Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/libxml2/patches/Bug766834.patch
changeset 7949 e94c44902e51
equal deleted inserted replaced
7945:bb307b57cd05 7949:e94c44902e51 
       
     1 From 3169602058bd2d04913909e869c61d1540bc7fb4 Mon Sep 17 00:00:00 2001
 
       
     2 From: Alex Henrie <[email protected]>
 
       
     3 Date: Thu, 26 May 2016 17:38:35 -0600
 
       
     4 Subject: Fix attribute decoding during XML schema validation
 
       
     5 
       
     6 For https://bugzilla.gnome.org/show_bug.cgi?id=766834
 
       
     7 
       
     8 vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs,
 
       
     9 so this function can't call xmlStringLenDecodeEntities to decode the
 
       
    10 entities.
 
       
    11 ---
 
       
    12  xmlschemas.c | 30 +++++++++++++++++++++++++-----
 
       
    13  1 file changed, 25 insertions(+), 5 deletions(-)
 
       
    14 
       
    15 diff --git a/xmlschemas.c b/xmlschemas.c
 
       
    16 index 7afe2eb..d42afb7 100644
 
       
    17 --- a/xmlschemas.c
 
       
    18 +++ b/xmlschemas.c
 
       
    19 @@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
 
       
    20      * attributes yet.
 
       
    21      */
 
       
    22      if (nb_attributes != 0) {
 
       
    23 +	int valueLen, k, l;
 
       
    24  	xmlChar *value;
 
       
    25  
       
    26          for (j = 0, i = 0; i < nb_attributes; i++, j += 5) {
 
       
    27 @@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
 
       
    28  	    * libxml2 differs from normal SAX here in that it escapes all ampersands
 
       
    29  	    * as &#38; instead of delivering the raw converted string. Changing the
 
       
    30  	    * behavior at this point would break applications that use this API, so
 
       
    31 -	    * we are forced to work around it. There is no danger of accidentally
 
       
    32 -	    * decoding some entity other than &#38; in this step because without
 
       
    33 -	    * unescaped ampersands there can be no other entities in the string.
 
       
    34 +	    * we are forced to work around it.
 
       
    35  	    */
 
       
    36 -	    value = xmlStringLenDecodeEntities(vctxt->parserCtxt, attributes[j+3],
 
       
    37 -		attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0, 0);
 
       
    38 +	    valueLen = attributes[j+4] - attributes[j+3];
 
       
    39 +	    value = xmlMallocAtomic(valueLen + 1);
 
       
    40 +	    if (value == NULL) {
 
       
    41 +		xmlSchemaVErrMemory(vctxt,
 
       
    42 +		    "allocating string for decoded attribute",
 
       
    43 +		    NULL);
 
       
    44 +		goto internal_error;
 
       
    45 +	    }
 
       
    46 +	    for (k = 0, l = 0; k < valueLen; l++) {
 
       
    47 +		if (k < valueLen - 4 &&
 
       
    48 +		    attributes[j+3][k+0] == '&' &&
 
       
    49 +		    attributes[j+3][k+1] == '#' &&
 
       
    50 +		    attributes[j+3][k+2] == '3' &&
 
       
    51 +		    attributes[j+3][k+3] == '8' &&
 
       
    52 +		    attributes[j+3][k+4] == ';') {
 
       
    53 +		    value[l] = '&';
 
       
    54 +		    k += 5;
 
       
    55 +		} else {
 
       
    56 +		    value[l] = attributes[j+3][k];
 
       
    57 +		    k++;
 
       
    58 +		}
 
       
    59 +	    }
 
       
    60 +	    value[l] = '\0';
 
       
    61  	    /*
 
       
    62  	    * TODO: Set the node line.
 
       
    63  	    */
 
       
    64 -- 
       
    65 cgit v0.12
 
       
    66
upstream/oracle/userland-gate