* Fixed a container-overflow error in `ODDLParser::OpenDDLParser::parseIntegerLiteral` by swapping the order of conditions in a while loop to ensure the end-of-buffer check happens before dereferencing the pointer. This prevents reading past the end of the buffer when lookForNextToken returns the end pointer.
https://oss-fuzz.com/testcase-detail/4980126616780800https://issues.oss-fuzz.com/issues/42527625
* Update OpenDDLParser.cpp
* update pugixml
Improvements:
Many xml_attribute:: and xml_node:: functions now transparently support std::string_view and std::string when C++17 support is detected.
CMake improvements:
Improve pkg-config file generation for NixOS
PUGIXML_BUILD_APPLE_FRAMEWORK CMake option can be used to build pugixml as .xcframework
PUGIXML_INSTALL CMake option can be used to disable installation targets
Compatibility improvements:
Fix clang/gcc warnings -Wzero-as-null-pointer-constant, -Wuseless-cast, -Wshorten-64-to-32
Fix unreferenced function warnings in PUGIXML_NO_STL configuration
Fix CMake 3.31 deprecation warnings
Stop using deprecated throw() when noexcept is available
Improvements:
xml_attribute::set_name and xml_node::set_name now have overloads that accept pointer to non-null-terminated string and size
Implement parse_merge_pcdata parsing mode in which PCDATA contents is merged into a single node when original document had comments that were skipped during parsing
xml_document::load_file now returns a more consistent error status when given a path to a folder
Bug fixes:
Fix assertion in XPath number→string conversion when using non-English locales
Fix PUGIXML_STATIC_CRT CMake option to correctly select static CRT when using MSVC and recent CMake
Compatibility improvements:
Fix GCC 2.95/3.3 builds
Fix CMake 3.27 deprecation warnings
Fix XCode 14 sprintf deprecation warning when compiling in C++03 mode
Fix clang/gcc warnings -Wweak-vtables, -Wreserved-macro-identifier
* Update CMakeLists.txt
* pugixml: upgrade to v1.15
* pugixml: Add export directives for non-windows platforms
* pugixml: replace NULL by nullptr.
---------
Co-authored-by: Andrea <realeandrea@yahoo.it>
Co-authored-by: mosfet80 <10235105+mosfet80@users.noreply.github.com>
Version 1.5.7 release:
Using the versioned www.gstatic.com WASM and Javascript decoders continues
to be recommended. To use v1.5.7, use this URL:
https://www.gstatic.com/draco/versioned/decoders/1.5.7/*
Added support for normalized attributes to Emscripten encoder API.
Bug fixes.
Security fixes.
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
Without these changes, the warning "Type conversion may result in loss of data" might be triggered because `i` is of type `ssize_t` but the type of the parameter is `mz_uint` that is an alias for `unsinged int`.
This was already fixed in the original repository
see
d7a2252a53/src/zip.c (L481C49-L481C58)
and
d7a2252a53/src/zip.c (L538)
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Fix Whitespace
No functional changes. This commit removes trailing spaces, undesired line breaks, and formatting screwups.
* Remove more useless line breaks in license (500 out of 630 license copies do NOT use double line breaks here)
---------
Co-authored-by: Krishty <krishty@krishty.com>
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Fix unknown pragma error on msys2 mingw
* Fix missing assignment operator on msys2 mingw
Default is omitted by compiler because custom copy constructor
* Fix redefinition of _1 and _2 error on msys2 mingw
fix is converting it to lambda as clang is claiming that is
preferred
* Fix strncpy warnings about truncation
* Fix missing assignment operator error on clang
* Update glTFImporter.cpp
* Update glTF2Importer.cpp
---------
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Fix potential uninitialized variable in clipper
* Clipper: Fix second parameter as well.
---------
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
* Update tinyusdz to latest git commit
* Update patch file
* Bump to latest tinyusdz version
* Remove unused var (fix broken build for clients treating warnings-as-errors)
---------
Co-authored-by: Steve M <praktique-tellypresence@yahoo.com>
* Squash development commits for PR
* Fix failing build on armeabi-v7a via android NDK
* Update with blendshape support
* Migrate to auto-cloning and patching tinyusdz (instead of manually copying files)
* Update to latest rendermesh-refactor branch commit
* Remove tracked file
* Update to use recent commit to "dev" branch
"rendermesh-refactor" was merged to "dev" around 9 May 2024 but merge
was not obvious from commit messages
* Add UNUSED() macro
(cherry picked from commit d89fe8f034c353cc5cc5b3ac78cd8845e006de38)
* Update tinyusdz branch
* Prevent per-ABI (x86, x86_64 etc) clone on android
* Add verbose logging cmake option
* Fix macro and patch
* Address compiler warnings
* Address compiler warnings
* Address compiler warnings
* Attempt prevent re-clone/re-patch once downloaded by any ABI build
* Disable tinyusdz clone/build by default
assimp github PR auto-CI checks clone/build the tinyusdz code, and reject PR
due to compiler warnings in the 3rd party external tinyusdz project
---------
Co-authored-by: Steve M <praktique-tellypresence@yahoo.com>
* updated zip
udated zip from version 1.15 to version 3.0.2
* Check for double defined macro
* Update miniz.h
* Update zip.c
* Update zip.c
---------
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
Version 1.3.1 has these key changes:
Reject overflows of zip header fields in minizip
Fix bug in inflateSync() for data held in bit buffer
Add LIT_MEM define to use more memory for a small deflate speedup
Fix decision on the emission of Zip64 end records in minizip
Add bounds checking to ERR_MSG() macro, used by zError()
Neutralize zip file traversal attacks in miniunz
Fix a bug in ZLIB_DEBUG compiles in check_match()
Version 1.3 has these key changes:
Building using K&R (pre-ANSI) function definitions is no longer supported.
Fixed a bug in deflateBound() for level 0 and memLevel 9.
Fixed a bug when gzungetc() is used immediately after gzopen().
Fixed a bug when using gzflush() with a very small buffer.
Fixed a crash when gzsetparams() is attempted for a transparent write.
Fixed test/example.c to work with FORCE_STORED.
Fixed minizip to allow it to open an empty zip file.
Fixed reading disk number start on zip64 files in minizip.
Fixed a logic error in minizip argument processing.
Co-authored-by: Kim Kulling <kimkulling@users.noreply.github.com>
