gh-139312: Update bundled libexpat to 2.7.3 (GH-139319)

+ Blurb + Update sbom.spdx.json
2025-10-19 16:03:42 +00:00 · 2025-09-27 03:44:36 +01:00 · 2025-09-27 03:44:36 +01:00 · 48d0d0dd97
commit 48d0d0dd97
parent 93ac3525b9
7 changed files with 58 additions and 35 deletions
--- a/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
+++ b/Misc/NEWS.d/next/Library/2025-09-25-07-33-43.gh-issue-139312.ygE8AC.rst
@ -0,0 +1 @@
+Upgrade bundled libexpat to 2.7.3
--- a/Misc/sbom.spdx.json
+++ b/Misc/sbom.spdx.json
@ -48,11 +48,11 @@
      "checksums": [
        {
          "algorithm": "SHA1",
-          "checksumValue": "50f54bbbcb4ad6bf15ce98b5e5264ce7803dc6c2"
+          "checksumValue": "a4395dd0589a97aab0904f7a5f5dc5781a086aa2"
        },
        {
          "algorithm": "SHA256",
-          "checksumValue": "7d719f40eaa1b82404b34d2da52b7cb2a829e043bdfd595de0927230948b4e68"
+          "checksumValue": "610b844bbfa3ec955772cc825db4d4db470827d57adcb214ad372d0eaf00e591"
        }
      ],
      "fileName": "Modules/expat/expat.h"
@ -90,11 +90,11 @@
      "checksums": [
        {
          "algorithm": "SHA1",
-          "checksumValue": "86256fc95cfa2e96ffb22381156eaea49448c3cd"
+          "checksumValue": "7dce7d98943c5db33ae05e54801dcafb4547b9dd"
        },
        {
          "algorithm": "SHA256",
-          "checksumValue": "6379737f2830ca81df12288eef9bfcb9bed0eca04e0f45c9530e31d564257ea5"
+          "checksumValue": "6bfe307d52e7e4c71dbc30d3bd902a4905cdd83bbe4226a7e8dfa8e4c462a157"
        }
      ],
      "fileName": "Modules/expat/internal.h"
@ -174,11 +174,11 @@
      "checksums": [
        {
          "algorithm": "SHA1",
-          "checksumValue": "675858751f293dee641ecfa41e8b5ba7009686e5"
+          "checksumValue": "4c81a1f04fc653877c63c834145c18f93cd95f3e"
        },
        {
          "algorithm": "SHA256",
-          "checksumValue": "6195b0847f6729cd938a1402543713f272a7a4559543c21554aaa7fb4b7bfc45"
+          "checksumValue": "04a379615f476d55f95ca1853107e20627b48ca4afe8d0fd5981ac77188bf0a6"
        }
      ],
      "fileName": "Modules/expat/xmlparse.c"
@ -202,11 +202,11 @@
      "checksums": [
        {
          "algorithm": "SHA1",
-          "checksumValue": "7dc9b1090b7cde1b4acc5fd14904e17ab6bfa1c5"
+          "checksumValue": "ac2964cca107f62dd133bfd4736a9a17defbc401"
        },
        {
          "algorithm": "SHA256",
-          "checksumValue": "823ea41b18a2d78b60ba65f3af84da364b63f16cc4ed4869b4009a5f93cce874"
+          "checksumValue": "92e41f373b67f6e0dcd7735faef3c3f1e2c17fe59e007e6b74beef6a2e70fa88"
        }
      ],
      "fileName": "Modules/expat/xmlrole.h"
@ -1730,14 +1730,14 @@
      "checksums": [
        {
          "algorithm": "SHA256",
-          "checksumValue": "13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7"
+          "checksumValue": "821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732"
        }
      ],
-      "downloadLocation": "https://github.com/libexpat/libexpat/releases/download/R_2_7_2/expat-2.7.2.tar.gz",
+      "downloadLocation": "https://github.com/libexpat/libexpat/releases/download/R_2_7_3/expat-2.7.3.tar.gz",
      "externalRefs": [
        {
          "referenceCategory": "SECURITY",
-          "referenceLocator": "cpe:2.3:a:libexpat_project:libexpat:2.7.2:*:*:*:*:*:*:*",
+          "referenceLocator": "cpe:2.3:a:libexpat_project:libexpat:2.7.3:*:*:*:*:*:*:*",
          "referenceType": "cpe23Type"
        }
      ],
@ -1745,7 +1745,7 @@
      "name": "expat",
      "originator": "Organization: Expat development team",
      "primaryPackagePurpose": "SOURCE",
-      "versionInfo": "2.7.2"
+      "versionInfo": "2.7.3"
    },
    {
      "SPDXID": "SPDXRef-PACKAGE-hacl-star",
--- a/Modules/expat/expat.h
+++ b/Modules/expat/expat.h
@ -19,6 +19,7 @@
   Copyright (c) 2023      Hanno Böck <hanno@gentoo.org>
   Copyright (c) 2023      Sony Corporation / Snild Dolkow <snild@sony.com>
   Copyright (c) 2024      Taichi Haradaguchi <20001722@ymail.ne.jp>
+   Copyright (c) 2025      Matthew Fernandez <matthew.fernandez@gmail.com>
   Licensed under the MIT license:

