Hi I fixed all the things mentioned by Hanned, but my C and PHP-src skills are a little bit rusty, so could anyone have a quick look at my latest patch and check if that's ok/better?
https://gist.github.com/7cc9a6263401cd87367f (if you prefer the whole file, it's here https://gist.github.com/55d957fc3265699b7d17 ) thanks chregu On 11.07.11 13:29, Hannes Magnusson wrote: > On Mon, Jul 11, 2011 at 13:16, Christian Stocker <chr...@php.net> wrote: >> chregu Mon, 11 Jul 2011 11:16:22 +0000 >> >> Revision: http://svn.php.net/viewvc?view=revision&revision=313131 >> >> Log: >> Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() >> to define forbidden operations within XSLT stylesheets, default is not to >> enable any write operations from XSLT anymore. Bug #54446 >> > > > Any reason not to merge it to 5.4? > > + if (zend_parse_parameters_ex(ZEND_PARSE_PARAMS_QUIET, > ZEND_NUM_ARGS() TSRMLS_CC, "l", &securityPrefs) == SUCCESS) { > [..] > + } else { > + WRONG_PARAM_COUNT; > + } > > Thats a freaky way of doing if (zend_parse_parameter(...) == FAILURE) > { return; } ... > and won't produce as good errormsg. > > > + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Can't set > libxslt > security properties"); > > Can be printed out up to 5 times in a row.. shouldn't it say which > property it was trying to set? And if one of these calls fail, won't > they all fail? > > > -Hannes -- Liip AG // Feldstrasse 133 // CH-8004 Zurich Tel +41 43 500 39 81 // Mobile +41 76 561 88 60 www.liip.ch // blog.liip.ch // GnuPG 0x0748D5FE -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
