mirror of
https://github.com/lighttransport/tinyusdz.git
synced 2026-01-18 01:11:17 +01:00
a106f9b3b0
Implement a custom XML parser specifically designed for MaterialX documents with built-in security features and no external dependencies. This parser will replace pugixml in usdMtlx to improve security and reduce dependencies. Features: - Hand-written XML tokenizer with security limits (max string/name length) - Simple DOM parser optimized for MaterialX structure - MaterialX-specific document object model - pugixml-compatible adapter for easy migration - Comprehensive test suite and examples Security improvements: - Bounds checking on all string operations - Maximum nesting depth limits (1000 levels) - Safe entity handling (HTML entities) - No buffer overflows or out-of-bounds access - Memory limits enforced (1MB text, 64KB strings) The parser supports MaterialX versions 1.36, 1.37, and 1.38. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>