + + sizeof(struct XML_ParserStruct)); if (sizeAndParser != NULL) { *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct); - parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)); + parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t) + + EXPAT_MALLOC_PADDING); #else parser = memsuite->malloc_fcn(sizeof(struct XML_ParserStruct)); if (parser != NULL) { @@ -1369,11 +1379,12 @@ } else { XML_Memory_Handling_Suite *mtemp; #if XML_GE == 1 - void *const sizeAndParser - = malloc(sizeof(size_t) + sizeof(struct XML_ParserStruct)); + void *const sizeAndParser = malloc(sizeof(size_t) + EXPAT_MALLOC_PADDING + + sizeof(struct XML_ParserStruct)); if (sizeAndParser != NULL) { *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct); - parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)); + parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t) + + EXPAT_MALLOC_PADDING); #else parser = malloc(sizeof(struct XML_ParserStruct)); if (parser != NULL) { @@ -6437,6 +6448,10 @@ // process its possible inner entities (which are added to the // m_openInternalEntities during doProlog or doContent calls above) entity->hasMore = XML_FALSE; + if (! entity->is_param + && (openEntity->startTagLevel != parser->m_tagLevel)) { + return XML_ERROR_ASYNC_ENTITY; + } triggerReenter(parser); return result; } // End of entity processing, "if" block will return here @@ -8135,7 +8150,7 @@ if (bytesToAllocate == 0) return XML_FALSE; - temp = REALLOC(pool->parser, pool->blocks, (unsigned)bytesToAllocate); + temp = REALLOC(pool->parser, pool->blocks, bytesToAllocate); if (temp == NULL) return XML_FALSE; pool->blocks = temp; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/lib/xmlrole.h new/expat-2.7.3/lib/xmlrole.h --- old/expat-2.7.2/lib/xmlrole.h 2025-09-16 15:43:00.000000000 +0200 +++ new/expat-2.7.3/lib/xmlrole.h 2025-09-24 21:20:56.000000000 +0200 @@ -10,7 +10,7 @@ Copyright (c) 2000 Clark Cooper <[email protected]> Copyright (c) 2002 Karl Waclawek <[email protected]> Copyright (c) 2002 Fred L. Drake, Jr. <[email protected]> - Copyright (c) 2017-2024 Sebastian Pipping <[email protected]> + Copyright (c) 2017-2025 Sebastian Pipping <[email protected]> Licensed under the MIT license: Permission is hereby granted, free of charge, to any person obtaining diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/tests/alloc_tests.c new/expat-2.7.3/tests/alloc_tests.c --- old/expat-2.7.2/tests/alloc_tests.c 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/tests/alloc_tests.c 2025-09-24 17:05:27.000000000 +0200 @@ -2091,6 +2091,13 @@ } END_TEST +#if XML_GE == 1 +static size_t +sizeRecordedFor(void *ptr) { + return *(size_t *)((char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t)); +} +#endif // XML_GE == 1 + START_TEST(test_alloc_tracker_size_recorded) { XML_Memory_Handling_Suite memsuite = {malloc, realloc, free}; @@ -2106,16 +2113,16 @@ void *ptr = expat_malloc(parser, 10, -1); assert_true(ptr != NULL); - assert_true(*((size_t *)ptr - 1) == 10); + assert_true(sizeRecordedFor(ptr) == 10); assert_true(expat_realloc(parser, ptr, SIZE_MAX / 2, -1) == NULL); - assert_true(*((size_t *)ptr - 1) == 10); // i.e. unchanged + assert_true(sizeRecordedFor(ptr) == 10); // i.e. unchanged ptr = expat_realloc(parser, ptr, 20, -1); assert_true(ptr != NULL); - assert_true(*((size_t *)ptr - 1) == 