4 / _ \\ /| '_ \ / _` | __|
5 | __// \| |_) | (_| | |_
6 \___/_/\_\ .__/ \__,_|\__|
9 Copyright (c) 2001 Scott Bronson <bronson@rinspin.com>
10 Copyright (c) 2002-2003 Fred L. Drake, Jr. <fdrake@users.sourceforge.net>
11 Copyright (c) 2009 Karl Waclawek <karl@waclawek.net>
12 Copyright (c) 2016-2022 Sebastian Pipping <sebastian@pipping.org>
13 Copyright (c) 2016 Ardo van Rangelrooij <ardo@debian.org>
14 Copyright (c) 2017 Rhodri James <rhodri@wildebeest.org.uk>
15 Copyright (c) 2020 Joe Orton <jorton@redhat.com>
16 Copyright (c) 2021 Tim Bray <tbray@textuality.com>
18 this file is copyrighted under the GNU Free Documentation License 1.1.
20 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
21 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
22 <!ENTITY dhfirstname "<firstname>Scott</firstname>">
23 <!ENTITY dhsurname "<surname>Bronson</surname>">
24 <!ENTITY dhdate "<date>October 25, 2022</date>">
25 <!-- Please adjust this^^ date whenever cutting a new release. -->
26 <!ENTITY dhsection "<manvolnum>1</manvolnum>">
27 <!ENTITY dhemail "<email>bronson@rinspin.com</email>">
28 <!ENTITY dhusername "Scott Bronson">
29 <!ENTITY dhucpackage "<refentrytitle>XMLWF</refentrytitle>">
30 <!ENTITY dhpackage "xmlwf">
32 <!ENTITY debian "<productname>Debian GNU/Linux</productname>">
33 <!ENTITY gnu "<acronym>GNU</acronym>">
47 <holder>&dhusername;</holder>
57 <refname>&dhpackage;</refname>
59 <refpurpose>Determines if an XML document is well-formed</refpurpose>
63 <command>&dhpackage;</command>
64 <arg><replaceable>OPTIONS</replaceable></arg>
65 <arg><replaceable>FILE</replaceable> ...</arg>
68 <command>&dhpackage;</command>
69 <arg choice="plain"><option>-h</option></arg>
72 <command>&dhpackage;</command>
73 <arg choice="plain"><option>-v</option></arg>
78 <title>DESCRIPTION</title>
81 <command>&dhpackage;</command> uses the Expat library to
82 determine if an XML document is well-formed. It is
87 If you do not specify any files on the command-line, and you
88 have a recent version of <command>&dhpackage;</command>, the
89 input file will be read from standard input.
95 <title>WELL-FORMED DOCUMENTS</title>
98 A well-formed document must adhere to the
104 The file begins with an XML declaration. For instance,
105 <literal><?xml version="1.0" standalone="yes"?></literal>.
106 <emphasis>NOTE</emphasis>:
107 <command>&dhpackage;</command> does not currently
108 check for a valid XML declaration.
111 Every start tag is either empty (<tag/>)
112 or has a corresponding end tag.
115 There is exactly one root element. This element must contain
116 all other elements in the document. Only comments, white
117 space, and processing instructions may come after the close
121 All elements nest properly.
124 All attribute values are enclosed in quotes (either single
130 If the document has a DTD, and it strictly complies with that
131 DTD, then the document is also considered <emphasis>valid</emphasis>.
132 <command>&dhpackage;</command> is a non-validating parser --
133 it does not check the DTD. However, it does support
134 external entities (see the <option>-x</option> option).
139 <title>OPTIONS</title>
142 When an option includes an argument, you may specify the argument either
143 separately ("<option>-d</option> <replaceable>output</replaceable>") or concatenated with the
144 option ("<option>-d</option><replaceable>output</replaceable>"). <command>&dhpackage;</command>
151 <term><option>-a</option> <replaceable>factor</replaceable></term>
154 Sets the maximum tolerated amplification factor
155 for protection against billion laughs attacks (default: 100.0).