   Permission is  hereby granted,  free of charge,  to any  person obtaining
@ -276,7 +277,7 @@ XML_ParserCreate_MM(const XML_Char *encoding,

 /* Prepare a parser object to be reused.  This is particularly
   valuable when memory allocation overhead is disproportionately high,
-   such as when a large number of small documnents need to be parsed.
+   such as when a large number of small documents need to be parsed.
   All handlers are cleared from the parser, except for the
   unknownEncodingHandler. The parser's external state is re-initialized
   except for the values of ns and ns_triplets.
@ -1081,7 +1082,7 @@ XML_SetReparseDeferralEnabled(XML_Parser parser, XML_Bool enabled);
 */
 #  define XML_MAJOR_VERSION 2
 #  define XML_MINOR_VERSION 7
-#  define XML_MICRO_VERSION 2
+#  define XML_MICRO_VERSION 3

 #  ifdef __cplusplus
 }
--- a/Modules/expat/internal.h
+++ b/Modules/expat/internal.h
@ -108,6 +108,7 @@
 #endif

 #include <limits.h> // ULONG_MAX
+#include <stddef.h> // size_t

 #if defined(_WIN32)                                                            \
    && (! defined(__USE_MINGW_ANSI_STDIO)                                      \
@ -153,6 +154,11 @@
 #define EXPAT_ALLOC_TRACKER_ACTIVATION_THRESHOLD_DEFAULT                       \
  67108864 // 64 MiB, 2^26

+// NOTE: If function expat_alloc was user facing, EXPAT_MALLOC_ALIGNMENT would
+//       have to take sizeof(long double) into account
+#define EXPAT_MALLOC_ALIGNMENT sizeof(long long) // largest parser (sub)member
+#define EXPAT_MALLOC_PADDING ((EXPAT_MALLOC_ALIGNMENT) - sizeof(size_t))
+
 /* NOTE END */

 #include "expat.h" // so we can use type XML_Parser below
--- a/Modules/expat/refresh.sh
+++ b/Modules/expat/refresh.sh
@ -12,9 +12,9 @@ fi

 # Update this when updating to a new version after verifying that the changes
 # the update brings in are good. These values are used for verifying the SBOM, too.
-expected_libexpat_tag="R_2_7_2"
-expected_libexpat_version="2.7.2"
-expected_libexpat_sha256="13d42a125897329bfeecab899cb9b5a3ec8c26072994b5cd4c41f28241f5bce7"
+expected_libexpat_tag="R_2_7_3"
+expected_libexpat_version="2.7.3"
+expected_libexpat_sha256="821ac9710d2c073eaf13e1b1895a9c9aa66c1157a99635c639fbff65cdbdd732"

