Commit Graph

29 Commits

Author SHA1 Message Date
Gregory P. Smith a5df290e06 Update the embedded copy of the expat XML parser to 2.1.0. It brings
with it a vareity of bug fixes, both security and behavior.  See
http://www.libexpat.org/ for the list.

NOTE: I already backported the expat hash randomization fix in March.

Fixes issue #14340.
2012-07-14 14:12:35 -07:00
Gregory P. Smith c10f5c2828 Fixes Issue 14234: fix for the previous commit, keep compilation when
using --with-system-expat working when the system expat does not have
salted hash support.
2012-03-14 18:12:23 -07:00
Gregory P. Smith c8ff46032f Fixes Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes
in the hash table internal to the pyexpat module's copy of the expat
library to avoid a denial of service due to hash collisions.
Patch by David Malcolm with some modifications by the expat project.
2012-03-14 15:28:10 -07:00
Matthias Klose 3e8230d50c Merged revisions 84743 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/branches/py3k

........
  r84743 | matthias.klose | 2010-09-12 18:31:58 +0200 (So, 12 Sep 2010) | 3 lines

  - Issue #9817: Add expat COPYING file; add expat, libffi and expat licenses
    to Doc/license.rst.
........
2010-09-12 16:51:29 +00:00
Matthias Klose 0d948ac90c - Expat: Fix DoS via XML document with malformed UTF-8 sequences
(CVE_2009_3560).
2010-01-22 00:39:04 +00:00
Brett Cannon 764465f315 Expat could crash if given the wrong kind of input by never stopping its
tokenizing step.

Thanks to Ivan Krstić for the patch.
2009-08-13 19:27:12 +00:00
Neal Norwitz 26a8abf1f4 Handle failures from lookup.
Klocwork 341-342
2006-08-13 18:12:26 +00:00
Fred Drake 24a0f41d83 - back out Expat change; the final fix to Expat will be different
- change the pyexpat wrapper to not be so sensitive to this detail of the
  Expat implementation (the ex-crasher test still passes)
2006-07-06 05:13:22 +00:00
Fred Drake 6ffe499397 SF bug #1296433 (Expat bug #1515266): Unchecked calls to character data
handler would cause a segfault.  This merges in Expat's lib/xmlparse.c
revisions 1.154 and 1.155, which fix this and a closely related problem
(the later does not affect Python).

Moved the crasher test to the tests for xml.parsers.expat.
2006-07-01 16:28:20 +00:00
Trent Mick 624af829a7 [ 1295808 ] expat symbols should be namespaced in pyexpat
(http://python.org/sf/1295808)
2006-06-19 23:57:41 +00:00
Trent Mick f08d663a2f Upgrade pyexpat to expat 2.0.0 (http://python.org/sf/1462338). 2006-06-19 23:21:25 +00:00
Neal Norwitz 9652baaf44 Fix breakage from patch 1471883 (r45800 & r45808) on OSF/1.
The problem was that pyconfig.h was being included before some system headers
which caused redefinitions and other breakage.  This moves system headers
after expat_config.h which includes pyconfig.h.
2006-05-02 07:27:47 +00:00
Martin v. Löwis b75d43d374 Further changes for #1471883: Edit Misc/NEWS, and
add expat_config.h.
2006-04-29 12:37:25 +00:00
Georg Brandl e810fe2ca4 Remove two instances of trailing commas. Resolves patch #1209781. 2006-02-19 15:28:47 +00:00
Neal Norwitz 52ca0dd712 Fix icc warnings: using wrong enum type 2006-01-07 21:21:16 +00:00
Fred Drake 31d485c0f5 update to Expat 1.95.8 2004-08-03 07:06:22 +00:00
Skip Montanaro 7befb9966e remove support for missing ANSI C header files (limits.h, stddef.h, etc). 2004-02-10 16:50:21 +00:00
Fred Drake 08317aefef Update to Expat 1.95.7; there are no changes to the Expat sources. 2003-10-21 15:38:55 +00:00
Fred Drake dab8b0ad99 Integrate the patch from expat.h 1.51; needed for some C compilers.
Closes SF bug #680797.
2003-02-07 02:15:56 +00:00
Fred Drake 4faea015f7 Update to the final version released as Expat 1.95.6 (maintaining
Martin's integration changes).
2003-01-28 06:42:40 +00:00
Martin v. Löwis c35d199404 Undo inclusion of Python.h. Remove HAVE_MEMCPY section.
Update Windows command line.
2003-01-26 08:40:50 +00:00
Martin v. Löwis 94ac339d21 Uncomment usage of expat_config.h 2003-01-25 22:48:51 +00:00
Martin v. Löwis fc03a94aac Incorporate Expat 1.95.6. 2003-01-25 22:41:29 +00:00
Fred Drake f042db6a94 Remove RCSId; this produces annoying warnings.
This is already removed from Expat 1.95.4, so the problem will not
recur when we update.
2002-07-17 14:45:33 +00:00
Martin v. Löwis 000e37c3c4 Patch #551011: Fix compilation problems with Cygwin. 2002-05-08 07:16:37 +00:00
Martin v. Löwis 8fef47be5f Define VERSION in expat.h. 2002-02-13 07:47:16 +00:00
Martin v. Löwis b48d198c12 "Generate" from expat.h.in, for 1.95.2. 2002-02-12 09:52:22 +00:00
Martin v. Löwis 481f68aaa6 Disable usage of Expat's config.h. 2002-02-11 23:16:32 +00:00
Martin v. Löwis 1dbb1caf86 Initial revision 2002-02-11 23:13:04 +00:00