156 The amplification factor is calculated as ..
159 amplification := (direct + indirect) / direct
162 .. while parsing, whereas
163 <direct> is the number of bytes read
164 from the primary document in parsing and
165 <indirect> is the number of bytes
166 added by expanding entities and reading of external DTD files,
170 <emphasis>NOTE</emphasis>:
171 If you ever need to increase this value for non-attack payload,
172 please file a bug report.
178 <term><option>-b</option> <replaceable>bytes</replaceable></term>
181 Sets the number of output bytes (including amplification)
182 needed to activate protection against billion laughs attacks
184 This can be thought of as an "activation threshold".
187 <emphasis>NOTE</emphasis>:
188 If you ever need to increase this value for non-attack payload,
189 please file a bug report.
195 <term><option>-c</option></term>
198 If the input file is well-formed and <command>&dhpackage;</command>
199 doesn't encounter any errors, the input file is simply copied to
200 the output directory unchanged.
201 This implies no namespaces (turns off <option>-n</option>) and
202 requires <option>-d</option> to specify an output directory.
208 <term><option>-d</option> <replaceable>output-dir</replaceable></term>
211 Specifies a directory to contain transformed
212 representations of the input files.
213 By default, <option>-d</option> outputs a canonical representation
215 You can select different output formats using <option>-c</option>,
216 <option>-m</option> and <option>-N</option>.
219 The output filenames will
220 be exactly the same as the input filenames or "STDIN" if the input is
221 coming from standard input. Therefore, you must be careful that the
222 output file does not go into the same directory as the input
223 file. Otherwise, <command>&dhpackage;</command> will delete the
224 input file before it generates the output file (just like running
225 <literal>cat < file > file</literal> in most shells).
228 Two structurally equivalent XML documents have a byte-for-byte
229 identical canonical XML representation.
230 Note that ignorable white space is considered significant and
231 is treated equivalently to data.
232 More on canonical XML can be found at
233 http://www.jclark.com/xml/canonxml.html .
239 <term><option>-e</option> <replaceable>encoding</replaceable></term>
242 Specifies the character encoding for the document, overriding
243 any document encoding declaration. <command>&dhpackage;</command>
244 supports four built-in encodings:
245 <literal>US-ASCII</literal>,
246 <literal>UTF-8</literal>,
247 <literal>UTF-16</literal>, and
248 <literal>ISO-8859-1</literal>.
249 Also see the <option>-w</option> option.
255 <term><option>-k</option></term>
258 When processing multiple files, <command>&dhpackage;</command>
259 by default halts after the the first file with an error.
260 This tells <command>&dhpackage;</command> to report the error
261 but to keep processing.
262 This can be useful, for example, when testing a filter that converts
263 many files to XML and you want to quickly find out which conversions
270 <term><option>-m</option></term>
273 Outputs some strange sort of XML file that completely
274 describes the input file, including character positions.
275 Requires <option>-d</option> to specify an output file.
281 <term><option>-n</option></term>
284 Turns on namespace processing. (describe namespaces)
285 <option>-c</option> disables namespaces.
291 <term><option>-N</option></term>
294 Adds a doctype and notation declarations to canonical XML output.
295 This matches the example output used by the formal XML test cases.
296 Requires <option>-d</option> to specify an output file.
302 <term><option>-p</option></term>
305 Tells <command>&dhpackage;</command> to process external DTDs and parameter
309 Normally <command>&dhpackage;</command> never parses parameter
310 entities. <option>-p</option> tells it to always parse them.
311 <option>-p</option> implies <option>-x</option>.
317 <term><option>-r</option></term>
320 Normally <command>&dhpackage;</command> memory-maps the XML file
321 before parsing; this can result in faster parsing on many
323 <option>-r</option> turns off memory-mapping and uses normal file
325 Of course, memory-mapping is automatically turned off
326 when reading from standard input.
329 Use of memory-mapping can cause some platforms to report
330 substantially higher memory usage for
331 <command>&dhpackage;</command>, but this appears to be a matter of
332 the operating system reporting memory in a strange way; there is
333 not a leak in <command>&dhpackage;</command>.
339 <term><option>-s</option></term>
342 Prints an error if the document is not standalone.
343 A document is standalone if it has no external subset and no
344 references to parameter entities.
