summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2016-11-13xplist: Don't escape " and ' characters in node_to_xmlGravatar Nikias Bassen1-10/+0
2016-11-13xplist: Properly parse CDATA blocks in get_text_content()Gravatar Nikias Bassen1-7/+23
2016-11-10Remove libxml2 private requirement from pkg-config control fileGravatar Nikias Bassen1-1/+0
2016-11-10bplist: Make sure to error out if allocation of `used_indexes` buffer in ↵Gravatar Filippo Bigarella1-0/+6
plist_from_bin() fails If the allocation fails, a lot of bad things can happen so we check the result and return accordingly. We also check that the multiplication used to calculate the buffer size doesn't overflow. Otherwise this could lead to an allocation of a very small buffer compared to what we need, ultimately leading to arbitrary writes later on.
2016-11-10bplist: Prevent out-of-bounds read in plist_from_bin() when parsing offset_tableGravatar Filippo Bigarella1-1/+9
offset_table_index is read from the file, so we have full control over it. This means we can point offset_table essentially anywhere we want, which can lead to an out-of-bounds read when it will be used later on.
2016-11-10bplist: Make sure the index in parse_bin_node_at_index() is actually within ↵Gravatar Filippo Bigarella1-4/+13
the offset table
2016-11-10bplist: Fix possible out-of-bounds reads in parse_bin_node() with proper ↵Gravatar Filippo Bigarella1-0/+21
bounds checking
2016-11-10bplist: Fix possible out-of-bounds read in parse_dict_node() with proper ↵Gravatar Filippo Bigarella1-2/+13
bounds checking
2016-10-31xplist: Prevent UaF when parsing structured nodes failstime64Gravatar Filippo Bigarella1-0/+5
In case parsing inside `node_from_xml` called from line 842 fails, `data` gets freed by the call to `plist_free` at line 899, since `subnode` is actually created by making it point to `data` at line 684. This commit prevents this situation by bailing out whenever parsing in a deeper level of structured nodes fails.
2016-10-31xplist: Prevent heap buffer overflow when parsing empty tagsGravatar Filippo Bigarella1-1/+3
If `ctx->pos - p - 1` is greater than `taglen`, we end up writing outside the buffer pointed to by `tag`. This commit fixes it by checking the bounds of the heap buffer before writing.
2016-10-31xplist: Prevent NULL pointer dereference when parsing <real> nodesGravatar Filippo Bigarella1-0/+8
2016-10-31base64: Prevent buffer overflow by not decoding blocks with less than 4 charsGravatar Filippo Bigarella1-1/+1
2016-10-24Add pthread detection to configure.ac to get cflags and libs rightGravatar Nikias Bassen1-1/+1
2016-10-22Remove libxml2 dependency in favor of custom XML parsingGravatar Nikias Bassen8-385/+780
2016-09-19Use time64 implementation by Michael G Schwern to extend allowed date/time rangeGravatar Nikias Bassen5-11/+1034
The main benefit of this is to allow date/time values outside of the 32bit time_t range which is very important on 32bit platforms. But there are also some other issues that will be fixed with this, for example on macOS, mktime() will not work for dates < 1902 despite time_t being 64bit. In the same run this commit will also use a reentrant version of gmtime64_r that should help in multithreaded scenarios. Original code taken from: https://github.com/evalEmpire/y2038
2016-09-19Change internal storage of PLIST_DATE values from struct timeval to doubleGravatar Nikias Bassen4-36/+16
This removes the timeval union member from the plist_data_t structure. Since struct timeval is 2x64bit on 64bit platforms this member unnecessarily grew the union size to 16 bytes while a size of 8 bytes is sufficient. Also, on 32bit platforms struct timeval is only 2x32bit of size, limiting the range of possible time values. In addition the binary property list format also stores PLIST_DATE nodes as double.
2016-09-08Make sure plist_cleanup() symbol is actually publicGravatar Martin Szulecki1-1/+1
2016-06-29xplist: Plug memory leak when converting PLIST_UID nodes to XMLGravatar Nikias Bassen3-1/+3
In node_to_xml nodes of type PLIST_UID are temporarily converted to a PLIST_DICT for an appropriate XML output. Therefore a PLIST_KEY and a PLIST_UINT node is created and inserted into the PLIST_DICT node. Upon completion, the child nodes of the PLIST_DICT node are detached from the original node and freed, however the data of the child nodes - the key string and the uint value - are not. This commit fixes it.
2016-06-29plist_data_compare: Make sure to compare the node sizes for integer nodesGravatar Nikias Bassen1-0/+2
Without this check, e.g. the values -1 and 18446744073709551615 would yield in a match, since the comparison will just compare the uint64_t values. However, any value >= 9223372036854775808 and <= 18446744073709551615 is stored as a 128 bit value in binary plist format to make sure it is recognized as an unsigned value. We store it internally as a uint64_t value, but we set the size to 16 vs. 8 accordingly; so this commit will make sure the binary plist optimization will not re-use matching uint64_t values of actually mismatching signed/unsigned values.
2016-05-12Implement plist_from_memory()Gravatar Christophe Fergeau1-0/+15
Rather than having everyone reimplement binary/XML plist detection by looking at the first bytes of the plist content, it's better to do this detection in libplist and hide that internal detail from library users.
