summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-01-02xplist: Error out when invalid tags inside text nodes are encounteredGravatar Nikias Bassen1-2/+12
2017-01-02xplist: Make sure to error out when encountering empty/incomplete entitiesGravatar Nikias Bassen1-1/+5
2017-01-02xplist: Make sure to not parse for entities in empty stringsGravatar Nikias Bassen1-1/+1
2017-01-02xplist: Allow empty keys in dictionariesGravatar Nikias Bassen1-2/+2
2017-01-02xplist: Allow whitespace after name in closing tagGravatar Nikias Bassen1-2/+7
'</key >' is a perfectly valid closing tag and so is '</key >' (note the newline). This commit will make the parser skip any encountered whitespace before checking for the closing '>'.
2017-01-01xplist: Fix numerical character entity conversionGravatar Nikias Bassen1-2/+6
2016-12-27Remove unused AC_SUBST for WINDRESGravatar Nikias Bassen1-1/+0
2016-12-27Remove check for pthread on macOS to suppress clang compiler warningGravatar Nikias Bassen1-10/+8
2016-12-21xplist: Fix UaF in code checking for closing tagGravatar Nikias Bassen1-2/+2
2016-12-21xplist: Make sure to correctly parse for closing tags of structured nodesGravatar Nikias Bassen1-7/+45
2016-12-21xplist: Make sure to stop parsing on entity errorsGravatar Nikias Bassen1-7/+11
2016-12-14xplist: Remove usage of strlen() wherever possibleGravatar Nikias Bassen1-45/+66
2016-12-14xplist: Improve text content parsing, reducing memory usage and unneeded copyingGravatar Nikias Bassen1-113/+318
2016-12-14Properly check for the availability of strptime() and make sure to use itGravatar Nikias Bassen2-2/+6
2016-12-14base64: Prevent use of strlen() in base64decode when input buffer size is knownGravatar Nikias Bassen1-7/+8
2016-11-28xplist: Fix parsing of adjacent nodes without whitespace between themGravatar Nikias Bassen1-2/+1
The context position counter was increased after encountering a closing node, e.g. '</dict>' or after a closing '</key>' node. When a node followed it directly without any whitespace inbetween, e.g. </dict><key>, parsing would fail since the parser would look at 'key>' instead of '<key>' for the next node to be parsed.
2016-11-27plist_copy: Duplicate hash tables when copying PLIST_DICT nodesGravatar Nikias Bassen1-5/+15
2016-11-18Updated READMEGravatar Nikias Bassen1-2/+8
2016-11-18test: Fix test plist having duplicate keys in dictionaryGravatar Nikias Bassen1-1/+1
2016-11-18bplist: Remove misleading/redundant `else` from BPLIST_DATE case in ↵Gravatar Nikias Bassen1-4/+3
parse_bin_node
2016-11-18Improve plist_dict_set_item performance for large dictionaries with hash tableGravatar Nikias Bassen5-18/+119
2016-11-13xplist: Don't parse XML reserved characters in CDATA blocksGravatar Nikias Bassen1-0/+1
2016-11-13bplist: Fix surrogate parsing range to include U+100000 - U+1FFFFFGravatar Nikias Bassen1-2/+2
2016-11-13xplist: Support converting numerical character entitiesGravatar Nikias Bassen1-3/+51
2016-11-13xplist: Don't escape " and ' characters in node_to_xmlGravatar Nikias Bassen1-10/+0
2016-11-13xplist: Properly parse CDATA blocks in get_text_content()Gravatar Nikias Bassen1-7/+23
2016-11-10libcnary: Fix possible NULL pointer dereference in node_iterator_create()Gravatar Nikias Bassen1-1/+1
When NULL is passed to node_iterator_create() the code tries to access the begin element of the node list and causes a NULL pointer dereference. The value of list is checked a few lines down and iterator->value is then properly assigned in node_iterator_bind().
2016-11-10Add new PLIST_IS_* helper macros for the different plist node typesGravatar Nikias Bassen1-0/+14
Instead of e.g.: if (plist_get_node_type(plist) == PLIST_STRING) you can now write: if (PLIST_IS_STRING(plist))
2016-11-10Remove libxml2 private requirement from pkg-config control fileGravatar Nikias Bassen1-1/+0
2016-11-10Remove libxml2 requirement from READMEGravatar Nikias Bassen1-4/+1
2016-11-10bplist: Make sure to error out if allocation of `used_indexes` buffer in ↵Gravatar Filippo Bigarella1-0/+6
plist_from_bin() fails If the allocation fails, a lot of bad things can happen so we check the result and return accordingly. We also check that the multiplication used to calculate the buffer size doesn't overflow. Otherwise this could lead to an allocation of a very small buffer compared to what we need, ultimately leading to arbitrary writes later on.
2016-11-10bplist: Prevent out-of-bounds read in plist_from_bin() when parsing offset_tableGravatar Filippo Bigarella1-1/+9
offset_table_index is read from the file, so we have full control over it. This means we can point offset_table essentially anywhere we want, which can lead to an out-of-bounds read when it will be used later on.
