Yes, I will update chromium with this as per
https://cs.chromium.org/chromium/src/third_party/libxml/chromium/roll.py
On Thu, Nov 9, 2017 at 10:35 AM, Jungshik Shin (신정식, 申政湜) <
js...@chromium.org> wrote:
> Thank you, Joel and Nick !
>
> Joel: I guess you're gonna roll libxml in the Chromium
Thanks Nick. Nice work with the test.
On Sun, Nov 5, 2017 at 2:04 AM, Nick Wellnhofer wrote:
> On 26/10/2017 03:17, Joel Hockey wrote:
>
>> I've updated the patch using git format-patch.
>>
>
> Thanks for the updated patch. Applied here: https://git.gnome.org/browse/l
>
On 26/10/2017 03:17, Joel Hockey wrote:
I've updated the patch using git format-patch.
Thanks for the updated patch. Applied here:
https://git.gnome.org/browse/libxml2/commit/?id=0b19f236a263a7b0acacd4ea84dc7237303ee3d9
The original bug found by fuzzer only relates to UTF8 decoding, so
Nick, how does that updated patch look? Are you happy to take it?
On Thu, Oct 26, 2017 at 10:03 PM, Joel Hockey
wrote:
>
>> Does libxml treat 'UTF8' (without dash/hyphen) as UTF-8 ? If not, 'UTF8'
>> can be used for both ICU and iconv.
>>
>
> Yes.
>
>
> Does libxml treat 'UTF8' (without dash/hyphen) as UTF-8 ? If not, 'UTF8'
> can be used for both ICU and iconv.
>
Yes.
https://cs.chromium.org/chromium/src/third_party/libxml/src/parser.c?l=10329=b54509c3db126e5a3ed9b84fa70df1f821b1fd3e
___
xml
I've updated the patch using git format-patch.
* reverted public interface xmlCharEncInFunc. It now calls
xmlEncInputChunk with flush=1 on all calls as suggested.
Always setting flush=TRUE here makes sense since this is a one-shot
conversion of the entire buffer.
* Moved the pivot buf reset to
On 25/10/2017 17:40, Markus Scherer wrote:
On Wed, Oct 25, 2017 at 4:02 AM, Nick Wellnhofer
On 25/10/2017 10:32, Joel Hockey wrote:
This patch fixes those issues.
Looks good.
The patch changes public function xmlCharEncInFunc but this function isn't
used internally anymore (since commit a78d8036 from 2012). It might still be
used in client code that wants to use libxml2's
Hi,
The chromium team have recently detected a fuzz-testing bug in libxml / ICU
where UTF8 chars can be decoded incorrectly. See http://crbug.com/722420.
The root cause of this problem is that libxml is calling ICU ucnv_convertEx
with incorrect params. It is always setting flush to TRUE. This