diff options
| author | Stanislav Malyshev <stas@php.net> | 2016-04-24 23:50:57 -0700 | 
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2016-04-26 22:46:28 -0700 | 
| commit | dccda88f27a084bcbbb30198ace12b4e7ae961cc (patch) | |
| tree | 78b3e650084ee1f238092dec42b9d6d07081902d /ext/xml/xml.c | |
| parent | f856734c6789314ce50b19d36d523911ef6c6a79 (diff) | |
| download | php-git-dccda88f27a084bcbbb30198ace12b4e7ae961cc.tar.gz | |
Fix bug #72099: xml_parse_into_struct segmentation fault
Diffstat (limited to 'ext/xml/xml.c')
| -rw-r--r-- | ext/xml/xml.c | 106 | 
1 files changed, 53 insertions, 53 deletions
| diff --git a/ext/xml/xml.c b/ext/xml/xml.c index 84d4253b0f..5277588813 100644 --- a/ext/xml/xml.c +++ b/ext/xml/xml.c @@ -283,7 +283,7 @@ xml_encoding xml_encodings[] = {  static XML_Memory_Handling_Suite php_xml_mem_hdlrs;  /* True globals, no need for thread safety */ -static int le_xml_parser;  +static int le_xml_parser;  /* }}} */ @@ -343,7 +343,7 @@ PHP_MINIT_FUNCTION(xml)  	REGISTER_LONG_CONSTANT("XML_OPTION_SKIP_WHITE", PHP_XML_OPTION_SKIP_WHITE, CONST_CS|CONST_PERSISTENT);  	/* this object should not be pre-initialised at compile time, -	   as the order of members may vary */   +	   as the order of members may vary */  	php_xml_mem_hdlrs.malloc_fcn = php_xml_malloc_wrapper;  	php_xml_mem_hdlrs.realloc_fcn = php_xml_realloc_wrapper; @@ -404,7 +404,7 @@ static zval *_xml_xmlchar_zval(const XML_Char *s, int len, const XML_Char *encod  {  	zval *ret;  	MAKE_STD_ZVAL(ret); -	 +  	if (s == NULL) {  		ZVAL_FALSE(ret);  		return ret; @@ -422,7 +422,7 @@ static zval *_xml_xmlchar_zval(const XML_Char *s, int len, const XML_Char *encod  static void xml_parser_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC)  {  	xml_parser *parser = (xml_parser *)rsrc->ptr; -	 +  	if (parser->parser) {  		XML_ParserFree(parser->parser);  	} @@ -503,7 +503,7 @@ static void xml_set_handler(zval **handler, zval **data)  /* {{{ xml_call_handler() */  static zval *xml_call_handler(xml_parser *parser, zval *handler, zend_function *function_ptr, int argc, zval **argv)  { -	int i;	 +	int i;  	TSRMLS_FETCH();  	if (parser && handler && !EG(exception)) { @@ -516,7 +516,7 @@ static zval *xml_call_handler(xml_parser *parser, zval *handler, zend_function *  		for (i = 0; i < argc; i++) {  			args[i] = &argv[i];  		} -		 +  		fci.size = sizeof(fci);  		fci.function_table = EG(function_table);  		fci.function_name = handler; @@ -540,7 +540,7 @@ static zval *xml_call_handler(xml_parser *parser, zval *handler, zend_function *  					   Z_TYPE_PP(obj) == IS_OBJECT &&  					   Z_TYPE_PP(method) == IS_STRING) {  				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to call handler %s::%s()", Z_OBJCE_PP(obj)->name, Z_STRVAL_PP(method)); -			} else  +			} else  				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Unable to call handler");  		} @@ -739,14 +739,14 @@ static void _xml_add_to_info(xml_parser *parser,char *name)  	if (zend_hash_find(Z_ARRVAL_P(parser->info),name,strlen(name) + 1,(void **) &element) == FAILURE) {  		MAKE_STD_ZVAL(values); -		 +  		array_init(values); -		 +  		zend_hash_update(Z_ARRVAL_P(parser->info), name, strlen(name)+1, (void *) &values, sizeof(zval*), (void **) &element); -	}  -			 +	} +  	add_next_index_long(*element,parser->curtag); -	 +  	parser->curtag++;  }  /* }}} */ @@ -798,11 +798,11 @@ void _xml_startElementHandler(void *userData, const XML_Char *name, const XML_Ch  				efree(att);  			