summaryrefslogtreecommitdiffstats
path: root/src/xplist.c
AgeCommit message (Expand)AuthorFilesLines
2017-03-29xplist: Make XML parsing non-recursive to prevent stack overflow on deep-stru...Gravatar Nikias Bassen1-79/+103
2017-02-15xplist: Improve writing of large PLIST_DATA nodes by growing buffer in advanceGravatar Nikias Bassen1-0/+1
2017-02-09xplist: Fix OOB heap buffer read with empty data nodesGravatar Nikias Bassen1-2/+4
2017-02-09xplist: Prevent assert when parsing CF$UID dict with invalid value nodeGravatar Nikias Bassen1-0/+5
2017-02-08xplist: Use proper variable size for integer from string parsingGravatar Nikias Bassen1-2/+2
2017-02-07xplist: Prevent some more strncmp related OOB readsGravatar Nikias Bassen1-4/+4
2017-02-07xplist: Really fix OOB read when parsing DOCTYPEGravatar Nikias Bassen1-1/+1
2017-02-07xplist: unescape_entities(): Make sure text part buffer is null terminated af...Gravatar Nikias Bassen1-0/+1
2017-02-07xplist: Fix OOB read when parsing DOCTYPEGravatar Nikias Bassen1-1/+1
2017-02-07xplist: Also fix OOB read in find_char() and find_str() functionsGravatar Nikias Bassen1-0/+8
2017-02-07xplist: Prevent OOB read in two more casesGravatar Nikias Bassen1-0/+10
2017-02-07xplist: Fix OOB read when parsing double quotesGravatar Nikias Bassen1-0/+4
2017-02-07xplist: Fix OOB read when parsing node text contentGravatar Nikias Bassen1-1/+1
2017-02-07xplist: Catch some more error conditionsGravatar Nikias Bassen1-34/+37
2017-02-06xplist: Prevent memory leaks when parsing failsGravatar Nikias Bassen1-37/+20
2017-01-03xplist: Refine XML parsing error messagesGravatar Nikias Bassen1-15/+18
2017-01-02xplist: Error out when invalid tags inside text nodes are encounteredGravatar Nikias Bassen1-2/+12
2017-01-02xplist: Make sure to error out when encountering empty/incomplete entitiesGravatar Nikias Bassen1-1/+5
2017-01-02xplist: Make sure to not parse for entities in empty stringsGravatar Nikias Bassen1-1/+1
2017-01-02xplist: Allow empty keys in dictionariesGravatar Nikias Bassen1-2/+2
2017-01-02xplist: Allow whitespace after name in closing tagGravatar Nikias Bassen1-2/+7
2017-01-01xplist: Fix numerical character entity conversionGravatar Nikias Bassen1-2/+6
2016-12-21xplist: Fix UaF in code checking for closing tagGravatar Nikias Bassen1-2/+2
2016-12-21xplist: Make sure to correctly parse for closing tags of structured nodesGravatar Nikias Bassen1-7/+45
2016-12-21xplist: Make sure to stop parsing on entity errorsGravatar Nikias Bassen1-7/+11
2016-12-14xplist: Remove usage of strlen() wherever possibleGravatar Nikias Bassen1-45/+66
2016-12-14xplist: Improve text content parsing, reducing memory usage and unneeded copyingGravatar Nikias Bassen1-113/+318
2016-12-14Properly check for the availability of strptime() and make sure to use itGravatar Nikias Bassen1-1/+5
2016-11-28xplist: Fix parsing of adjacent nodes without whitespace between themGravatar Nikias Bassen1-2/+1
2016-11-13xplist: Don't parse XML reserved characters in CDATA blocksGravatar Nikias Bassen1-0/+1
2016-11-13xplist: Support converting numerical character entitiesGravatar Nikias Bassen1-3/+51
2016-11-13xplist: Don't escape " and ' characters in node_to_xmlGravatar Nikias Bassen1-10/+0
2016-11-13xplist: Properly parse CDATA blocks in get_text_content()Gravatar Nikias Bassen1-7/+23
2016-10-31xplist: Prevent UaF when parsing structured nodes failstime64Gravatar Filippo Bigarella1-0/+5
2016-10-31xplist: Prevent heap buffer overflow when parsing empty tagsGravatar Filippo Bigarella1-1/+3
2016-10-31xplist: Prevent NULL pointer dereference when parsing <real> nodesGravatar Filippo Bigarella1-0/+8
2016-10-22Remove libxml2 dependency in favor of custom XML parsingGravatar Nikias Bassen1-350/+652
2016-09-19Use time64 implementation by Michael G Schwern to extend allowed date/time rangeGravatar Nikias Bassen1-11/+17
2016-09-19Change internal storage of PLIST_DATE values from struct timeval to doubleGravatar Nikias Bassen1-4/+3
2016-06-29xplist: Plug memory leak when converting PLIST_UID nodes to XMLGravatar Nikias Bassen1-0/+1
2016-04-20Move libxml cleanup code to a plist_cleanup methodGravatar Frederik Carlier1-17/+0
2015-11-13xplist: Get rid of setlocale() and use custom function to print floating poin...Gravatar Nikias Bassen1-14/+32
2015-01-23xplist: Plug memory leak by cleaning up libxml2's parser after useGravatar Martin Szulecki1-0/+16
2015-01-23Update and correct some copyright header commentsGravatar Martin Szulecki1-1/+3
2015-01-23xplist: Fix limited but possible XXE security vulnerability with XML plistsGravatar Martin Szulecki1-4/+16
2014-10-03Avoid exporting non-public symbolsGravatar Nikias Bassen1-2/+2
2014-08-25Fixed memory leaks in new_xml_plist() and parse_real_node().Gravatar Aaron Burghardt1-3/+0
2014-05-27xplist: Fix keys not being output correctly if converted to XML entitiesGravatar Martin Szulecki1-5/+11
2014-05-23Handle signed vs. unsigned integer values correctlyGravatar Nikias Bassen1-3/+28
2014-05-22xplist: Handle DST-affected timezones correctlyGravatar Nikias Bassen1-1/+1