[3.12] gh-139312: Update bundled libexpat to 2.7.3 (GH-139319) (GH-139662)

(cherry picked from commit 48d0d0dd9733eae4935f2ebd31bef786d8074fc8)

Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>

diff --git a/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
new file mode 100644 (file)
index 0000000..5178bda
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
@@ -0,0 +1 @@
+Upgrade bundled libexpat to 2.7.3

diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json
index a8549ff0ecc2fcb6bc64dba57cd8e16c4f923f19..ac6fce52ea4032cbdd3c08d973c4eb58d8951e9e 100644 (file)
--- a/Misc/sbom.spdx.json
+++ b/Misc/sbom.spdx.json
@@ -48,11 +48,11 @@
       "checksums": [
         {
           "algorithm": "SHA1",
-          "checksumValue": "50f54bbbcb4ad6bf15ce98b5e5264ce7803dc6c2"
+          "checksumValue": "a4395dd0589a97aab0904f7a5f5dc5781a086aa2"
         },
         {
           "algorithm": "SHA256",
-          "checksumValue": "7d719f40eaa1b82404b34d2da52b7cb2a829e043bdfd595de0927230948b4e68"
+          "checksumValue": "610b844bbfa3ec955772cc825db4d4db470827d57adcb214ad372d0eaf00e591"
         }
       ],
       "fileName": "Modules/expat/expat.h"
@@ -90,11 +90,11 @@
       "checksums": [
         {
           "algorithm": "SHA1",
-          "checksumValue": "86256fc95cfa2e96ffb22381156eaea49448c3cd"
+          "checksumValue": "7dce7d98943c5db33ae05e54801dcafb4547b9dd"
         },
         {
           "algorithm": "SHA256",
-          "checksumValue": "6379737f2830ca81df12288eef9bfcb9bed0eca04e0f45c9530e31d564257ea5"
+          "checksumValue": "6bfe307d52e7e4c71dbc30d3bd902a4905cdd83bbe4226a7e8dfa8e4c462a157"
         }
       ],
       "fileName": "Modules/expat/internal.h"
@@ -132,11 +132,11 @@
       "checksums": [
         {
           "algorithm": "SHA1",
-          "checksumValue": "3989510a52c14ed8de4201dacd2fbd30ef2dc9b9"
+          "checksumValue": "32a10fbb8027cea3134674912b896abca516b085"
         },
         {
           "algorithm": "SHA256",
-          "checksumValue": "1e1a803db6762925f5e9241c82560f2a0d782a227ed57d0b8842c489db04584c"
+          "checksumValue": "51d08c697d1e409f5ce0749c1a136a0e1618d3069cf544d86005f966f43a8f97"
         }
       ],
       "fileName": "Modules/expat/refresh.sh"
@@ -188,11 +188,11 @@
       "checksums": [
         {
           "algorithm": "SHA1",
-          "checksumValue": "675858751f293dee641ecfa41e8b5ba7009686e5"
+          "checksumValue": "4c81a1f04fc653877c63c834145c18f93cd95f3e"
         },
         {
           "algorithm": "SHA256",
-          "checksumValue": "6195b0847f6729cd938a1402543713f272a7a4559543c21554aaa7fb4b7bfc45"
+          "checksumValue": "04a379615f476d55f95ca1853107e20627b48ca4afe8d0fd5981ac77188bf0a6"
         }
       ],
       "fileName": "Modules/expat/xmlparse.c"
@@ -216,11 +216,11 @@
       "checksums": [
         {
           "algorithm": "SHA1",
-          "checksumValue": "7dc9b1090b7cde1b4acc5fd14904e17ab6bfa1c5"
+          "checksumValue": "ac2964cca107f62dd133bfd4736a9a17defbc401"
         },
         {
           "algorithm": "SHA256",
-          "checksumValue": "823ea41b18a2d78b60ba65f3af84da364b63f16cc4ed4869b4009a5f93cce874"
+          "checksumValue": "92e41f373b67f6e0dcd7735faef3c3f1e2c17fe59e007e6b74beef6a2e70fa88"
         }
       ],
       "fileName": "Modules/expat/xmlrole.h"
@@ -1562,14 +1562,14 @@
       "checksums": [
         {
           "algorithm": "SHA256",
-          "checksumValue": "13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7"
+          "checksumValue": "821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732"
         }
       ],
-      "downloadLocation": "https://github.com/libexpat/libexpat/releases/download/R_2_7_2/expat-2.7.2.tar.gz",
+      "downloadLocation": "https://github.com/libexpat/libexpat/releases/download/R_2_7_3/expat-2.7.3.tar.gz",
       "externalRefs": [
         {
           "referenceCategory": "SECURITY",
-          "referenceLocator": "cpe:2.3:a:libexpat_project:libexpat:2.7.2:*:*:*:*:*:*:*",
+          "referenceLocator": "cpe:2.3:a:libexpat_project:libexpat:2.7.3:*:*:*:*:*:*:*",
           "referenceType": "cpe23Type"
         }
       ],
@@ -1577,7 +1577,7 @@
       "name": "expat",
       "originator": "Organization: Expat development team",
       "primaryPackagePurpose": "SOURCE",
-      "versionInfo": "2.7.2"
+      "versionInfo": "2.7.3"
     },
     {
       "SPDXID": "SPDXRef-PACKAGE-hacl-star",