} -			 +  			if ((retval = xml_call_handler(parser, parser->startElementHandler, parser->startElementPtr, 3, args))) {  				zval_ptr_dtor(&retval);  			} -		}  +		}  		if (parser->data) {  			if (parser->level <= XML_MAXLEVEL)  { @@ -874,7 +874,7 @@ void _xml_endElementHandler(void *userData, const XML_Char *name)  			if ((retval = xml_call_handler(parser, parser->endElementHandler, parser->endElementPtr, 2, args))) {  				zval_ptr_dtor(&retval);  			} -		}  +		}  		if (parser->data) {  			zval *tag; @@ -885,13 +885,13 @@ void _xml_endElementHandler(void *userData, const XML_Char *name)  				MAKE_STD_ZVAL(tag);  				array_init(tag); -				   +  				_xml_add_to_info(parser,((char *) tag_name) + parser->toffset);  				add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */  				add_assoc_string(tag,"type","close",1);  				add_assoc_long(tag,"level",parser->level); -				   +  				zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);  			} @@ -923,7 +923,7 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)  			if ((retval = xml_call_handler(parser, parser->characterDataHandler, parser->characterDataPtr, 2, args))) {  				zval_ptr_dtor(&retval);  			} -		}  +		}  		if (parser->data) {  			int i; @@ -931,7 +931,7 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)  			char *decoded_value;  			int decoded_len; -			 +  			decoded_value = xml_utf8_decode(s,len,&decoded_len,parser->target_encoding);  			for (i = 0; i < decoded_len; i++) {  				switch (decoded_value[i]) { @@ -950,7 +950,7 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)  			if (doprint || (! parser->skipwhite)) {  				if (parser->lastwasopen) {  					zval **myval; -					 +  					/* check if the current tag already has a value - if yes append to that! */  					if (zend_hash_find(Z_ARRVAL_PP(parser->ctag),"value",sizeof("value"),(void **) &myval) == SUCCESS) {  						int newlen = Z_STRLEN_PP(myval) + decoded_len; @@ -961,7 +961,7 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)  					} else {  						add_assoc_string(*(parser->ctag),"value",decoded_value,0);  					} -					 +  				} else {  					zval *tag;  					zval **curtag, **mytype, **myval; @@ -984,7 +984,7 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)  						}  					} -					if (parser->level <= XML_MAXLEVEL) { +					if (parser->level <= XML_MAXLEVEL && parser->level > 0) {  						MAKE_STD_ZVAL(tag);  						array_init(tag); @@ -1046,8 +1046,8 @@ void _xml_defaultHandler(void *userData, const XML_Char *s, int len)  /* }}} */  /* {{{ _xml_unparsedEntityDeclHandler() */ -void _xml_unparsedEntityDeclHandler(void *userData,  -										 const XML_Char *entityName,  +void _xml_unparsedEntityDeclHandler(void *userData, +										 const XML_Char *entityName,  										 const XML_Char *base,  										 const XML_Char *systemId,  										 const XML_Char *publicId, @@ -1172,9 +1172,9 @@ static void php_xml_parser_create_impl(INTERNAL_FUNCTION_PARAMETERS, int ns_supp  	char *ns_param = NULL;  	int ns_param_len = 0; -	 +  	XML_Char *encoding; -	 +  	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, (ns_support ? "|ss": "|s"), &encoding_param, &encoding_param_len, &ns_param, &ns_param_len) == FAILURE) {  		RETURN_FALSE;  	} @@ -1220,15 +1220,15 @@ static void php_xml_parser_create_impl(INTERNAL_FUNCTION_PARAMETERS, int ns_supp  }  /* }}} */ -/* {{{ proto resource xml_parser_create([string encoding])  +/* {{{ proto resource xml_parser_create([string encoding])     