libxml_util.cc should not specify XML_PARSE_RECOVER |
||
Issue descriptionAs reported by wellnhofer@ (contributor to libxml2) we should not use XML_PARSE_RECOVER when parsing XML in production code: "Note that it's discouraged to use XML_PARSE_RECOVER in production code. This flag hides errors in invalid XML and exercises some less-tested code paths in libxml2." (see https://mail.gnome.org/archives/xml/2018-January/msg00016.html)
,
Jan 22 2018
I don't know definitively, but I would guess that we don't need it, and best not to use it. Code used inside blink renderer does not use that flag: https://cs.chromium.org/chromium/src/third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp?l=685&rcl=4877f1a174745116edb5517953572c8854caae2e
,
Jan 22 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/48644d1d51e394b12c85652296e879afe8adf601 commit 48644d1d51e394b12c85652296e879afe8adf601 Author: Jay Civelli <jcivelli@google.com> Date: Mon Jan 22 22:41:22 2018 Don't use XML_PARSE_RECOVER when parsing XML code. The use of XML_PARSE_RECOVER in libxml2 is discouraged in production code as it hides errors in invalid XML and exercises some less-tested code paths in libxml2. Bug: 804379 Change-Id: Ic7a93d4a7e30d250beb8f018b923baad074d4f0d Reviewed-on: https://chromium-review.googlesource.com/879106 Reviewed-by: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Joel Hockey <joelhockey@chromium.org> Commit-Queue: Jay Civelli <jcivelli@chromium.org> Cr-Commit-Position: refs/heads/master@{#531016} [modify] https://crrev.com/48644d1d51e394b12c85652296e879afe8adf601/third_party/libxml/chromium/libxml_utils.cc
,
Jan 22 2018
,
Jan 25 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2 commit bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2 Author: Jay Civelli <jcivelli@google.com> Date: Thu Jan 25 00:08:24 2018 Moving the extension JSONRuleset unpacking to the browser process. The JSON ruleset parsing step when unpacking an extension now happens in the browser process using the safe JSON parser. Also several changes from base::Bind to base::BindOnce. Bug: 804379 Change-Id: Ie133b429a0ae101c368568b4ae73b940b07d1744 Reviewed-on: https://chromium-review.googlesource.com/879352 Commit-Queue: Jay Civelli <jcivelli@chromium.org> Reviewed-by: Reilly Grant <reillyg@chromium.org> Reviewed-by: Tom Sepez <tsepez@chromium.org> Cr-Commit-Position: refs/heads/master@{#531754} [modify] https://crrev.com/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2/extensions/browser/sandboxed_unpacker.cc [modify] https://crrev.com/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2/extensions/browser/sandboxed_unpacker.h [modify] https://crrev.com/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2/extensions/common/extension_unpacker.mojom [modify] https://crrev.com/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2/extensions/utility/unpacker.cc [modify] https://crrev.com/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2/extensions/utility/unpacker.h [modify] https://crrev.com/bed6dcd76f3d0c8aca7c933d84d558f85f8bcbb2/extensions/utility/utility_handler.cc |
||
►
Sign in to add a comment |
||
Comment 1 by jcivelli@chromium.org
, Jan 22 2018