350 <term><option>-t</option></term>
353 Turns on timings. This tells Expat to parse the entire file,
354 but not perform any processing.
355 This gives a fairly accurate idea of the raw speed of Expat itself
356 without client overhead.
357 <option>-t</option> turns off most of the output options
358 (<option>-d</option>, <option>-m</option>, <option>-c</option>, ...).
364 <term><option>-v</option></term>
367 Prints the version of the Expat library being used, including some
368 information on the compile-time configuration of the library, and
375 <term><option>-w</option></term>
378 Enables support for Windows code pages.
379 Normally, <command>&dhpackage;</command> will throw an error if it
380 runs across an encoding that it is not equipped to handle itself. With
381 <option>-w</option>, <command>&dhpackage;</command> will try to use a Windows code
382 page. See also <option>-e</option>.
388 <term><option>-x</option></term>
391 Turns on parsing external entities.
394 Non-validating parsers are not required to resolve external
395 entities, or even expand entities at all.
396 Expat always expands internal entities (?),
397 but external entity parsing must be enabled explicitly.
400 External entities are simply entities that obtain their
401 data from outside the XML file currently being parsed.
404 This is an example of an internal entity:
406 <!ENTITY vers '1.0.2'>
410 And here are some examples of external entities:
413 <!ENTITY header SYSTEM "header-&vers;.xml"> (parsed)
414 <!ENTITY logo SYSTEM "logo.png" PNG> (unparsed)
422 <term><option>--</option></term>
426 Terminates the list of options. This is only needed if a filename
427 starts with a hyphen. For example:
430 &dhpackage; -- -myfile.xml
433 will run <command>&dhpackage;</command> on the file
434 <filename>-myfile.xml</filename>.
441 Older versions of <command>&dhpackage;</command> do not support
442 reading from standard input.
447 <title>OUTPUT</title>
449 <command>&dhpackage;</command> outputs nothing for files which are problem-free.
450 If any input file is not well-formed, or if the output for any
451 input file cannot be opened, <command>&dhpackage;</command> prints a single
452 line describing the problem to standard output.
455 If the <option>-k</option> option is not provided, <command>&dhpackage;</command>
456 halts upon encountering a well-formedness or output-file error.
457 If <option>-k</option> is provided, <command>&dhpackage;</command> continues
458 processing the remaining input files, describing problems found with any of them.
463 <title>EXIT STATUS</title>
464 <para>For option <option>-v</option> or <option>-h</option>, <command>&dhpackage;</command> always exits with status code 0. For other cases, the following exit status codes are returned:
467 <term><option>0</option></term>
468 <listitem><para>The input files are well-formed and the output (if requested) was written successfully.</para>
472 <term><option>1</option></term>
473 <listitem><para>An internal error occurred.</para>
477 <term><option>2</option></term>
478 <listitem><para>One or more input files were not well-formed or could not be parsed.</para>
482 <term><option>3</option></term>
483 <listitem><para>If using the <option>-d</option> option, an error occurred opening an output file.</para>
487 <term><option>4</option></term>
488 <listitem><para>There was a command-line argument error in how <command>&dhpackage;</command> was invoked.</para>
499 The errors should go to standard error, not standard output.
502 There should be a way to get <option>-d</option> to send its
503 output to standard output rather than forcing the user to send
507 I have no idea why anyone would want to use the
508 <option>-d</option>, <option>-c</option>, and
509 <option>-m</option> options. If someone could explain it to
510 me, I'd like to add this information to this manpage.
515 <title>SEE ALSO</title>
519 The Expat home page: https://libexpat.github.io/
520 The W3 XML 1.0 specification (fourth edition): https://www.w3.org/TR/2006/REC-xml-20060816/
521 Billion laughs attack: https://en.wikipedia.org/wiki/Billion_laughs_attack
528 <title>AUTHOR</title>
530 This manual page was originally written by &dhusername; &dhemail;
532 the &debian; system (but may be used by others). Permission is
533 granted to copy, distribute and/or modify this document under
534 the terms of the <acronym>GNU</acronym> Free Documentation
535 License, Version 1.1.