 expat_dir="$(realpath "$(dirname -- "${BASH_SOURCE[0]}")")"
 cd ${expat_dir}
--- a/Modules/expat/xmlparse.c
+++ b/Modules/expat/xmlparse.c
@ -1,4 +1,4 @@
-/* 60e137abb91af642d6c3988f8f133d23329b32638659c74d47125fc0faf6ddd5 (2.7.2+)
+/* 28bcd8b1ba7eb595d82822908257fd9c3589b4243e3c922d0369f35bfcd7b506 (2.7.3+)
                            __  __            _
                         ___\ \/ /_ __   __ _| |_
                        / _ \\  /| '_ \ / _` | __|
@ -41,6 +41,7 @@
   Copyright (c) 2023-2024 Sony Corporation / Snild Dolkow <snild@sony.com>
   Copyright (c) 2024-2025 Berkay Eren Ürün <berkay.ueruen@siemens.com>
   Copyright (c) 2024      Hanno Böck <hanno@gentoo.org>
+   Copyright (c) 2025      Matthew Fernandez <matthew.fernandez@gmail.com>
   Licensed under the MIT license:

   Permission is  hereby granted,  free of charge,  to any  person obtaining
@ -850,14 +851,14 @@ static void *
 #  endif
 expat_malloc(XML_Parser parser, size_t size, int sourceLine) {
  // Detect integer overflow
-  if (SIZE_MAX - size < sizeof(size_t)) {
+  if (SIZE_MAX - size < sizeof(size_t) + EXPAT_MALLOC_PADDING) {
    return NULL;
  }

  const XML_Parser rootParser = getRootParserOf(parser, NULL);
  assert(rootParser->m_parentParser == NULL);

-  const size_t bytesToAllocate = sizeof(size_t) + size;
+  const size_t bytesToAllocate = sizeof(size_t) + EXPAT_MALLOC_PADDING + size;

  if ((XmlBigCount)-1 - rootParser->m_alloc_tracker.bytesAllocated
      < bytesToAllocate) {
@ -894,7 +895,7 @@ expat_malloc(XML_Parser parser, size_t size, int sourceLine) {
                    rootParser->m_alloc_tracker.peakBytesAllocated, sourceLine);
  }

-  return (char *)mallocedPtr + sizeof(size_t);
+  return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING;
 }

 #  if defined(XML_TESTING)
@ -914,8 +915,9 @@ expat_free(XML_Parser parser, void *ptr, int sourceLine) {

  // Extract size (to the eyes of malloc_fcn/realloc_fcn) and
  // the original pointer returned by malloc/realloc
-  void *const mallocedPtr = (char *)ptr - sizeof(size_t);
-  const size_t bytesAllocated = sizeof(size_t) + *(size_t *)mallocedPtr;
+  void *const mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t);
+  const size_t bytesAllocated
+      = sizeof(size_t) + EXPAT_MALLOC_PADDING + *(size_t *)mallocedPtr;

  // Update accounting
  assert(rootParser->m_alloc_tracker.bytesAllocated >= bytesAllocated);
@ -954,7 +956,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) {

  // Extract original size (to the eyes of the caller) and the original
  // pointer returned by malloc/realloc
-  void *mallocedPtr = (char *)ptr - sizeof(size_t);
+  void *mallocedPtr = (char *)ptr - EXPAT_MALLOC_PADDING - sizeof(size_t);
  const size_t prevSize = *(size_t *)mallocedPtr;

  // Classify upcoming change
@ -969,8 +971,13 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) {
    }
  }

+  // NOTE: Integer overflow detection has already been done for us
+  //       by expat_heap_increase_tolerable(..) above
+  assert(SIZE_MAX - sizeof(size_t) - EXPAT_MALLOC_PADDING >= size);
+
  // Actually allocate
-  mallocedPtr = parser->m_mem.realloc_fcn(mallocedPtr, sizeof(size_t) + size);
+  mallocedPtr = parser->m_mem.realloc_fcn(
+      mallocedPtr, sizeof(size_t) + EXPAT_MALLOC_PADDING + size);

  if (mallocedPtr == NULL) {
    return NULL;
@ -1001,7 +1008,7 @@ expat_realloc(XML_Parser parser, void *ptr, size_t size, int sourceLine) {
  // Update in-block recorded size
  *(size_t *)mallocedPtr = size;

