Age | Commit message (Collapse) | Author |
|
This warning is new as of GCC 7 and highlights undefined behavior in the
preprocessor that ASAN detection was relying on.
|
|
The old fuzzer location is deprecated; this also makes it almost trivial
to fuzz, provided that the clang is set up correctly... on Ubuntu 17.10,
a command sequence like this works now:
sudo apt install clang-5.0
sudo apt install libfuzzer-5.0
sudo cp /usr/lib/llvm-5.0/lib/libFuzzer.a /usr/lib/libLLVMFuzzer.a
CXX=clang++-5.0 make fuzz_parse
|
|
|
|
It has always been the case that pugixml does not perform Unicode
validation or name/tag Unicode character class validation, but it wasn't
very obvious from documentation.
Fixes #162
|
|
We support Latin-1 and automatically detect it by parsing the encoding
from document declaration; both of these were omitted from the
description of the automatic detection.
Additionally, the description has been rewritten to be more concise and
a bit more abstract - there's no need to specify the algorithm precisely
here.
Fixes #158.
|
|
Due to a typo in build script v141 binaries were built using VS2015
instead of VS2017.
Fixes #157.
|
|
Using LTCG restricts the resulting .lib files to a specific compiler
version, causing version conflicts when the compiler gets updated
without changing the toolset version. VS2017 now has two incompatible
compilers, 15.0 and 15.3, both of which use toolset v141...
|
|
Clang/C2 does not implement __builtin_expect; additionally we need to
work around deprecation warnings for fopen by disabling them.
|
|
Switch codecov.io URLs to https
|
|
|
|
These new tests test that tellg() can fail when being called the second
time, which leads to seekable implementation failing.
|
|
These tests simulate various error conditions when reading data from
streams - seeks failing in seekable streams, underflow throwing an
exception causing read to set badbit, etc.
This change also adjusts memory thresholds to cause a reliable out of
memory during construction of a final buffer for non-seekable streams.
|
|
|
|
This fixes missing coverage in translate_table_generate and
xpath_node_set_raw::append.
|
|
Hiding using namespace in common.hpp is somewhat surprising so remove
common.hpp and move using namespace into all .cpp files that need it.
|
|
Most tests have `using namespace pugi` which makes explicit
qualifications unnecessary.
|
|
It's not clear whether we still need PUGI__MSVC_CRT_VERSION, but it's
more consistent for now to use it for _snprintf_s since this is relying
on a CRT extension, not on a compiler feature.
|
|
These functions were deprecated via comments in 1.5 but never got the
deprecated attribute; now is the time!
Using deprecated functions produces a warning; to silence it, this
change moves the relevant tests to a separate translation unit that has
deprecation disabled.
|
|
Rework NuGet package building
|
|
Unify build paths in all MSBuild VS projects and extract common build
logic into functions.
Note that this change changes both VS2010 and VS2013 projects to have
more predictable output paths and fixed output file name (pugixml).
|
|
Also improve linkage description
|
|
We build NuGet package manually now so we don't need CoApp.
|
|
|
|
We'd like to build pugixml with both static & dynamic CRT and put it
all in one NuGet package.
CoApp sort of allows us to do this via dynamic/static pivots, but it
does not let us customize the names of the pivots and additionally has
some bugs with the project setup. Their project modifications are also
much more complicated - really, at this point we should do this
ourselves.
Create a simple native NuGet package with Linkage setting that picks the
right library, and package all libraries appropriately. Note that we use
the unified path syntax to make it simple to just get the right .lib
file from the toolset/platform/configuration/linkage combo.
|
|
The macro only works correctly when the input argument is an array with
a statically known size - pointers or arrays decayed to pointers won't
work silently.
While this is unlikely to surface issues that aren't caught in
tests/code review, use _countof for MSVC to prevent such code from
compiling.
|
|
Add VS2017 to AppVeyor test run
|
|
This requires moving the list of VS versions out of
autotest-appveyor.ps1 and into appveyor.yml.
|
|
Correctly check for error codes and don't run .bat file since it doesn't
work anyway (the variables it sets aren't accessible in PowerShell, and
the path to the script doesn't seem to be the same in VS2017).
|
|
VS2017 project + NuGet support
|
|
Add memory allocation failure test for concact with a very large list
and make sure we have every single axis covered with and without a
predicate, with and without a previous step.
|
|
Apparently only narrow character streams had out of memory coverage -
fix that and also split this into a separate test.
|
|
Cover both char and wchar_t stream loading in a single run instead of
using pugi::char_t.
|
|
Cover more failure cases and simplify the streambuf implementation a
bit.
|
|
Rename partition to partition3 to resolve conflicts with std::partition.
|
|
Add more memory allocation failure tests.
|
|
Adjust the buffer size to be right on the edge of the overflow, make
sure we actually output " instead of ".
|
|
This test triggers flush() condition for each optimized write() method.
|
|
Instead of branching code at each invocation site, use variadic macros
to create a wrapping macro that use snprintf for the buffer of a
statically known size.
Variadic macros are supported by all C++11 compilers, as is snprintf;
on MSVC 2005+ we don't necessarily have snprintf, but we can use
_snprintf_s with _TRUNCATE to get the same behavior. In all other cases
we fall back to sprintf, that (theoretically) can lead to a stack buffer
overflow.
In practice all snprintfs used in pugixml use buffers that should be
large enough to never be overflown but snprintf is safe even if this is
not the case.
|
|
We use references to arrays elsewhere in the codebase and there's just
one caller for this function so it's easier to fix the size.
This will simplify snprintf refactoring.
|
|
use snprintf instead of sprintf
|
|
Improve code coverage
|
|
codecov.io does not seem to support lcov regex customization;
additionally, we can't just replace unreachable with LCOV_LINE_EXCL
in gcov file - so we have to patch the ##### indicator (which suggests
the line hasn't been hit) with 1.
See also https://github.com/codecov/support/issues/144
|
|
Now we can exclude these from code coverage since it's logically
impossible to hit them in tests.
|
|
New tests try to load a folder as an XML document, and a device. Both
are intended to exercise some otherwise non-hittable error paths in
load_file implementation.
|
|
|
|
|
|
|
|
|
|
|
|
|