From:
Operating system: Linux palikir 2.6.32.8-grsec-2.1
PHP version: 5.2.14
Package: XSLT related
Bug Type: Bug
Bug description:XSLTProcessor mishandles XML entities
Description:
------------
XSLTProcessor does not handle DOMEntity nodes properly. It substitutes
nothing instead of the entity value.
In the sample script the bad behavior is demonstrated by switching values
of
substituteEntities in the DOMDocument instance used to read the $xml file.
The test data has entity references within parentheses: (&test;) and
( ).
The output of the sample program is
with sustituteEntities=false: &test;=>() =>()
with sustituteEntities=true: &test;=>(OK) =>( )
For the first line, entity references are passed unmodified to
XSLTProcessor and they are then omitted from the output.
For the second line, DOMDocument::load has replaced the entity references
in the tree that is passed to XSLTProcessor. So the entity values show up
properly in the output.
Test script:
---------------
<?php
function runtest($xml, $se) {
$xmlDoc = new DOMDocument(); $xmlDoc->substituteEntities = $se;
$xmlDoc->loadXML($xml);
$proc = new XSLTProcessor(); $proc->importStylesheet($xmlDoc);
$html = $proc->transformToXML(new DOMDocument());
echo "with sustituteEntities=" . ($se?"true":"false") . ":
$html<br/>\n";
}
$xml = <<<EOF
<?xml version="1.0" encoding="utf-8"?><!DOCTYPE testdoc [<!ENTITY test
"OK"> <!ENTITY nbsp " "> ]>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<xsl:template match="/">
&test;=>(&test;) &nbsp;=>( )
</xsl:template></xsl:stylesheet>
EOF;
echo "<html><body>";
runtest($xml, false);
runtest($xml, true);
echo "</body></html>";
?>
Expected result:
----------------
with sustituteEntities=false: &test;=>() =>()
with sustituteEntities=true: &test;=>(OK) =>( )
The first line is wrong. The second is correct.
Actual result:
--------------
see expected results (the test produces both the correct and incorrect
behavior)
--
Edit bug report at http://bugs.php.net/bug.php?id=52856&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=52856&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=52856&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=52856&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=52856&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=52856&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=52856&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=52856&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=52856&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=52856&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=52856&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=52856&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=52856&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=52856&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=52856&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=52856&r=php4
Daylight Savings: http://bugs.php.net/fix.php?id=52856&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=52856&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=52856&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=52856&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=52856&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=52856&r=mysqlcfg