Create an XML parser */  PHP_FUNCTION(xml_parser_create)  { -	php_xml_parser_create_impl(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);	 +	php_xml_parser_create_impl(INTERNAL_FUNCTION_PARAM_PASSTHRU, 0);  }  /* }}} */ -/* {{{ proto resource xml_parser_create_ns([string encoding [, string sep]])  +/* {{{ proto resource xml_parser_create_ns([string encoding [, string sep]])     Create an XML parser */  PHP_FUNCTION(xml_parser_create_ns)  { @@ -1236,7 +1236,7 @@ PHP_FUNCTION(xml_parser_create_ns)  }  /* }}} */ -/* {{{ proto int xml_set_object(resource parser, object &obj)  +/* {{{ proto int xml_set_object(resource parser, object &obj)     Set up object which should be used for callbacks */  PHP_FUNCTION(xml_set_object)  { @@ -1256,7 +1256,7 @@ PHP_FUNCTION(xml_set_object)  	/* please leave this commented - or ask thies@thieso.net before doing it (again) */  /* #ifdef ZEND_ENGINE_2 -	zval_add_ref(&parser->object);  +	zval_add_ref(&parser->object);  #endif */  	ALLOC_ZVAL(parser->object); @@ -1266,7 +1266,7 @@ PHP_FUNCTION(xml_set_object)  }  /* }}} */ -/* {{{ proto int xml_set_element_handler(resource parser, string shdl, string ehdl)  +/* {{{ proto int xml_set_element_handler(resource parser, string shdl, string ehdl)     Set up start and end element handlers */  PHP_FUNCTION(xml_set_element_handler)  { @@ -1286,7 +1286,7 @@ PHP_FUNCTION(xml_set_element_handler)  }  /* }}} */ -/* {{{ proto int xml_set_character_data_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_character_data_handler(resource parser, string hdl)     Set up character data handler */  PHP_FUNCTION(xml_set_character_data_handler)  { @@ -1305,7 +1305,7 @@ PHP_FUNCTION(xml_set_character_data_handler)  }  /* }}} */ -/* {{{ proto int xml_set_processing_instruction_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_processing_instruction_handler(resource parser, string hdl)     Set up processing instruction (PI) handler */  PHP_FUNCTION(xml_set_processing_instruction_handler)  { @@ -1324,7 +1324,7 @@ PHP_FUNCTION(xml_set_processing_instruction_handler)  }  /* }}} */ -/* {{{ proto int xml_set_default_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_default_handler(resource parser, string hdl)     Set up default handler */  PHP_FUNCTION(xml_set_default_handler)  { @@ -1342,7 +1342,7 @@ PHP_FUNCTION(xml_set_default_handler)  }  /* }}} */ -/* {{{ proto int xml_set_unparsed_entity_decl_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_unparsed_entity_decl_handler(resource parser, string hdl)     Set up unparsed entity declaration handler */  PHP_FUNCTION(xml_set_unparsed_entity_decl_handler)  { @@ -1361,7 +1361,7 @@ PHP_FUNCTION(xml_set_unparsed_entity_decl_handler)  }  /* }}} */ -/* {{{ proto int xml_set_notation_decl_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_notation_decl_handler(resource parser, string hdl)     Set up notation declaration handler */  PHP_FUNCTION(xml_set_notation_decl_handler)  { @@ -1379,7 +1379,7 @@ PHP_FUNCTION(xml_set_notation_decl_handler)  }  /* }}} */ -/* {{{ proto int xml_set_external_entity_ref_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_external_entity_ref_handler(resource parser, string hdl)     Set up external entity reference handler */  PHP_FUNCTION(xml_set_external_entity_ref_handler)  { @@ -1397,7 +1397,7 @@ PHP_FUNCTION(xml_set_external_entity_ref_handler)  }  /* }}} */ -/* {{{ proto int xml_set_start_namespace_decl_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_start_namespace_decl_handler(resource