20); + assert_true(sizeRecordedFor(ptr) == 20); expat_free(parser, ptr, -1); #endif @@ -2125,6 +2132,22 @@ } END_TEST +START_TEST(test_alloc_tracker_pointer_alignment) { + XML_Parser parser = XML_ParserCreate(NULL); +#if XML_GE == 1 + assert_true(sizeof(long long) >= sizeof(size_t)); // self-test + long long *const ptr + = (long long *)expat_malloc(parser, 4 * sizeof(long long), -1); + ptr[0] = 0LL; + ptr[1] = 1LL; + ptr[2] = 2LL; + ptr[3] = 3LL; + expat_free(parser, ptr, -1); +#endif + XML_ParserFree(parser); +} +END_TEST + START_TEST(test_alloc_tracker_maximum_amplification) { if (g_reparseDeferralEnabledDefault == XML_TRUE) { return; @@ -2355,14 +2378,13 @@ tcase_add_test__ifdef_xml_dtd( tc_alloc, test_alloc_reset_after_external_entity_parser_create_fail); - tcase_add_test__ifdef_xml_dtd(tc_alloc, test_alloc_tracker_size_recorded); - tcase_add_test__ifdef_xml_dtd(tc_alloc, - test_alloc_tracker_maximum_amplification); - tcase_add_test__ifdef_xml_dtd(tc_alloc, test_alloc_tracker_threshold); - tcase_add_test__ifdef_xml_dtd(tc_alloc, - test_alloc_tracker_getbuffer_unlimited); - tcase_add_test__ifdef_xml_dtd(tc_alloc, test_alloc_tracker_api); + tcase_add_test__if_xml_ge(tc_alloc, test_alloc_tracker_size_recorded); + tcase_add_test__if_xml_ge(tc_alloc, test_alloc_tracker_pointer_alignment); + tcase_add_test__if_xml_ge(tc_alloc, test_alloc_tracker_maximum_amplification); + tcase_add_test__if_xml_ge(tc_alloc, test_alloc_tracker_threshold); + tcase_add_test__if_xml_ge(tc_alloc, test_alloc_tracker_getbuffer_unlimited); + tcase_add_test__if_xml_ge(tc_alloc, test_alloc_tracker_api); tcase_add_test(tc_alloc, test_mem_api_cycle); - tcase_add_test__ifdef_xml_dtd(tc_alloc, test_mem_api_unlimited); + tcase_add_test__if_xml_ge(tc_alloc, test_mem_api_unlimited); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/tests/misc_tests.c new/expat-2.7.3/tests/misc_tests.c --- old/expat-2.7.2/tests/misc_tests.c 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/tests/misc_tests.c 2025-09-24 21:20:56.000000000 +0200 @@ -211,7 +211,7 @@ if (! versions_equal(&read_version, &parsed_version)) fail("Version mismatch"); - if (xcstrcmp(version_text, XCS("expat_2.7.2")) + if (xcstrcmp(version_text, XCS("expat_2.7.3")) != 0) /* needs bump on releases */ fail("XML_*_VERSION in expat.h out of sync?\n"); } @@ -679,6 +679,98 @@ } END_TEST +START_TEST(test_misc_sync_entity_tolerated) { + const char *const doc = "<!DOCTYPE t0 [\n" + " <!ENTITY a '<t1></t1>'>\n" + " <!ENTITY b '<t2>two</t2>'>\n" + " <!ENTITY c '<t3>three<t4>four</t4>three</t3>'>\n" + " <!ENTITY d '<t5>&b;</t5>'>\n" + "]>\n" + "<t0>&a;&b;&c;&d;</t0>\n"; + XML_Parser parser = XML_ParserCreate(NULL); + + assert_true(_XML_Parse_SINGLE_BYTES(parser, doc, (int)strlen(doc), + /*isFinal=*/XML_TRUE) + == XML_STATUS_OK); + + XML_ParserFree(parser); +} +END_TEST + +START_TEST(test_misc_async_entity_rejected) { + struct test_case { + const char *doc; + enum XML_Status expectedStatusNoGE; + enum XML_Error expectedErrorNoGE; + XML_Size expectedErrorLine; + XML_Size expectedErrorColumn; + }; + const struct test_case cases[] = { + // Opened by one entity, closed by another + {"<!DOCTYPE t0 [\n" + " <!ENTITY open '<t1>'>\n" + " <!ENTITY close '</t1>'>\n" + "]>\n" + "<t0>&open;&close;</t0>\n", + XML_STATUS_OK, XML_ERROR_NONE, 5, 4}, + // Opened by tag, closed