blob: 258b5e8f9104d773e816f1d9ec66d1cd609c5e87 (
plain) (
tree)
|
|
From dc2ce0df9be530e7ee91b0dfa6eb6ce2d5e5baad Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Fri, 5 Jul 2024 23:34:09 +0200
Subject: [PATCH] Fix GH-14834: Error installing PHP when --with-pear is used
libxml2 2.13 makes changes to how the parsing state is set, update our
code accordingly. In particular, it started reporting entities within
attributes, while it should only report entities inside text nodes.
---
ext/xml/compat.c | 2 +-
ext/xml/tests/gh14834.phpt | 29 +++++++++++++++++++++++++++++
2 files changed, 30 insertions(+), 1 deletion(-)
create mode 100644 ext/xml/tests/gh14834.phpt
diff --git a/ext/xml/compat.c b/ext/xml/compat.c
index 7b463ebb5112e..7ca015acc5421 100644
--- a/ext/xml/compat.c
+++ b/ext/xml/compat.c
@@ -376,7 +376,7 @@ _get_entity(void *user, const xmlChar *name)
if (ret == NULL)
ret = xmlGetDocEntity(parser->parser->myDoc, name);
- if (ret == NULL || (parser->parser->instate != XML_PARSER_ENTITY_VALUE && parser->parser->instate != XML_PARSER_ATTRIBUTE_VALUE)) {
+ if (ret == NULL || parser->parser->instate == XML_PARSER_CONTENT) {
if (ret == NULL || ret->etype == XML_INTERNAL_GENERAL_ENTITY || ret->etype == XML_INTERNAL_PARAMETER_ENTITY || ret->etype == XML_INTERNAL_PREDEFINED_ENTITY) {
/* Predefined entities will expand unless no cdata handler is present */
if (parser->h_default && ! (ret && ret->etype == XML_INTERNAL_PREDEFINED_ENTITY && parser->h_cdata)) {
diff --git a/ext/xml/tests/gh14834.phpt b/ext/xml/tests/gh14834.phpt
new file mode 100644
index 0000000000000..2781ba2ed0941
--- /dev/null
+++ b/ext/xml/tests/gh14834.phpt
@@ -0,0 +1,29 @@
+--TEST--
+GH-14834 (Error installing PHP when --with-pear is used)
+--EXTENSIONS--
+xml
+--FILE--
+<?php
+$xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE root [
+ <!ENTITY foo "ent">
+]>
+<root>
+ <element hint="hello'world">&foo;<![CDATA[ & ]]><?x & ?></element>
+</root>
+XML;
+
+$parser = xml_parser_create();
+xml_set_character_data_handler($parser, function($_, $data) {
+ var_dump($data);
+});
+xml_parse($parser, $xml, true);
+?>
+--EXPECT--
+string(3) "
+ "
+string(3) "ent"
+string(7) " & "
+string(1) "
+"
|