* configure.in, doc/xslt.html: updated for the release
* doc/*: regenerated

Similar to the previous fix to exsltFuncFunctionFunction,
exsltFuncResultElem also has to get the current node from the transform
context instead of the XPath context.

Thanks to Nicolas Gregoire for the report.

Fixes bug 786989.

An evaluation error in a secondary sort key could lead to a NULL pointer
dereference.

Thanks to Nicolas Gregoire for the report.

Fixes bug 785588.

Get the current node from the transform context. The current node in
the XPath context isn't guaranteed to be preserved when evaluating the
function template and could point to an invalid address.

Thanks to Nicolas Gregoire for the report.

Fixes bug 785589.

For now this is mainly useful if you work on a fork of the libxslt
mirror on GitHub:

    https://github.com/GNOME/libxslt

Start with two build setups:

- GCC with as many GNU extensions disabled as possible, trying to
  emulate a C89 compiler on a POSIX system.

- clang with ASan and UBSan.

The test suite doesn't set an exit code on failure, so log the test
output and grep for unexpected lines. This doesn't work for the Python
tests yet, so they're still disabled.

Fixes Python tests when using --with-libxml-src with a relative path.

libxml2 commit c851970 removed some useless error messages.

Found with libFuzzer and ASan.

Found with libFuzzer and ASan.

Found with libFuzzer and ASan.

Only call xmlXPathDebugDumpObject if the debug context is stdout or
stderr.

When encountering invalid UTF-8, xsltUTF8Size can return a size greater
than the actual string length or -1. Switch to xmlUTF8Strsize which
returns a sensible size even with invalid UTF-8.

Under normal conditions, libxslt should never receive invalid UTF-8.
But this change helps when fuzzing and hardens security.

Introduced recently with my commit

    38d4a907 Make xsl:decimal-format work with namespaces

Coverity CID 1434477. Also found with libFuzzer and ASan.

Make sure that all arguments are popped before checking for UTF-8
validity. Improves upon recent commit 1785d118.

Elliott Sales de Andrade authored May 18, 2017 and Nick Wellnhofer committed May 18, 2017

If no explicit path is specified, try pkg-config first, before
xml2-config. The reason is that pkg-config knows the difference between
static and shared dependencies and thus doesn't cause libxslt to be
linked against a bunch of extra stuff.

Say for example that libxml2 is compiled --with-icu, then it will be
linked against various libicu shared libraries. xml2-config will _also_
specify those libraries (because it doesn't know whether you are doing
static or shared linking) and thus libxslt is also linked against libicu
even though it does not use it.

On the other hand, pkg-config has Libs/Libs.private which separates
shared&static dependencies and so you can get libxslt to link to _only_
libxml2 without any other things.

Fixes bug #778549:

    https://bugzilla.gnome.org/show_bug.cgi?id=778549

Jan Pokorný authored May 18, 2017 and Nick Wellnhofer committed May 18, 2017

That could confuse library users that set their own error handler,
because there are already cases in libxslt that push a single message
in chunks (the same way as libxml2 does) and the user may be interested
in performing the message reconstruction on its own.

The type of the msg parameter of xmlStrPrintf has changed. See the
following libxml2 commit:

    4472c3a Fix some format string warnings with possible format string
            vulnerability

This improves performance with (pathologically) long strings. Make sure
to use a fast allocation scheme.

When encountering invalid UTF-8, xmlUTF8Size can return a size greater
than the actual string length or -1. Switch to xmlUTF8Strsize which
returns a sensible size even with invalid UTF-8.

Under normal conditions, libxslt should never receive invalid UTF-8.
But this change helps when fuzzing and hardens security.

Check whether xmlUTF8Strlen returns -1 for invalid UTF-8.

Under normal conditions, libxslt should never receive invalid UTF-8.
But this change helps when fuzzing and hardens security.

Fixes bug #765379:

    https://bugzilla.gnome.org/show_bug.cgi?id=765379

Add range checks to avoid undefined behavior.

Limit str:padding length to 100,000 chars.

Also fix parsing of duSecondFrag, see

    https://www.w3.org/TR/xmlschema11-2/#nt-duSeFrag

Fix memory leak in error case.

Clamp seconds field of durations to range 0..SECS_PER_DAY, simplifying
some calculations.

Also add overflow checks in _exsltDateAddDurCalc.

With time zones, the time difference can be more than two days,
requiring a modulo operation.

Use integer arithmetic where possible. Remove MODULO and FQUOTIENT
macros. Simplify _exsltDateAddDurCalc.

This function was only used with durations.

XML Schema Part 2 doesn't allow the year 0000 which seems to imply that
year 0001 is preceded by -0001. The old code followed this convention but
it represented the year -0001 as -1, requiring some adjustments when
crossing the beginning of year 0001.

Now the year -0001 is represented by 0 internally (astronomical year
numbering). This simplifies some calculations.

As a side effect, (XML Schema) years -0001, -0005, ... are now leap years.
Previously, years -0004, -0008, ... were leap years. The new behavior
seems more correct and better matches other implementations of the
proleptic Gregorian calendar.

Also fixes some bugs:

- Previously, date:day-in-week() returned wrong values for dates before
  the year 3 BC. For example, it returned 6 (Friday) for both
  '-0004-12-31' and '-0003-01-01'. Now it returns 4 (Wednesday) for
  '-0004-12-31' and 5 (Thursday) for '-0003-01-01' (because of the leap
  year change).

- date:add could return wrong results when crossing AD 1. For example,
  date:add('-0001-01-01', 'P2Y') would return '0001-01-01' instead of
  '0002-01-01'.

- Likewise, date:difference produced wrong results when working on
  years or yearMonths.

See http://stackoverflow.com/a/11595914

xsltMaxVars was added in 1.1.27 with a wrong version. We have to keep
the wrong version to not break the ABI.

Also regenerate libxslt.syms.

Fixes bug #780089:
https://bugzilla.gnome.org/show_bug.cgi?id=780089

Otherwise linking the resulting libraries to a binary (e.g. xsltproc)
fails when using gold linker:
| ../libxslt/.libs/libxslt.so: error: undefined reference to 'fmod'
| ../libxslt/.libs/libxslt.so: error: undefined reference to 'pow'
| ../libexslt/.libs/libexslt.so: error: undefined reference to 'floor'
| collect2: error: ld returned 1 exit status

Extensions could append text using xmlAddChild which will free the
buffer pointed to by 'lasttext'. This buffer could later be
reallocated with a different size than recorded in 'lasttsize'.

Fixes bug #777432:

https://bugzilla.gnome.org/show_bug.cgi?id=777432

Make stylesheets with <xsl:output method="html" version="5"/>
generate a HTML5 doctype. Fixes bug #778192:

https://bugzilla.gnome.org/show_bug.cgi?id=778192

Fixes bug #778170:

https://bugzilla.gnome.org/show_bug.cgi?id=778170