|
 |
267d54 |
From 7c2be3213eeddd202c3e4c600cf3cfac06fb128a Mon Sep 17 00:00:00 2001
|
|
|
267d54 |
From: Daniel Veillard <veillard@redhat.com>
|
|
|
267d54 |
Date: Mon, 9 Nov 2015 18:07:18 +0800
|
|
|
267d54 |
Subject: [PATCH] Avoid processing entities after encoding conversion failures
|
|
|
267d54 |
To: libvir-list@redhat.com
|
|
|
267d54 |
|
|
|
267d54 |
For https://bugzilla.gnome.org/show_bug.cgi?id=756527
|
|
|
267d54 |
and was also raised by Chromium team in the past
|
|
|
267d54 |
|
|
|
267d54 |
When we hit a convwersion failure when switching encoding
|
|
|
267d54 |
it is bestter to stop parsing there, this was treated as a
|
|
|
267d54 |
fatal error but the parser was continuing to process to extract
|
|
|
267d54 |
more errors, unfortunately that makes little sense as the data
|
|
|
267d54 |
is obviously corrupt and can potentially lead to unexpected behaviour.
|
|
|
267d54 |
|
|
|
267d54 |
Signed-off-by: Daniel Veillard <veillard@redhat.com>
|
|
|
267d54 |
---
|
|
|
267d54 |
parser.c | 7 +++++--
|
|
|
267d54 |
parserInternals.c | 11 ++++++++++-
|
|
|
267d54 |
2 files changed, 15 insertions(+), 3 deletions(-)
|
|
|
267d54 |
|
|
|
267d54 |
diff --git a/parser.c b/parser.c
|
|
|
267d54 |
index 262db1e..134ea7f 100644
|
|
|
267d54 |
--- a/parser.c
|
|
|
267d54 |
+++ b/parser.c
|
|
|
267d54 |
@@ -10598,7 +10598,8 @@ xmlParseXMLDecl(xmlParserCtxtPtr ctxt) {
|
|
|
267d54 |
xmlFatalErrMsg(ctxt, XML_ERR_SPACE_REQUIRED, "Blank needed here\n");
|
|
|
267d54 |
}
|
|
|
267d54 |
xmlParseEncodingDecl(ctxt);
|
|
|
267d54 |
- if (ctxt->errNo == XML_ERR_UNSUPPORTED_ENCODING) {
|
|
|
267d54 |
+ if ((ctxt->errNo == XML_ERR_UNSUPPORTED_ENCODING) ||
|
|
|
267d54 |
+ (ctxt->instate == XML_PARSER_EOF)) {
|
|
|
267d54 |
/*
|
|
|
267d54 |
* The XML REC instructs us to stop parsing right here
|
|
|
267d54 |
*/
|
|
|
267d54 |
@@ -10722,6 +10723,7 @@ xmlParseDocument(xmlParserCtxtPtr ctxt) {
|
|
|
267d54 |
|
|
|
267d54 |
if (CUR == 0) {
|
|
|
267d54 |
xmlFatalErr(ctxt, XML_ERR_DOCUMENT_EMPTY, NULL);
|
|
|
267d54 |
+ return(-1);
|
|
|
267d54 |
}
|
|
|
267d54 |
|
|
|
267d54 |
/*
|
|
|
267d54 |
@@ -10739,7 +10741,8 @@ xmlParseDocument(xmlParserCtxtPtr ctxt) {
|
|
|
267d54 |
* Note that we will switch encoding on the fly.
|
|
|
267d54 |
*/
|
|
|
267d54 |
xmlParseXMLDecl(ctxt);
|
|
|
267d54 |
- if (ctxt->errNo == XML_ERR_UNSUPPORTED_ENCODING) {
|
|
|
267d54 |
+ if ((ctxt->errNo == XML_ERR_UNSUPPORTED_ENCODING) ||
|
|
|
267d54 |
+ (ctxt->instate == XML_PARSER_EOF)) {
|
|
|
267d54 |
/*
|
|
|
267d54 |
* The XML REC instructs us to stop parsing right here
|
|
|
267d54 |
*/
|
|
|
267d54 |
diff --git a/parserInternals.c b/parserInternals.c
|
|
|
267d54 |
index f8a7041..9acfea4 100644
|
|
|
267d54 |
--- a/parserInternals.c
|
|
|
267d54 |
+++ b/parserInternals.c
|
|
|
267d54 |
@@ -937,6 +937,7 @@ xmlSwitchEncoding(xmlParserCtxtPtr ctxt, xmlCharEncoding enc)
|
|
|
267d54 |
{
|
|
|
267d54 |
xmlCharEncodingHandlerPtr handler;
|
|
|
267d54 |
int len = -1;
|
|
|
267d54 |
+ int ret;
|
|
|
267d54 |
|
|
|
267d54 |
if (ctxt == NULL) return(-1);
|
|
|
267d54 |
switch (enc) {
|
|
|
267d54 |
@@ -1097,7 +1098,15 @@ xmlSwitchEncoding(xmlParserCtxtPtr ctxt, xmlCharEncoding enc)
|
|
|
267d54 |
if (handler == NULL)
|
|
|
267d54 |
return(-1);
|
|
|
267d54 |
ctxt->charset = XML_CHAR_ENCODING_UTF8;
|
|
|
267d54 |
- return(xmlSwitchToEncodingInt(ctxt, handler, len));
|
|
|
267d54 |
+ ret = xmlSwitchToEncodingInt(ctxt, handler, len);
|
|
|
267d54 |
+ if ((ret < 0) || (ctxt->errNo == XML_I18N_CONV_FAILED)) {
|
|
|
267d54 |
+ /*
|
|
|
267d54 |
+ * on encoding conversion errors, stop the parser
|
|
|
267d54 |
+ */
|
|
|
267d54 |
+ xmlStopParser(ctxt);
|
|
|
267d54 |
+ ctxt->errNo = XML_I18N_CONV_FAILED;
|
|
|
267d54 |
+ }
|
|
|
267d54 |
+ return(ret);
|
|
|
267d54 |
}
|
|
|
267d54 |
|
|
|
267d54 |
/**
|
|
|
267d54 |
--
|
|
|
267d54 |
2.5.0
|
|
|
267d54 |
|