rrichards Thu Apr 17 20:19:53 2008 UTC Added files: /php-src/ext/dom/tests bug44648.phpt
Modified files: /php-src/ext/dom element.c Log: fix bug #44648 (Attribute names not checked for wellformedness) fix some warnings http://cvs.php.net/viewvc.cgi/php-src/ext/dom/element.c?r1=1.56&r2=1.57&diff_format=u Index: php-src/ext/dom/element.c diff -u php-src/ext/dom/element.c:1.56 php-src/ext/dom/element.c:1.57 --- php-src/ext/dom/element.c:1.56 Mon Feb 4 15:22:40 2008 +++ php-src/ext/dom/element.c Thu Apr 17 20:19:52 2008 @@ -17,7 +17,7 @@ +----------------------------------------------------------------------+ */ -/* $Id: element.c,v 1.56 2008/02/04 15:22:40 sebastian Exp $ */ +/* $Id: element.c,v 1.57 2008/04/17 20:19:52 rrichards Exp $ */ #ifdef HAVE_CONFIG_H #include "config.h" @@ -270,7 +270,7 @@ ns = nodep->ns; if (ns != NULL && ns->prefix) { qname = xmlStrdup(ns->prefix); - qname = xmlStrcat(qname, ":"); + qname = xmlStrcat(qname, (xmlChar *)":"); qname = xmlStrcat(qname, nodep->name); ZVAL_XML_STRING(*retval, (char *)qname, ZSTR_DUPLICATE); xmlFree(qname); @@ -307,7 +307,7 @@ if (nqname != NULL) { xmlNsPtr ns; xmlChar *prefix = xmlStrndup(name, len); - if (prefix && xmlStrEqual(prefix, "xmlns")) { + if (prefix && xmlStrEqual(prefix, (xmlChar *)"xmlns")) { ns = elem->nsDef; while (ns) { if (xmlStrEqual(ns->prefix, nqname)) { @@ -326,7 +326,7 @@ return (xmlNodePtr)xmlHasNsProp(elem, nqname, ns->href); } } else { - if (xmlStrEqual(name, "xmlns")) { + if (xmlStrEqual(name, (xmlChar *)"xmlns")) { xmlNsPtr nsPtr = elem->nsDef; while (nsPtr) { if (nsPtr->prefix == NULL) { @@ -348,7 +348,8 @@ { zval *id; xmlNode *nodep; - char *name, *value = NULL; + char *name; + xmlChar *value = NULL; dom_object *intern; xmlNodePtr attr; int name_len; @@ -392,7 +393,7 @@ zval *id, *rv = NULL; xmlNode *nodep; xmlNodePtr attr = NULL; - int ret, name_len, value_len; + int ret, name_len, value_len, name_valid; dom_object *intern; char *name, *value; @@ -405,6 +406,12 @@ RETURN_FALSE; } + name_valid = xmlValidateName((xmlChar *) name, 0); + if (name_valid != 0) { + php_dom_throw_error(INVALID_CHARACTER_ERR, 1 TSRMLS_CC); + RETURN_FALSE; + } + DOM_GET_OBJ(nodep, id, xmlNodePtr, intern); if (dom_node_is_read_only(nodep) == SUCCESS) { @@ -426,12 +433,12 @@ } - if (xmlStrEqual((xmlChar *)name, "xmlns")) { + if (xmlStrEqual((xmlChar *)name, (xmlChar *)"xmlns")) { if (xmlNewNs(nodep, (xmlChar *)value, NULL)) { RETURN_TRUE; } } else { - attr = (xmlNodePtr)xmlSetProp(nodep, (xmlChar *) name, value); + attr = (xmlNodePtr)xmlSetProp(nodep, (xmlChar *) name, (xmlChar *)value); } if (!attr) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "No such attribute '%s'", name); @@ -528,7 +535,7 @@ if (attrp->children) { attrp = xmlNewDocNode(nodep->doc, NULL, (xmlChar *) attrp->children, attrp->name); } else { - attrp = xmlNewDocNode(nodep->doc, NULL, "xmlns", attrp->name); + attrp = xmlNewDocNode(nodep->doc, NULL, (xmlChar *)"xmlns", attrp->name); } attrp->type = XML_NAMESPACE_DECL; attrp->parent = nsparent; @@ -679,7 +686,8 @@ xmlNsPtr nsptr; dom_object *intern; int uri_len = 0, name_len = 0; - char *uri, *name, *strattr; + char *uri, *name; + xmlChar *strattr; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os!&s&", &id, dom_element_class_entry, &uri, &uri_len, UG(utf8_conv), &name, &name_len, UG(utf8_conv)) == FAILURE) { return; @@ -690,11 +698,11 @@ strattr = xmlGetNsProp(elemp, (xmlChar *) name, (xmlChar *) uri); if (strattr != NULL) { - RETVAL_XML_STRING(strattr, ZSTR_DUPLICATE); + RETVAL_XML_STRING((char *)strattr, ZSTR_DUPLICATE); xmlFree(strattr); } else { - if (xmlStrEqual((xmlChar *) uri, DOM_XMLNS_NAMESPACE)) { - nsptr = dom_get_nsdecl(elemp, name); + if (xmlStrEqual((xmlChar *) uri, (xmlChar *)DOM_XMLNS_NAMESPACE)) { + nsptr = dom_get_nsdecl(elemp, (xmlChar *)name); if (nsptr != NULL) { RETVAL_XML_STRING((char *) nsptr->href, ZSTR_DUPLICATE); } else { @@ -759,7 +767,7 @@ char *uri, *name, *value; char *localname = NULL, *prefix = NULL; dom_object *intern; - int errorcode = 0, stricterror, is_xmlns = 0; + int errorcode = 0, stricterror, is_xmlns = 0, name_valid; if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os!