diff --git a/Modules/expat/expat.h b/Modules/expat/expat.h
index bb9cdedbac7d3e05f17a2d005d9dc006d16dd62e..290dfeb0f6dd6a5851e488674a0a41566c9f88db 100644 (file)
--- a/Modules/expat/expat.h
+++ b/Modules/expat/expat.h
@@ -19,6 +19,7 @@
    Copyright (c) 2023      Hanno Böck <hanno@gentoo.org>
    Copyright (c) 2023      Sony Corporation / Snild Dolkow <snild@sony.com>
    Copyright (c) 2024      Taichi Haradaguchi <20001722@ymail.ne.jp>
+   Copyright (c) 2025      Matthew Fernandez <matthew.fernandez@gmail.com>
    Licensed under the MIT license:
 
    Permission is  hereby granted,  free of charge,  to any  person obtaining
@@ -276,7 +277,7 @@ XML_ParserCreate_MM(const XML_Char *encoding,
 
 /* Prepare a parser object to be reused.  This is particularly
    valuable when memory allocation overhead is disproportionately high,
-   such as when a large number of small documnents need to be parsed.
+   such as when a large number of small documents need to be parsed.
    All handlers are cleared from the parser, except for the
    unknownEncodingHandler. The parser's external state is re-initialized
    except for the values of ns and ns_triplets.
@@ -1081,7 +1082,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
 */
 #  define XML_MAJOR_VERSION 2
 #  define XML_MINOR_VERSION 7
-#  define XML_MICRO_VERSION 2
+#  define XML_MICRO_VERSION 3
 
 #  ifdef __cplusplus
 }

diff --git a/Modules/expat/internal.h b/Modules/expat/internal.h
index 6e087858ebbe927b07a83cc257fd1b8465bc49da..8f5edf48ef7c0070f896940d135cf02f21623985 100644 (file)
--- a/Modules/expat/internal.h
+++ b/Modules/expat/internal.h
@@ -108,6 +108,7 @@
 #endif
 
 #include <limits.h> // ULONG_MAX
+#include <stddef.h> // size_t
 
 #if defined(_WIN32)                                                            \
     && (! defined(__USE_MINGW_ANSI_STDIO)                                      \
@@ -153,6 +154,11 @@
 #define EXPAT_ALLOC_TRACKER_ACTIVATION_THRESHOLD_DEFAULT                       \
   67108864 // 64 MiB, 2^26
 
+// NOTE: If function expat_alloc was user facing, EXPAT_MALLOC_ALIGNMENT would
+//       have to take sizeof(long double) into account
+#define EXPAT_MALLOC_ALIGNMENT sizeof(long long) // largest parser (sub)member
+#define EXPAT_MALLOC_PADDING ((EXPAT_MALLOC_ALIGNMENT) - sizeof(size_t))
+
 /* NOTE END */
 
 #include "expat.h" // so we can use type XML_Parser below

diff --git a/Modules/expat/refresh.sh b/Modules/expat/refresh.sh
index 5207ef2f88d40d8b526da74fbdac3bff5d3f1966..a8cca16a7a41f548cb68cb6d8d59d483e0d50e72 100755 (executable)
--- a/Modules/expat/refresh.sh
+++ b/Modules/expat/refresh.sh
@@ -12,9 +12,9 @@ fi
 
