diff options
| -rw-r--r-- | ext/xml/compat.c | 5 | ||||
| -rw-r--r-- | ext/xml/tests/bug71592.phpt | 30 |
2 files changed, 34 insertions, 1 deletions
diff --git a/ext/xml/compat.c b/ext/xml/compat.c index 012e6b134b..e5db4469dc 100644 --- a/ext/xml/compat.c +++ b/ext/xml/compat.c @@ -359,7 +359,10 @@ _external_entity_ref_handler(void *user, const xmlChar *names, int type, const x return; } - parser->h_external_entity_ref(parser, names, (XML_Char *) "", sys_id, pub_id); + if (!parser->h_external_entity_ref(parser, names, (XML_Char *) "", sys_id, pub_id)) { + xmlStopParser(parser->parser); + parser->parser->errNo = XML_ERROR_EXTERNAL_ENTITY_HANDLING; + }; } static xmlEntityPtr diff --git a/ext/xml/tests/bug71592.phpt b/ext/xml/tests/bug71592.phpt new file mode 100644 index 0000000000..28a316a28e --- /dev/null +++ b/ext/xml/tests/bug71592.phpt @@ -0,0 +1,30 @@ +--TEST-- +Bug #71592 (External entity processing never fails) +--SKIPIF-- +<?php +if (!extension_loaded('xml')) die('skip xml extension not available'); +?> +--FILE-- +<?php +$xml = <<<XML +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE p [ + <!ENTITY pic PUBLIC "image.gif" "http://example.org/image.gif"> +]> +<root> +<p>&pic;</p> +<p></nop> +</root> +XML; + +$parser = xml_parser_create_ns('UTF-8'); +xml_set_external_entity_ref_handler($parser, function () { + return false; +}); +xml_parse($parser, $xml); +var_dump(xml_get_error_code($parser)); +?> +===DONE=== +--EXPECT-- +int(21) +===DONE=== |