&s&s&", &id, dom_element_class_entry, &uri, &uri_len, UG(utf8_conv), &name, &name_len, UG(utf8_conv), &value, &value_len, UG(utf8_conv)) == FAILURE) { return; @@ -788,11 +796,11 @@ node_list_unlink(nodep->children TSRMLS_CC); } - if (xmlStrEqual((xmlChar *) prefix,"xmlns") && xmlStrEqual((xmlChar *) uri, DOM_XMLNS_NAMESPACE)) { + if (xmlStrEqual((xmlChar *) prefix, (xmlChar *)"xmlns") && xmlStrEqual((xmlChar *) uri, (xmlChar *)DOM_XMLNS_NAMESPACE)) { is_xmlns = 1; - nsptr = dom_get_nsdecl(elemp, localname); + nsptr = dom_get_nsdecl(elemp, (xmlChar *)localname); } else { - nsptr = xmlSearchNsByHref(elemp->doc, elemp, uri); + nsptr = xmlSearchNsByHref(elemp->doc, elemp, (xmlChar *)uri); if (nsptr && nsptr->prefix == NULL) { xmlNsPtr tmpnsptr; @@ -816,7 +824,7 @@ errorcode = NAMESPACE_ERR; } else { if (is_xmlns == 1) { - xmlNewNs(elemp, value, localname); + xmlNewNs(elemp, (xmlChar *)value, (xmlChar *)localname); } else { nsptr = dom_get_ns(elemp, uri, &errorcode, prefix); } @@ -827,19 +835,25 @@ if (nsptr->href) { xmlFree((xmlChar *) nsptr->href); } - nsptr->href = xmlStrdup(value); + nsptr->href = xmlStrdup((xmlChar *)value); } } if (errorcode == 0 && is_xmlns == 0) { - attr = xmlSetNsProp(elemp, nsptr, localname, value); + attr = xmlSetNsProp(elemp, nsptr, (xmlChar *)localname, (xmlChar *)value); } } else { - attr = xmlHasProp(elemp, localname); - if (attr != NULL && attr->type != XML_ATTRIBUTE_DECL) { - node_list_unlink(attr->children TSRMLS_CC); + name_valid = xmlValidateName((xmlChar *) localname, 0); + if (name_valid != 0) { + errorcode = INVALID_CHARACTER_ERR; + stricterror = 1; + } else { + attr = xmlHasProp(elemp, (xmlChar *)localname); + if (attr != NULL && attr->type != XML_ATTRIBUTE_DECL) { + node_list_unlink(attr->children TSRMLS_CC); + } + attr = xmlSetProp(elemp, (xmlChar *)localname, (xmlChar *)value); } - attr = xmlSetProp(elemp, localname, value); } } @@ -1101,8 +1115,8 @@ xmlFree(value); RETURN_TRUE; } else { - if (xmlStrEqual(uri, DOM_XMLNS_NAMESPACE)) { - nsp = dom_get_nsdecl(elemp, name); + if (xmlStrEqual((xmlChar *)uri, (xmlChar *)DOM_XMLNS_NAMESPACE)) { + nsp = dom_get_nsdecl(elemp, (xmlChar *)name); if (nsp != NULL) { RETURN_TRUE; } @@ -1157,7 +1171,7 @@ RETURN_NULL(); } - attrp = xmlHasNsProp(nodep, name, NULL); + attrp = xmlHasNsProp(nodep, (xmlChar *)name, NULL); if (attrp == NULL || attrp->type == XML_ATTRIBUTE_DECL) { php_dom_throw_error(NOT_FOUND_ERR, dom_get_strict_error(intern->document) TSRMLS_CC); } else { http://cvs.php.net/viewvc.cgi/php-src/ext/dom/tests/bug44648.phpt?view=markup&rev=1.1 Index: php-src/ext/dom/tests/bug44648.phpt +++ php-src/ext/dom/tests/bug44648.phpt --TEST-- Bug #44648 (Attribute names not checked for wellformedness) --SKIPIF-- <?php require_once('skipif.inc'); ?> --FILE-- <?php $doc = new DOMDocument(); $doc->loadXML('<root/>'); $root = $doc->documentElement; try { $attr = new DOMAttr('@acb', '123'); $root->setAttributeNode($attr); } catch (DOMException $e) { echo $e->getMessage()."\n"; } try { $root->setAttribute('@def', '456'); } catch (DOMException $e) { echo $e->getMessage()."\n"; } try { $root->setAttributeNS(NULL, '@ghi', '789'); } catch (DOMException $e) { echo $e->getMessage()."\n"; } try { $root->setAttributeNS('urn::test', 'a:[EMAIL PROTECTED]', '789'); } catch (DOMException $e) { echo $e->getMessage()."\n"; } echo $doc->saveXML($root); ?> --EXPECT-- Invalid Character Error Invalid Character Error Invalid Character Error Namespace Error <root/> -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php