 # Update this when updating to a new version after verifying that the changes
 # the update brings in are good. These values are used for verifying the SBOM, too.
-expected_libexpat_tag="R_2_7_2"
-expected_libexpat_version="2.7.2"
-expected_libexpat_sha256="13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7"
+expected_libexpat_tag="R_2_7_3"
+expected_libexpat_version="2.7.3"
+expected_libexpat_sha256="821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732"
 
 expat_dir="$(realpath "$(dirname -- "${BASH_SOURCE[0]}")")"
 cd ${expat_dir}

diff --git a/Modules/expat/xmlparse.c b/Modules/expat/xmlparse.c
index de1594934900611be0334c61be08f619b86f78e7..a187a3a18f19943483de18598d48c8df33deda3a 100644 (file)
--- a/Modules/expat/xmlparse.c
+++ b/Modules/expat/xmlparse.c
@@ -1,4 +1,4 @@
-/* 60e137abb91af642d6c3988f8f133d23329b32638659c74d47125fc0faf6ddd5 (2.7.2+)
+/* 28bcd8b1ba7eb595d82822908257fd9c3589b4243e3c922d0369f35bfcd7b506 (2.7.3+)
                             __  __            _
                          ___\ \/ /_ __   __ _| |_
                         / _ \\  /| '_ \ / _` | __|
@@ -41,6 +41,7 @@
    Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <snild@sony.com>
    Copyright (c) 2024-2025 Berkay Eren Ürün <berkay.ueruen@siemens.com>
    Copyright (c) 2024      Hanno Böck <hanno@gentoo.org>
+   Copyright (c) 2025      Matthew Fernandez <matthew.fernandez@gmail.com>
    Licensed under the MIT license:
 
    Permission is  hereby granted,  free of charge,  to any  person obtaining
@@ -850,14 +851,14 @@ static void *
 #  endif
 expat_malloc(XML_Parser parser, size_t size, int sourceLine) {
   // Detect integer overflow
-  if (SIZE_MAX - size < sizeof(size_t)) {
+  if (SIZE_MAX - size < sizeof(size_t) + EXPAT_MALLOC_PADDING) {
     return NULL;
   }
 
   const XML_Parser rootParser = getRootParserOf(parser, NULL);
   assert(rootParser->m_parentParser == NULL);
 
-  const size_t bytesToAllocate = sizeof(size_t) + size;
+  const size_t bytesToAllocate = sizeof(size_t) + EXPAT_MALLOC_PADDING + size;
 
   if ((XmlBigCount)-1 - rootParser->m_alloc_tracker.bytesAllocated
       < bytesToAllocate) {
@@ -894,7 +895,7 @@ expat_malloc(XML_Parser parser, size_t size, int sourceLine) {
                     rootParser->m_alloc_tracker.peakBytesAllocated, sourceLine);
   }
 
-  return (char *)mallocedPtr + sizeof(size_t);
+  return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING;
 }
 
 #  if defined(XML_TESTING)
@@ -914,8 +915,9 @@ expat_free(XML_Parser parser, void *ptr, int sourceLine) {
 
   // Extract size (to the eyes of malloc_fcn/realloc_fcn) and
   // the original pointer returned by malloc/realloc
-  void *const mallocedPtr = (char *)ptr - sizeof(size_t);
-  const size_t bytesAllocated = sizeof(size_t) + *(size_t *)mallocedPtr;
+  void *const mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t);
+  const size_t bytesAllocated
+      = sizeof(size_t) + EXPAT_MALLOC_PADDING + *(size_t *)mallocedPtr;
 
   // Update accounting
   assert(rootParser->m_alloc_tracker.bytesAllocated >= bytesAllocated);
@@ -954,7 +956,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) {
 
   // Extract original size (to the eyes of the caller) and the original
   // pointer returned by malloc/realloc
-  void *mallocedPtr = (char *)ptr - sizeof(size_t);
+  void *mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t);
   const size_t prevSize = *(size_t *)mallocedPtr;
 
   // Classify upcoming change
@@ -969,8 +971,13 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) {
     }
   }
 
+  // NOTE: Integer overflow detection has already been done for us
+  //       by expat_heap_increase_tolerable(..) above
+  assert(SIZE_MAX - sizeof(size_t) - EXPAT_MALLOC_PADDING >= size);
+
   // Actually allocate
-  mallocedPtr = parser->m_mem.realloc_fcn(mallocedPtr, sizeof(size_t) + size);
+  mallocedPtr = parser->m_mem.realloc_fcn(
+      mallocedPtr, sizeof(size_t) + EXPAT_MALLOC_PADDING + size);
 
   if (mallocedPtr == NULL) {
     return NULL;
@@ -1001,7 +1008,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) {
   // Update in-block recorded size
   *(size_t *)mallocedPtr = size;
 