2016-11-10bplist: Make sure the index in parse_bin_node_at_index() is actually within ↵Gravatar Filippo Bigarella1-4/+13
the offset table
2016-11-10bplist: Fix possible out-of-bounds reads in parse_bin_node() with proper ↵Gravatar Filippo Bigarella1-0/+21
bounds checking
2016-11-10bplist: Fix possible out-of-bounds read in parse_dict_node() with proper ↵Gravatar Filippo Bigarella1-2/+13
bounds checking
2016-10-31xplist: Prevent UaF when parsing structured nodes failstime64Gravatar Filippo Bigarella1-0/+5
In case parsing inside `node_from_xml` called from line 842 fails, `data` gets freed by the call to `plist_free` at line 899, since `subnode` is actually created by making it point to `data` at line 684. This commit prevents this situation by bailing out whenever parsing in a deeper level of structured nodes fails.
2016-10-31xplist: Prevent heap buffer overflow when parsing empty tagsGravatar Filippo Bigarella1-1/+3
If `ctx->pos - p - 1` is greater than `taglen`, we end up writing outside the buffer pointed to by `tag`. This commit fixes it by checking the bounds of the heap buffer before writing.
2016-10-31xplist: Prevent NULL pointer dereference when parsing <real> nodesGravatar Filippo Bigarella1-0/+8
2016-10-31base64: Prevent buffer overflow by not decoding blocks with less than 4 charsGravatar Filippo Bigarella1-1/+1
2016-10-24Add pthread detection to configure.ac to get cflags and libs rightGravatar Nikias Bassen3-2/+495
2016-10-22Remove libxml2 dependency in favor of custom XML parsingGravatar Nikias Bassen10-407/+798
2016-09-19test: Add additional test case to check extended date rangeGravatar Nikias Bassen3-0/+20
2016-09-19Use time64 implementation by Michael G Schwern to extend allowed date/time rangeGravatar Nikias Bassen6-12/+1061
The main benefit of this is to allow date/time values outside of the 32bit time_t range which is very important on 32bit platforms. But there are also some other issues that will be fixed with this, for example on macOS, mktime() will not work for dates < 1902 despite time_t being 64bit. In the same run this commit will also use a reentrant version of gmtime64_r that should help in multithreaded scenarios. Original code taken from: https://github.com/evalEmpire/y2038
2016-09-19Change internal storage of PLIST_DATE values from struct timeval to doubleGravatar Nikias Bassen4-36/+16
This removes the timeval union member from the plist_data_t structure. Since struct timeval is 2x64bit on 64bit platforms this member unnecessarily grew the union size to 16 bytes while a size of 8 bytes is sufficient. Also, on 32bit platforms struct timeval is only 2x32bit of size, limiting the range of possible time values. In addition the binary property list format also stores PLIST_DATE nodes as double.
2016-09-08Make sure plist_cleanup() symbol is actually publicGravatar Martin Szulecki1-1/+1
2016-06-29xplist: Plug memory leak when converting PLIST_UID nodes to XMLGravatar Nikias Bassen3-1/+3
In node_to_xml nodes of type PLIST_UID are temporarily converted to a PLIST_DICT for an appropriate XML output. Therefore a PLIST_KEY and a PLIST_UINT node is created and inserted into the PLIST_DICT node. Upon completion, the child nodes of the PLIST_DICT node are detached from the original node and freed, however the data of the child nodes - the key string and the uint value - are not. This commit fixes it.
2016-06-29test: Add another test case for signed/unsigned (multiple) integersGravatar Nikias Bassen4-0/+35
Apart from testing the actual integer signed vs. unsigned value storage and conversion, this test will check that the binary plist optimization is not re-using existing values. Basically it will test the fix that was introduced with commit acd226d1f71a78dd23b47a9a5c4ca8cf8068d509.
2016-06-29plist_data_compare: Make sure to compare the node sizes for integer nodesGravatar Nikias Bassen1-0/+2
Without this check, e.g. the values -1 and 18446744073709551615 would yield in a match, since the comparison will just compare the uint64_t values. However, any value >= 9223372036854775808 and <= 18446744073709551615 is stored as a 128 bit value in binary plist format to make sure it is recognized as an unsigned value. We store it internally as a uint64_t value, but we set the size to 16 vs. 8 accordingly; so this commit will make sure the binary plist optimization will not re-use matching uint64_t values of actually mismatching signed/unsigned values.
2016-05-12Implement plist_from_memory()Gravatar Christophe Fergeau2-0/+26
Rather than having everyone reimplement binary/XML plist detection by looking at the first bytes of the plist content, it's better to do this detection in libplist and hide that internal detail from library users.
2016-05-12Add plist_is_binary()Gravatar Christophe Fergeau2-0/+22
It can be useful if one needs to know what type of plist a memory buffer contains.