I wrote: > Diff'ing xml.out and xml_2.out, I see the differences are omissions > of input fragments in some error reports, eg: > ... > I wonder if anyone's ever looked into exactly why that happens and > whether we could do something to restore the missing context.
The commit that added xml_2.out said: commit 085423e3e326da1b52f41aa86126f2a064a7db25 Author: Tom Lane <[email protected]> Date: Fri Dec 11 19:08:40 2015 -0500 Add an expected-file to match behavior of latest libxml2. Recent releases of libxml2 do not provide error context reports for errors detected at the very end of the input string. This appears to be a bug, or at least an infelicity, introduced by the fix for libxml2's CVE-2015-7499. We can hope that this behavioral change will get undone before too long; but the security patch is likely to spread a lot faster/further than any follow-on cleanup, which means this behavior is likely to be present in the wild for some time to come. As a stopgap, add a variant regression test expected-file that matches what you get with a libxml2 that acts this way. It's kind of sad that this issue is still present in the wild ten years later. But anyway, I wonder if we could dodge the issue simply by modifying these error-provoking cases to have some whitespace at the end of the XML input? I don't think I have a problematic version of libxml2 to test that with, though. regards, tom lane
