/ 
XML-Parser-2.47
⭐ Starred 8
Security Advisories (1)
CVE-2006-10003 (2026-03-19)

XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack. In the case (stackptr == stacksize - 1), the stack will NOT be expanded. Then the new value will be written at location (++stackptr), which equals stacksize and therefore falls just outside the allocated buffer. The bug can be observed when parsing an XML file with very deep element nesting

Changes for version 2.47 - 2023-12-28

  • #84 use $fh instead of $foo
    • #85 Fix typo in documentation
    • #89 Devel::CheckLib to from 0.99 -> 1.14
    • Devel::CheckLibn 1.16
    • #91 POD fix for verbatim text
    • #97 Add a LICENSE file
    • #94 Don't ship Expat/Makefile
    • Various github workflow improvements. Windows is still not working.

Documentation

README.md

Modules

XML::Parser::Expat
Lowlevel access to James Clark's expat XML parser
XML::Parser
A perl module for parsing XML documents
XML::Parser::Style::Debug
Debug style for XML::Parser
XML::Parser::Style::Objects
Objects styler parser
XML::Parser::Style::Stream
Stream style for XML::Parser
XML::Parser::Style::Subs
glue for handling element callbacks
XML::Parser::Style::Tree
Tree style parser

Examples

Other files