2016-05-12Add plist_is_binary()Gravatar Christophe Fergeau1-0/+9
It can be useful if one needs to know what type of plist a memory buffer contains.
2016-05-12bplist: Speed up plist_to_bin conversion for large plistsGravatar Nikias Bassen3-9/+12
Using a better hashing algorithm and a larger hash table the conversion is A LOT faster when processing large plists. Thanks to Xiao Deng for reporting this issue and suggesting a fix.
2016-04-20Move libxml cleanup code to a plist_cleanup methodGravatar Frederik Carlier2-17/+18
2015-12-07Node.cpp: let plist_t operations free _node when in a container.Gravatar Aaron Burghardt1-1/+6
Fixes libimobiledevice/libplist#50.
2015-11-13xplist: Get rid of setlocale() and use custom function to print floating ↵Gravatar Nikias Bassen1-14/+32
point values
2015-02-05bplist: Refactor binary plist parsing in a recursive wayGravatar Nikias Bassen1-209/+167
2015-01-31bplist: Plug memory leaks caused by unused (and unfreed) bufferGravatar Nikias Bassen1-5/+0
When parsing binary plists with BPLIST_DICT or BPLIST_ARRAY nodes that are referenced multiple times in a particular file, a buffer was allocated that was not used, and also not freed, thus causing memory leaks.
2015-01-31bplist: Fix possible crash in plist_from_bin() caused by access to already ↵Gravatar Nikias Bassen1-3/+5
freed memory Given a specifically ordered binary plist the function plist_from_bin() would free BPLIST_DICT or BPLIST_ARRAY raw node data that is still required for parsing of following nodes. This commit addresses this issues by moving the memory free to the end of the parsing process.
2015-01-29Move pkg-config file into src directoryGravatar Martin Szulecki3-0/+25
2015-01-23xplist: Plug memory leak by cleaning up libxml2's parser after useGravatar Martin Szulecki1-0/+16
This is actually considered bad practice. However, it appears this memory leak is otherwise not possible to fix due to a design flaw in how libxml2 handles the lifecycle of it's XML parser. We'll let the community test this in production now and decide. In our tests this change had no drawbacks except fixing the last known memory leak in libplist.
2015-01-23Update and correct some copyright header commentsGravatar Martin Szulecki2-2/+6
2015-01-23xplist: Fix limited but possible XXE security vulnerability with XML plistsGravatar Martin Szulecki1-4/+16
By using a specifically crafted XML file an attacker could use plistutil to issue a GET request to an arbitrary URL or disclose a local file. The crafted XML file would be using a custom DTD with an external entity reference pointing to the file. Practical abuse is limited but let's still fix it nevertheless. Related to CVE-2013-0339 for libxml2 and CWE-827. Reported by Loïc Bénis from calypt.com. Thanks!
2015-01-11Pass flag '-avoid-version' to libtool for libplist++ in addition to libplist ↵Gravatar Aaron Burghardt1-0/+1
for WIN32.
2014-10-09bplist: Fix plist_from_bin() changing value nodes to key nodes in dictionariesGravatar Martin Szulecki1-11/+33
The parsing logic for binary dictionaries wrongly enforced the key type even on nodes that were already parsed as value nodes. This caused the resulting plist_t node tree to have key nodes instead of value nodes within dictionaries for some valid binary plists. This commit should also generally fixes parsing of binary plist files which use an efficient dictionary reference table.
2014-10-03Drop src/common.h and use byte order macros from config.h directlyGravatar Nikias Bassen3-33/+15
2014-10-03Avoid exporting non-public symbolsGravatar Nikias Bassen9-82/+82
2014-09-23bplist: Prevent crash in plist_from_bin() when parsing unusually structured ↵Gravatar Nikias Bassen1-1/+1
binary plist
2014-09-20C++: Make sure String::GetValue() and Key::GetValue() don't crash with NULL ↵Gravatar Nikias Bassen2-4/+14
strings
2014-09-20Added const to Array.GetSize(), and to 3 Node methods.Gravatar Aaron Burghardt2-5/+5
2014-09-20Change Clone() to be const, which required constructors with const ↵Gravatar Aaron Burghardt11-32/+37
references and a const GetValue().
2014-08-25Fixed memory leaks in new_xml_plist() and parse_real_node().Gravatar Aaron Burghardt2-3/+1
2014-08-06bplist: Silence compiler warning about 'always true' comparison due to type ↵Gravatar Nikias Bassen1-2/+6
mismatch
2014-05-27xplist: Fix keys not being output correctly if converted to XML entitiesGravatar Martin Szulecki1-5/+11
2014-05-23Handle signed vs. unsigned integer values correctlyGravatar Nikias Bassen2-5/+53
2014-05-22xplist: Handle DST-affected timezones correctlyGravatar Nikias Bassen1-1/+1
2014-05-22xplist: Fix PLIST_DATE handling to respect the Mac epochGravatar Nikias Bassen1-2/+4
2014-05-21xplist: Fix PLIST_DATE parsing in xml_to_node()Gravatar Nikias Bassen1-1/+1
2014-05-20Removed plist_set_type() as it should not be used.Gravatar Nikias Bassen1-30/+0
2014-05-20Rename "index" variable as it shadows global declaration on older systemsGravatar Martin Szulecki3-7/+7
2014-05-18xplist: Silence compiler warnings about shadowing global declarationsGravatar Nikias Bassen1-8/+8