-  return (char *)mallocedPtr + sizeof(size_t);
+  return (char *)mallocedPtr + sizeof(size_t) + EXPAT_MALLOC_PADDING;
 }
 #endif // XML_GE == 1

@ -1337,7 +1344,8 @@ parserCreate(const XML_Char *encodingName,
  XML_Parser parser = NULL;

 #if XML_GE == 1
-  const size_t increase = sizeof(size_t) + sizeof(struct XML_ParserStruct);
+  const size_t increase
+      = sizeof(size_t) + EXPAT_MALLOC_PADDING + sizeof(struct XML_ParserStruct);

  if (parentParser != NULL) {
    const XML_Parser rootParser = getRootParserOf(parentParser, NULL);
@ -1352,11 +1360,13 @@ parserCreate(const XML_Char *encodingName,
  if (memsuite) {
    XML_Memory_Handling_Suite *mtemp;
 #if XML_GE == 1
-    void *const sizeAndParser = memsuite->malloc_fcn(
-        sizeof(size_t) + sizeof(struct XML_ParserStruct));
+    void *const sizeAndParser
+        = memsuite->malloc_fcn(sizeof(size_t) + EXPAT_MALLOC_PADDING
+                               + sizeof(struct XML_ParserStruct));
    if (sizeAndParser != NULL) {
      *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct);
-      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t));
+      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)
+                            + EXPAT_MALLOC_PADDING);
 #else
    parser = memsuite->malloc_fcn(sizeof(struct XML_ParserStruct));
    if (parser != NULL) {
@ -1369,11 +1379,12 @@ parserCreate(const XML_Char *encodingName,
  } else {
    XML_Memory_Handling_Suite *mtemp;
 #if XML_GE == 1
-    void *const sizeAndParser
-        = malloc(sizeof(size_t) + sizeof(struct XML_ParserStruct));
+    void *const sizeAndParser = malloc(sizeof(size_t) + EXPAT_MALLOC_PADDING
+                                       + sizeof(struct XML_ParserStruct));
    if (sizeAndParser != NULL) {
      *(size_t *)sizeAndParser = sizeof(struct XML_ParserStruct);
-      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t));
+      parser = (XML_Parser)((char *)sizeAndParser + sizeof(size_t)
+                            + EXPAT_MALLOC_PADDING);
 #else
    parser = malloc(sizeof(struct XML_ParserStruct));
    if (parser != NULL) {
@ -6437,6 +6448,10 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end,
    // process its possible inner entities (which are added to the
    // m_openInternalEntities during doProlog or doContent calls above)
    entity->hasMore = XML_FALSE;
+    if (! entity->is_param
+        && (openEntity->startTagLevel != parser->m_tagLevel)) {
+      return XML_ERROR_ASYNC_ENTITY;
+    }
    triggerReenter(parser);
    return result;
  } // End of entity processing, "if" block will return here
@ -8135,7 +8150,7 @@ poolGrow(STRING_POOL *pool) {
    if (bytesToAllocate == 0)
      return XML_FALSE;

-    temp = REALLOC(pool->parser, pool->blocks, (unsigned)bytesToAllocate);
+    temp = REALLOC(pool->parser, pool->blocks, bytesToAllocate);
    if (temp == NULL)
      return XML_FALSE;
    pool->blocks = temp;
--- a/Modules/expat/xmlrole.h
+++ b/Modules/expat/xmlrole.h
@ -10,7 +10,7 @@
   Copyright (c) 2000      Clark Cooper <coopercc@users.sourceforge.net>
   Copyright (c) 2002      Karl Waclawek <karl@waclawek.net>
   Copyright (c) 2002      Fred L. Drake, Jr. <fdrake@users.sourceforge.net>
-   Copyright (c) 2017-2024 Sebastian Pipping <sebastian@pipping.org>
+   Copyright (c) 2017-2025 Sebastian Pipping <sebastian@pipping.org>
   Licensed under the MIT license:

   Permission is  hereby granted,  free of charge,  to any  person obtaining