summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-06-19Change PUGI__SNPRINTF to use _countof for MSVCArseny Kapoulkine
The macro only works correctly when the input argument is an array with a statically known size - pointers or arrays decayed to pointers won't work silently. While this is unlikely to surface issues that aren't caught in tests/code review, use _countof for MSVC to prevent such code from compiling.
2017-06-18Merge pull request #150 from zeux/nugetArseny Kapoulkine
Add VS2017 to AppVeyor test run
2017-06-18Add VS2017 to AppVeyor test runArseny Kapoulkine
This requires moving the list of VS versions out of autotest-appveyor.ps1 and into appveyor.yml.
2017-06-18scripts: Cleanup nuget_build.ps1Arseny Kapoulkine
Correctly check for error codes and don't run .bat file since it doesn't work anyway (the variables it sets aren't accessible in PowerShell, and the path to the script doesn't seem to be the same in VS2017).
2017-06-18Merge pull request #147 from igagis/masterArseny Kapoulkine
VS2017 project + NuGet support
2017-06-16tests: Improve XPath coverageArseny Kapoulkine
Add memory allocation failure test for concact with a very large list and make sure we have every single axis covered with and without a predicate, with and without a previous step.
2017-06-16tests: Add even more stream coverage testsArseny Kapoulkine
Apparently only narrow character streams had out of memory coverage - fix that and also split this into a separate test.
2017-06-16tests: Add more stream coverage testsArseny Kapoulkine
Cover both char and wchar_t stream loading in a single run instead of using pugi::char_t.
2017-06-16tests: Add more coverage tests for stream loadingArseny Kapoulkine
Cover more failure cases and simplify the streambuf implementation a bit.
2017-06-16Fix BorlandC compilationArseny Kapoulkine
Rename partition to partition3 to resolve conflicts with std::partition.
2017-06-16tests: Improve XPath test coverageArseny Kapoulkine
Add more memory allocation failure tests.
2017-06-16tests: Expand write_flush coverageArseny Kapoulkine
Adjust the buffer size to be right on the edge of the overflow, make sure we actually output " instead of ".
2017-06-15tests: Add xml_buffered_writer coverage testArseny Kapoulkine
This test triggers flush() condition for each optimized write() method.
2017-06-15Refactor snprintf supportArseny Kapoulkine
Instead of branching code at each invocation site, use variadic macros to create a wrapping macro that use snprintf for the buffer of a statically known size. Variadic macros are supported by all C++11 compilers, as is snprintf; on MSVC 2005+ we don't necessarily have snprintf, but we can use _snprintf_s with _TRUNCATE to get the same behavior. In all other cases we fall back to sprintf, that (theoretically) can lead to a stack buffer overflow. In practice all snprintfs used in pugixml use buffers that should be large enough to never be overflown but snprintf is safe even if this is not the case.
2017-06-15Use buffer with a static size in convert_number_to_mantissa_exponentArseny Kapoulkine
We use references to arrays elsewhere in the codebase and there's just one caller for this function so it's easier to fix the size. This will simplify snprintf refactoring.
2017-06-15Merge pull request #145 from noresources/snprintfArseny Kapoulkine
use snprintf instead of sprintf
2017-06-15Merge pull request #149 from zeux/test-pathArseny Kapoulkine
Improve code coverage
2017-06-15Exclude unreachable lines from code coverageArseny Kapoulkine
codecov.io does not seem to support lcov regex customization; additionally, we can't just replace unreachable with LCOV_LINE_EXCL in gcov file - so we have to patch the ##### indicator (which suggests the line hasn't been hit) with 1. See also https://github.com/codecov/support/issues/144
2017-06-15Mark all assert(false) statements as unreachableArseny Kapoulkine
Now we can exclude these from code coverage since it's logically impossible to hit them in tests.
2017-06-15tests: Add tests for loading special filesArseny Kapoulkine
New tests try to load a folder as an XML document, and a device. Both are intended to exercise some otherwise non-hittable error paths in load_file implementation.
2017-06-15use 2 images to build on appveyorIvan Gagis
2017-06-15use powershell instead of cmdIvan Gagis
2017-06-15Appveyor image set to VS2017Ivan Gagis
2017-06-15Appveyor image set to VS2017Ivan Gagis
2017-06-15set v141 tools environment for buildingIvan Gagis
2017-06-15Appveyor image set to VS2017Ivan Gagis
2017-06-15VS2017 projectIvan Gagis
2017-06-14tests: Increase compact_pointer coverageArseny Kapoulkine
This adds tests that complete branch coverage in compact pointer encoding/decoding code (previously first_attribute was always encoded using compact encoding in the entire test suite).