parser, string hdl)     Set up character data handler */  PHP_FUNCTION(xml_set_start_namespace_decl_handler)  { @@ -1416,7 +1416,7 @@ PHP_FUNCTION(xml_set_start_namespace_decl_handler)  }  /* }}} */ -/* {{{ proto int xml_set_end_namespace_decl_handler(resource parser, string hdl)  +/* {{{ proto int xml_set_end_namespace_decl_handler(resource parser, string hdl)     Set up character data handler */  PHP_FUNCTION(xml_set_end_namespace_decl_handler)  { @@ -1435,7 +1435,7 @@ PHP_FUNCTION(xml_set_end_namespace_decl_handler)  }  /* }}} */ -/* {{{ proto int xml_parse(resource parser, string data [, int isFinal])  +/* {{{ proto int xml_parse(resource parser, string data [, int isFinal])     Start parsing an XML document */  PHP_FUNCTION(xml_parse)  { @@ -1471,8 +1471,8 @@ PHP_FUNCTION(xml_parse_into_struct)  	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsZ|Z", &pind, &data, &data_len, &xdata, &info) == FAILURE) {  		return;  	} -	 -	if (info) {	 + +	if (info) {  		zval_dtor(*info);  		array_init(*info);  	} @@ -1483,11 +1483,11 @@ PHP_FUNCTION(xml_parse_into_struct)  	array_init(*xdata);  	parser->data = *xdata; -	 +  	if (info) {  		parser->info = *info;  	} -	 +  	parser->level = 0;  	parser->ltags = safe_emalloc(XML_MAXLEVEL, sizeof(char *), 0); @@ -1503,7 +1503,7 @@ PHP_FUNCTION(xml_parse_into_struct)  }  /* }}} */ -/* {{{ proto int xml_get_error_code(resource parser)  +/* {{{ proto int xml_get_error_code(resource parser)     Get XML parser error code */  PHP_FUNCTION(xml_get_error_code)  { @@ -1537,7 +1537,7 @@ PHP_FUNCTION(xml_error_string)  }  /* }}} */ -/* {{{ proto int xml_get_current_line_number(resource parser)  +/* {{{ proto int xml_get_current_line_number(resource parser)     Get current line number for an XML parser */  PHP_FUNCTION(xml_get_current_line_number)  { @@ -1569,7 +1569,7 @@ PHP_FUNCTION(xml_get_current_column_number)  }  /* }}} */ -/* {{{ proto int xml_get_current_byte_index(resource parser)  +/* {{{ proto int xml_get_current_byte_index(resource parser)     Get current byte index for an XML parser */  PHP_FUNCTION(xml_get_current_byte_index)  { @@ -1585,7 +1585,7 @@ PHP_FUNCTION(xml_get_current_byte_index)  }  /* }}} */ -/* {{{ proto int xml_parser_free(resource parser)  +/* {{{ proto int xml_parser_free(resource parser)     Free an XML parser */  PHP_FUNCTION(xml_parser_free)  { @@ -1611,7 +1611,7 @@ PHP_FUNCTION(xml_parser_free)  }  /* }}} */ -/* {{{ proto int xml_parser_set_option(resource parser, int option, mixed value)  +/* {{{ proto int xml_parser_set_option(resource parser, int option, mixed value)     Set options in an XML parser */  PHP_FUNCTION(xml_parser_set_option)  { @@ -1657,7 +1657,7 @@ PHP_FUNCTION(xml_parser_set_option)  }  /* }}} */ -/* {{{ proto int xml_parser_get_option(resource parser, int option)  +/* {{{ proto int xml_parser_get_option(resource parser, int option)     Get options from an XML parser */  PHP_FUNCTION(xml_parser_get_option)  { @@ -1687,7 +1687,7 @@ PHP_FUNCTION(xml_parser_get_option)  }  /* }}} */ -/* {{{ proto string utf8_encode(string data)  +/* {{{ proto string utf8_encode(string data)     Encodes an ISO-8859-1 string to UTF-8 */  PHP_FUNCTION(utf8_encode)  { @@ -1707,7 +1707,7 @@ PHP_FUNCTION(utf8_encode)  }  /* }}} */ -/* {{{ proto string utf8_decode(string data)  +/* {{{ proto string utf8_decode(string data)     Converts a UTF-8 encoded string to ISO-8859-1 */  PHP_FUNCTION(utf8_decode)  { | 
