In C, if expressions should be parenthesized.
PyLong_Check, PyUnicode_Check etc. happened to expand to a parenthesized
expression before, but that's not API to rely on.

Since Python 3.9.0a4 it needs to be parenthesized explicitly.

Fixes #149

Resolves #133.

The GitLab runner doesn't run in privileged mode anymore [1], at least
for projects outside the GNOME group. Disable LeakSanitizer for now
as it needs the ptrace capability.

[1] Infrastructure/Infrastructure#251

The getEntity handler was already invoked by xmlParseReference, so it's
useless to call it again. After the recent change, xmlSAX2GetEntity
won't load any kind of entities anyway.

Despite the comment, I can't see a reason why external entities must be
loaded in the SAX handler. For external entities, the handler is
typically first invoked via xmlParseReference which will later load the
entity on its own if it wasn't loaded yet.

The old code also lead to duplicated SAX events which makes it
basically impossible to reuse xmlSAX2GetEntity for a custom SAX parser.
See the change to the expected test output.

Note that xmlSAX2GetEntity was loading the entity via
xmlParseCtxtExternalEntity while xmlParseReference uses
xmlParseExternalEntityPrivate. In the previous commit, the two
functions were merged, trying to compensate for some slight differences
between the two mostly identical implementations.

But the more urgent reason for this change is that xmlParseReference
has the facility to abort early when recursive entities are detected,
avoiding what could practically amount to an infinite loop.

If you want to backport this change, note that the previous three
commits are required as well:

f9ea1a24 Fix copying of entities in xmlParseReference
5c7e0a9a Copy some XMLReader option flags to parser context
1a3e584a Merge code paths loading external entities

Found by OSS-Fuzz.

Merge xmlParseCtxtExternalEntity into xmlParseExternalEntityPrivate.

The parser context stores some options both in the "options" bits and
extra members like "validate" or "replaceEntities". Which of these
are actually read is inconsistent, so make sure to also update the
bit field.

Before, reader mode would end up in a branch that didn't handle
entities with multiple children and failed to update ent->last, so the
hack copying the "extra" reader data wouldn't trigger. Consequently,
some empty nodes in entities are correctly detected now in the test
suite. (The detection of empty nodes in entities is still buggy,
though.)

When ctxt->schema is NULL, xmlSchemaSAXPlug->xmlSchemaPreRun
alloc a new schema for ctxt->schema and set vctxt->xsiAssemble
to 1. Then xmlSchemaVStart->xmlSchemaPreRun initialize
vctxt->xsiAssemble to 0 again which cause the alloced schema
can not be freed anymore.

Found with libFuzzer.
Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>

Per https://www.w3.org/TR/xmlschema-2/#dateTime-lexical-representation,
the date portion is supposed to use '-' as the delimiter

When a multiple modules (process/plugins) all link to libxml2.dll
they will in fact share a single loaded instance of it.
It is unsafe for any of them to call xmlCleanupParser,
as this would deinitialize the shared state and break others that might
still have ongoing use.

However, on windows atexit is per-module (rather process-wide), so if used
*within* libxml2 it is possible to register a clean up when all users
are done and libxml2.dll is about to actually unload.

This allows multiple plugins to link with and share libxml2 without
a premature cleanup if one is unloaded, while still cleaning up if *all*
such callers are themselves unloaded.

If non-parser parts of libxml (e.g. xmlwriter) are used before a parser,
xmlOnceInit may have run (e.g. via the many paths to xmlGetGlobalState),
but not xmlInitThreads (which is called only by xmlInitParser)

Once globalkey != TLS_OUT_OF_INDEXES (which can happen in many ways),
DLLMAIN(DLL_THREAD_DETACH) may attempt to lock cleanup_helpers_cs
before it is valid. This may happen even if the thread whose exit
is triggering DllMain is from code which is not linked to libxml.

globalkey and cleanup_helpers_cs should be initialized together,
with cleanup_helpers_cs initialized first and deleted last.

Add function to pop a single set of output callbacks from the stack.
This was only implemented for input callbacks before.

Fixes #135.

Found by OSS-Fuzz.

- Semicolon coding style
- Remove duplicated option check

Found by lgtm.com

Found by lgtm.com

Found by lgtm.com

Store return value of xmlBufNodeDump in a size_t before checking for
integer overflow.

Found by lgtm.com

Added all test cases that have a non-empty error in result/valid/*.xml.err
Restructured to make it easier extensible with new test cases
Added coding cookie because there is non-ASCII in the error messages

libxml2.registerErrorHandler(None,None):
None is not acceptable as first argument
failUnlessEqual replaced by assertEqual

When ctxt->instate == XML_PARSER_EOF,xmlParseStringEntityRef
return NULL which cause a infinite loop in xmlStringLenDecodeEntities

Found with libFuzzer.
Signed-off-by: Zhipeng Xie <xiezhipeng1@huawei.com>

Apparently, some libxslt RVTs can contain nested document nodes, see
issue #132. I'm not sure how this happens exactly but it can cause a
segfault in xmlFreeNodeList after the changes in commit 0762c9b6.

Make sure not to touch the (nonexistent) `content` member of xmlDocs.

Found by OSS-Fuzz.

xmlDictComputeFastKey is only used for small tables, so this shouldn't
be a security problem.

Fix leak of iconv/ICU encoding handler in xmlSaveToBuffer.

Fix leaks of iconv/ICU encoding handlers in xmlSaveTo* error paths.

Closes #127.

Return an error code if called with an unknown option.

Also propagate memory errors.

Found by OSS-Fuzz.

Don't overwrite 'use' and 'size' members after clamping to INT_MAX.

Thanks to Ranier Vilela for pointing this out in merge request !56.

Fix potential deferencing potential null pointers;
Small optimizations.

Closes #123.

One of regressions introduced by commit
2f2bf4b2 aka v2.9.10-rc1~56 is that
cflags and libs variables are used uninitialized, resulting to
the following behaviour:

$ cflags=foo libs=bar sh ./xml2-config.in --prefix
@prefix@
foo bar

Another regression is that the test for these variables is flawed.

Fixes: 2f2bf4b2 ("xml2-config.in: Output CFLAGS and LIBS on the same line")

Minor fix to xmlStringLenGetNodeList to avoid a pointer overflow
during API test.

Enable pointer-overflow and unsigned-integer-overflow sanitizers in CI
tests. Technically, unsigned integer overflows aren't undefined
behavior, but they typically indicate programming errors. Some hash
functions that really require unsigned integer overflows have already
been annotated.

* configure.ac doc/xml.html: updated for the release
* doc/*: regenerated docs, APIs, etc ...

Also add llvm to Docker image so that backtraces can be symbolized.

The previous fix introduced an uninitialized read.

* doc/Makefile.am: xzlib.html seems not generated anymore since it
  was only containing an internal define we can drop it
* libxml.spec.in: don't run python tests as part of %check as this
  is now breaking on F30

Parsing conditional sections would fail if the final ']]>' was at the
end of the document. Short-lived regression caused by commit c51e38cb.

Closes #108.

- Update Dockerfile
- Don't configure with -Werror
- Don't mention Travis in CONTRIBUTING