mirrors/aports
3
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-04-11 13:16:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
aports/testing/php81/fix-pear.patch
Andy Postnikov 6679045bcb testing/php81: security upgrade to 8.1.31 
- CVE-2024-8929
- CVE-2024-8932
- CVE-2024-11233
- CVE-2024-11234
- CVE-2024-11236
2024-11-20 00:16:29 +00:00

66 lines
2.3 KiB
Diff
Raw Permalink Blame History

Patch-Source: https://github.com/php/php-src/commit/67259e451d5d58b4842776c5696a66d74e157609
From 67259e451d5d58b4842776c5696a66d74e157609 Mon Sep 17 00:00:00 2001
From: Niels Dossche <7771979+nielsdos@users.noreply.github.com>
Date: Fri, 5 Jul 2024 23:34:09 +0200
Subject: [PATCH] Fix GH-14834: Error installing PHP when --with-pear is used
libxml2 2.13 makes changes to how the parsing state is set, update our
code accordingly. In particular, it started reporting entities within
attributes, while it should only report entities inside text nodes.
Closes GH-14837.
---
NEWS | 2 ++
ext/xml/compat.c | 2 +-
ext/xml/tests/gh14834.phpt | 29 +++++++++++++++++++++++++++++
3 files changed, 32 insertions(+), 1 deletion(-)
create mode 100644 ext/xml/tests/gh14834.phpt
diff --git a/ext/xml/compat.c b/ext/xml/compat.c
index 242cc4ba7c40c..5f55dc62b3687 100644
--- a/ext/xml/compat.c
+++ b/ext/xml/compat.c
@@ -375,7 +375,7 @@ _get_entity(void *user, const xmlChar *name)
if (ret == NULL)
ret = xmlGetDocEntity(parser->parser->myDoc, name);
- if (ret == NULL || (parser->parser->instate != XML_PARSER_ENTITY_VALUE && parser->parser->instate != XML_PARSER_ATTRIBUTE_VALUE)) {
+ if (ret == NULL || parser->parser->instate == XML_PARSER_CONTENT) {
if (ret == NULL || ret->etype == XML_INTERNAL_GENERAL_ENTITY || ret->etype == XML_INTERNAL_PARAMETER_ENTITY || ret->etype == XML_INTERNAL_PREDEFINED_ENTITY) {
/* Predefined entities will expand unless no cdata handler is present */
if (parser->h_default && ! (ret && ret->etype == XML_INTERNAL_PREDEFINED_ENTITY && parser->h_cdata)) {
diff --git a/ext/xml/tests/gh14834.phpt b/ext/xml/tests/gh14834.phpt
new file mode 100644
index 0000000000000..2781ba2ed0941
--- /dev/null
+++ b/ext/xml/tests/gh14834.phpt
@@ -0,0 +1,29 @@
+--TEST--
+GH-14834 (Error installing PHP when --with-pear is used)
+--EXTENSIONS--
+xml
+--FILE--
+<?php
+$xml = <<<XML
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE root [
+ <!ENTITY foo "ent">
+]>
+<root>
+ <element hint="hello&apos;world">&foo;<![CDATA[ &amp; ]]><?x &amp; ?></element>
+</root>
+XML;
+
+$parser = xml_parser_create();
+xml_set_character_data_handler($parser, function($_, $data) {
+ var_dump($data);
+});
+xml_parse($parser, $xml, true);
+?>
+--EXPECT--
+string(3) "
+ "
+string(3) "ent"
+string(7) " &amp; "
+string(1) "
+"
Reference in a new issue View git blame Copy permalink