-  return (char *)mallocedPtr + sizeof(size_t);
+  return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING;
 }
 #endif // XML_GE == 1
 
@@ -1337,7 +1344,8 @@ parserCreate(const XML_Char *encodingName,
   XML_Parser parser = NULL;
 
 #if XML_GE == 1
-  const size_t increase = sizeof(size_t) + sizeof(struct XML_ParserStruct);
+  const size_t increase
+      = sizeof(size_t) + EXPAT_MALLOC_PADDING + sizeof(struct XML_ParserStruct);
 
   if (parentParser != NULL) {
     const XML_Parser rootParser = getRootParserOf(parentParser, NULL);
@@ -1352,11 +1360,13 @@ parserCreate(const XML_Char *encodingName,
   if (memsuite) {
     XML_Memory_Handling_Suite *mtemp;
 #if XML_GE == 1
-    void *const sizeAndParser = memsuite->malloc_fcn(
-        sizeof(size_t) + sizeof(struct XML_ParserStruct));
+    void *const sizeAndParser
+        = memsuite->malloc_fcn(sizeof(size_t) + EXPAT_MALLOC_PADDING
+                               + sizeof(struct XML_ParserStruct));
     if (sizeAndParser != NULL) {
       *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct);
-      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t));
+      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)
+                            + EXPAT_MALLOC_PADDING);
 #else
     parser = memsuite->malloc_fcn(sizeof(struct XML_ParserStruct));
     if (parser != NULL) {
@@ -1369,11 +1379,12 @@ parserCreate(const XML_Char *encodingName,
   } else {
     XML_Memory_Handling_Suite *mtemp;
 #if XML_GE == 1
-    void *const sizeAndParser
-        = malloc(sizeof(size_t) + sizeof(struct XML_ParserStruct));
+    void *const sizeAndParser = malloc(sizeof(size_t) + EXPAT_MALLOC_PADDING
+                                       + sizeof(struct XML_ParserStruct));
     if (sizeAndParser != NULL) {
       *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct);
-      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t));
+      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)
+                            + EXPAT_MALLOC_PADDING);
 #else
     parser = malloc(sizeof(struct XML_ParserStruct));
     if (parser != NULL) {
@@ -6437,6 +6448,10 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end,
     // process its possible inner entities (which are added to the
     // m_openInternalEntities during doProlog or doContent calls above)
     entity->hasMore = XML_FALSE;
+    if (! entity->is_param
+        && (openEntity->startTagLevel != parser->m_tagLevel)) {
+      return XML_ERROR_ASYNC_ENTITY;
+    }
     triggerReenter(parser);
     return result;
   } // End of entity processing, "if" block will return here
@@ -8135,7 +8150,7 @@ poolGrow(STRING_POOL *pool) {
     if (bytesToAllocate == 0)
       return XML_FALSE;
 
-    temp = REALLOC(pool->parser, pool->blocks, (unsigned)bytesToAllocate);
+    temp = REALLOC(pool->parser, pool->blocks, bytesToAllocate);
     if (temp == NULL)
       return XML_FALSE;
     pool->blocks = temp;

diff --git a/Modules/expat/xmlrole.h b/Modules/expat/xmlrole.h
index 67bdd3dd5160fc5c243a9b2fdfcc24a5dbf2c33a..9d0d4ff11b7f98227aac9bc751b6d491d9d44037 100644 (file)
--- a/Modules/expat/xmlrole.h
+++ b/Modules/expat/xmlrole.h
@@ -10,7 +10,7 @@
    Copyright (c) 2000      Clark Cooper <coopercc@users.sourceforge.net>
    Copyright (c) 2002      Karl Waclawek <karl@waclawek.net>
    Copyright (c) 2002      Fred L. Drake, Jr. <fdrake@users.sourceforge.net>
-   Copyright (c) 2017-2024 Sebastian Pipping <sebastian@pipping.org>
+   Copyright (c) 2017-2025 Sebastian Pipping <sebastian@pipping.org>
    Licensed under the MIT license:
 
    Permission is  hereby granted,  free of charge,  to any  person obtaining