summaryrefslogtreecommitdiff
path: root/ext/xml/xml.c
diff options
context:
space:
mode:
Diffstat (limited to 'ext/xml/xml.c')
-rw-r--r--ext/xml/xml.c98
1 files changed, 54 insertions, 44 deletions
diff --git a/ext/xml/xml.c b/ext/xml/xml.c
index 2fea4f8ab..1ef01c886 100644
--- a/ext/xml/xml.c
+++ b/ext/xml/xml.c
@@ -274,10 +274,10 @@ zend_module_entry xml_module_entry = {
* the encoding is currently done internally by expat/xmltok.
*/
xml_encoding xml_encodings[] = {
- { "ISO-8859-1", xml_decode_iso_8859_1, xml_encode_iso_8859_1 },
- { "US-ASCII", xml_decode_us_ascii, xml_encode_us_ascii },
- { "UTF-8", NULL, NULL },
- { NULL, NULL, NULL }
+ { (XML_Char *)"ISO-8859-1", xml_decode_iso_8859_1, xml_encode_iso_8859_1 },
+ { (XML_Char *)"US-ASCII", xml_decode_us_ascii, xml_encode_us_ascii },
+ { (XML_Char *)"UTF-8", NULL, NULL },
+ { (XML_Char *)NULL, NULL, NULL }
};
static XML_Memory_Handling_Suite php_xml_mem_hdlrs;
@@ -428,7 +428,7 @@ static void xml_parser_dtor(zend_rsrc_list_entry *rsrc TSRMLS_DC)
}
if (parser->ltags) {
int inx;
- for (inx = 0; inx < parser->level; inx++)
+ for (inx = 0; ((inx < parser->level) && (inx < XML_MAXLEVEL)); inx++)
efree(parser->ltags[ inx ]);
efree(parser->ltags);
}
@@ -805,45 +805,50 @@ void _xml_startElementHandler(void *userData, const XML_Char *name, const XML_Ch
}
if (parser->data) {
- zval *tag, *atr;
- int atcnt = 0;
+ if (parser->level <= XML_MAXLEVEL) {
+ zval *tag, *atr;
+ int atcnt = 0;
- MAKE_STD_ZVAL(tag);
- MAKE_STD_ZVAL(atr);
+ MAKE_STD_ZVAL(tag);
+ MAKE_STD_ZVAL(atr);
- array_init(tag);
- array_init(atr);
+ array_init(tag);
+ array_init(atr);
- _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
+ _xml_add_to_info(parser,((char *) tag_name) + parser->toffset);
- add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
- add_assoc_string(tag,"type","open",1);
- add_assoc_long(tag,"level",parser->level);
+ add_assoc_string(tag,"tag",((char *) tag_name) + parser->toffset,1); /* cast to avoid gcc-warning */
+ add_assoc_string(tag,"type","open",1);
+ add_assoc_long(tag,"level",parser->level);
- parser->ltags[parser->level-1] = estrdup(tag_name);
- parser->lastwasopen = 1;
+ parser->ltags[parser->level-1] = estrdup(tag_name);
+ parser->lastwasopen = 1;
- attributes = (const XML_Char **) attrs;
+ attributes = (const XML_Char **) attrs;
- while (attributes && *attributes) {
- att = _xml_decode_tag(parser, attributes[0]);
- val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
-
- add_assoc_stringl(atr,att,val,val_len,0);
+ while (attributes && *attributes) {
+ att = _xml_decode_tag(parser, attributes[0]);
+ val = xml_utf8_decode(attributes[1], strlen(attributes[1]), &val_len, parser->target_encoding);
- atcnt++;
- attributes += 2;
+ add_assoc_stringl(atr,att,val,val_len,0);
- efree(att);
- }
+ atcnt++;
+ attributes += 2;
- if (atcnt) {
- zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
- } else {
- zval_ptr_dtor(&atr);
- }
+ efree(att);
+ }
+
+ if (atcnt) {
+ zend_hash_add(Z_ARRVAL_P(tag),"attributes",sizeof("attributes"),&atr,sizeof(zval*),NULL);
+ } else {
+ zval_ptr_dtor(&atr);
+ }
- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),(void *) &parser->ctag);
+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
+ TSRMLS_FETCH();
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
+ }
}
efree(tag_name);
@@ -895,7 +900,7 @@ void _xml_endElementHandler(void *userData, const XML_Char *name)
efree(tag_name);
- if (parser->ltags) {
+ if ((parser->ltags) && (parser->level <= XML_MAXLEVEL)) {
efree(parser->ltags[parser->level-1]);
}
@@ -979,18 +984,23 @@ void _xml_characterDataHandler(void *userData, const XML_Char *s, int len)
}
}
- MAKE_STD_ZVAL(tag);
-
- array_init(tag);
-
- _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
+ if (parser->level <= XML_MAXLEVEL) {
+ MAKE_STD_ZVAL(tag);
+
+ array_init(tag);
- add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
- add_assoc_string(tag,"value",decoded_value,0);
- add_assoc_string(tag,"type","cdata",1);
- add_assoc_long(tag,"level",parser->level);
+ _xml_add_to_info(parser,parser->ltags[parser->level-1] + parser->toffset);
- zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
+ add_assoc_string(tag,"tag",parser->ltags[parser->level-1] + parser->toffset,1);
+ add_assoc_string(tag,"value",decoded_value,0);
+ add_assoc_string(tag,"type","cdata",1);
+ add_assoc_long(tag,"level",parser->level);
+
+ zend_hash_next_index_insert(Z_ARRVAL_P(parser->data),&tag,sizeof(zval*),NULL);
+ } else if (parser->level == (XML_MAXLEVEL + 1)) {
+ TSRMLS_FETCH();
+ php_error_docref(NULL TSRMLS_CC, E_WARNING, "Maximum depth exceeded - Results truncated");
+ }
}
} else {
efree(decoded_value);
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-20 01:20:25 +0000