by entity (non-root case) + {"<!DOCTYPE t0 [\n" + " <!ENTITY g0 ''>\n" + " <!ENTITY g1 '&g0;</t1>'>\n" + "]>\n" + "<t0><t1>&g1;</t0>\n", + XML_STATUS_ERROR, XML_ERROR_TAG_MISMATCH, 5, 8}, + // Opened by tag, closed by entity (root case) + {"<!DOCTYPE t0 [\n" + " <!ENTITY g0 ''>\n" + " <!ENTITY g1 '&g0;</t0>'>\n" + "]>\n" + "<t0>&g1;\n", + XML_STATUS_ERROR, XML_ERROR_NO_ELEMENTS, 5, 4}, + // Opened by entity, closed by tag <-- regression from 2.7.0 + {"<!DOCTYPE t0 [\n" + " <!ENTITY g0 ''>\n" + " <!ENTITY g1 '<t1>&g0;'>\n" + "]>\n" + "<t0>&g1;</t1></t0>\n", + XML_STATUS_ERROR, XML_ERROR_TAG_MISMATCH, 5, 4}, + // Opened by tag, closed by entity; then the other way around + {"<!DOCTYPE t0 [\n" + " <!ENTITY open '<t1>'>\n" + " <!ENTITY close '</t1>'>\n" + "]>\n" + "<t0><t1>&close;&open;</t1></t0>\n", + XML_STATUS_OK, XML_ERROR_NONE, 5, 8}, + }; + + for (size_t i = 0; i < sizeof(cases) / sizeof(cases[0]); i++) { + const struct test_case testCase = cases[i]; + set_subtest("cases[%d]", (int)i); + + const char *const doc = testCase.doc; +#if XML_GE == 1 + const enum XML_Status expectedStatus = XML_STATUS_ERROR; + const enum XML_Error expectedError = XML_ERROR_ASYNC_ENTITY; +#else + const enum XML_Status expectedStatus = testCase.expectedStatusNoGE; + const enum XML_Error expectedError = testCase.expectedErrorNoGE; +#endif + + XML_Parser parser = XML_ParserCreate(NULL); + assert_true(_XML_Parse_SINGLE_BYTES(parser, doc, (int)strlen(doc), + /*isFinal=*/XML_TRUE) + == expectedStatus); + assert_true(XML_GetErrorCode(parser) == expectedError); +#if XML_GE == 1 + assert_true(XML_GetCurrentLineNumber(parser) == testCase.expectedErrorLine); + assert_true(XML_GetCurrentColumnNumber(parser) + == testCase.expectedErrorColumn); +#endif + XML_ParserFree(parser); + } +} +END_TEST + void make_miscellaneous_test_case(Suite *s) { TCase *tc_misc = tcase_create("miscellaneous tests"); @@ -707,4 +799,6 @@ tcase_add_test(tc_misc, test_misc_stopparser_rejects_unstarted_parser); tcase_add_test__if_xml_ge(tc_misc, test_renter_loop_finite_content); tcase_add_test(tc_misc, test_misc_expected_event_ptr_issue_980); + tcase_add_test(tc_misc, test_misc_sync_entity_tolerated); + tcase_add_test(tc_misc, test_misc_async_entity_rejected); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/win32/expat.iss new/expat-2.7.3/win32/expat.iss --- old/expat-2.7.2/win32/expat.iss 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/win32/expat.iss 2025-09-24 21:20:56.000000000 +0200 @@ -38,7 +38,7 @@ ; OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE ; USE OR OTHER DEALINGS IN THE SOFTWARE. -#define expatVer "2.7.2" +#define expatVer "2.7.3" [Setup] AppName=Expat diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/expat-2.7.2/xmlwf/xmlfile.c new/expat-2.7.3/xmlwf/xmlfile.c --- old/expat-2.7.2/xmlwf/xmlfile.c 2025-09-16 17:45:09.000000000 +0200 +++ new/expat-2.7.3/xmlwf/xmlfile.c 2025-09-24 17:05:29.000000000 +0200 @@ -96,8 +96,8 @@ ftprintf(stdout, T("%s") T(":%") T(XML_FMT_INT_MOD) T("u") T(":%") T(XML_FMT_INT_MOD) T("u") T(": %s\n"), - filename, XML_GetErrorLineNumber(parser), - XML_GetErrorColumnNumber(parser), message); + filename, XML_GetCurrentLineNumber(parser), + XML_GetCurrentColumnNumber(parser), message); else ftprintf(stderr, T("%s: (unknown message %u)\n"), filename, (unsigned int)code);