2017-06-14Increase the minimum CMake version to 2.8.12Arseny Kapoulkine
This is a followup to 198900eff403982f080958459f1ccb45cdefe9a4. target_include_directories was introduced in 2.8.12, thus CMake 2.6 no longer works.
2017-06-11use snprintf if available, _snprintf or sprintf otherwiseRenaud Guillard
2017-06-05use _snprintf if MSVCRenaud Guillard
2017-06-04use snprintf instead of sprintfRenaud Guillard
2017-04-03Work around -fsanitize=integer issuesArseny Kapoulkine
Integer sanitizer is flagging unsigned integer overflow in several functions in pugixml; unsigned integer overflow is well defined but it may not necessarily be intended. Apart from hash functions, both string_to_integer and integer_to_string use unsigned overflow - string_to_integer uses it to perform two-complement negation so that the bulk of the operation can run using unsigned integers. This makes it possible to simplify overflow checking. Similarly integer_to_string negates the number before generating a decimal representation, but negating is impossible without unsigned overflow or special-casing certain integer limits. For now just silence the integer overflow using a special attribute; also move unsigned overflow into string_to_integer from get_value_* so that we have fewer functions marked with the attribute. Fixes #133.
2017-04-03Move libFuzzer build to MakefileArseny Kapoulkine
Now the only thing fuzz_setup.sh does is installing new clang; if system clang supports -fsanitize-coverage then fuzz_setup.sh is not required.
2017-04-03tests: Fix fuzz_setup.shArseny Kapoulkine
The script only worked if clang folder was already created.
2017-03-21Add missing PUGI__FN to string_to_integerArseny Kapoulkine
2017-03-21Revert "Fix gcc-4.8 compilation warning when using -Wstrict-overflow"Arseny Kapoulkine
This reverts commit 79109a8546f963d17522d75112cffcfd8cbe35fc. This warning does not happen on gcc-4.8.4; the workaround introduces an unsigned integer overflow which results in a runtime error when compiled with integer sanitizer.
2017-03-21tests: Do not use unsigned underflow in test codeArseny Kapoulkine
This triggers a runtime error under integer sanitizer
2017-03-21tests: Fix invalid buffer sizeArseny Kapoulkine
This was triggering an buffer read overflow with asan.
2017-03-21Fix path to fuzzing corpusArseny Kapoulkine
2017-03-06Merge pull request #134 from ogdf/explicit-fallthroughsArseny Kapoulkine
Silence g++ 7.0.1 -Wimplicit-fallthrough warnings
2017-03-05Silence g++ 7.0.1 -Wimplicit-fallthrough warningsStephan Beyer
This is accomplished by putting a // fallthrough comment at the right place. This seems to be more portable than an attribute-based solution like [[fallthrough]] or __attribute__((fallthrough)).
2017-03-03Simplify compact_hash_table implementationArseny Kapoulkine
Instead of a separate implementation for find/insert, use just one that can do both. This reduces the code size and simplifies code coverage; the resulting code is close to what we had in terms of performance and since hash table is a fall back should not affect any real workloads.
2017-02-11Merge pull request #132 from zeux/fuzzArseny Kapoulkine
Improve fuzzing support
2017-02-11tests: Fix fuzz_setup.shArseny Kapoulkine
Make the file executable, fix Windows newlines and fix clang setup.
2017-02-11tests: Add fuzzing dictionariesArseny Kapoulkine
Hopefully this will allow for better fuzzing coverage
2017-02-09tests: Add XPath fuzzingArseny Kapoulkine
Only fuzz the parser for now.
2017-02-09tests: Add a script to set up fuzzing toolsArseny Kapoulkine
This downloads a clang build that has support for instrumentation, and also downloads and compiles libFuzzer.a.
2017-02-09fuzz: Use libFuzzer instead of afl-fuzzArseny Kapoulkine
This allows us to have faster fuzz cycles since the fuzzer is in-process.
2017-02-09tests: Increase the number of translate callsArseny Kapoulkine
This should make the test fail on a 32-bit target.