Re: [xml] [PATCH] Fix attribute decoding during XML schema validation

From: Shlomi Fish <shlomif shlomifish org>
To: Alex Henrie <alexhenrie24 gmail com>
Cc: xml gnome org, veillard redhat com
Subject: Re: [xml] [PATCH] Fix attribute decoding during XML schema validation
Date: Fri, 27 May 2016 10:59:40 +0300

Hi Alex,

thanks for your patch, but shouldn't a regression test be added to the code (to
protect against future breakages?)

Regards,

        Shlomi Fish

On Thu, 26 May 2016 17:43:06 -0600
Alex Henrie <alexhenrie24 gmail com> wrote:

For https://bugzilla.gnome.org/show_bug.cgi?id=766834

vctxt->parserCtxt is always NULL in xmlSchemaSAXHandleStartElementNs,
so this function can't call xmlStringLenDecodeEntities to decode the
entities.
---
 xmlschemas.c | 30 +++++++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/xmlschemas.c b/xmlschemas.c
index e1b3a4f..59535e5 100644
--- a/xmlschemas.c
+++ b/xmlschemas.c
@@ -27391,6 +27391,7 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
     * attributes yet.
     */
     if (nb_attributes != 0) {
+     int valueLen, k, l;
      xmlChar *value;
 
         for (j = 0, i = 0; i < nb_attributes; i++, j += 5) {
@@ -27400,12 +27401,31 @@ xmlSchemaSAXHandleStartElementNs(void *ctx,
          * libxml2 differs from normal SAX here in that it escapes all
ampersands
          * as &#38; instead of delivering the raw converted string.
Changing the
          * behavior at this point would break applications that use this
API, so
-         * we are forced to work around it. There is no danger of
accidentally
-         * decoding some entity other than &#38; in this step because
without
-         * unescaped ampersands there can be no other entities in the
string.
+         * we are forced to work around it.
          */
-         value = xmlStringLenDecodeEntities(vctxt->parserCtxt,
attributes[j+3],
-             attributes[j+4] - attributes[j+3], XML_SUBSTITUTE_REF, 0, 0,
0);
+         valueLen = attributes[j+4] - attributes[j+3];
+         value = xmlMallocAtomic(valueLen + 1);
+         if (value == NULL) {
+             xmlSchemaVErrMemory(vctxt,
+                 "allocating string for decoded attribute",
+                 NULL);
+             goto internal_error;
+         }
+         for (k = 0, l = 0; k < valueLen; l++) {
+             if (k < valueLen - 4 &&
+                 attributes[j+3][k+0] == '&' &&
+                 attributes[j+3][k+1] == '#' &&
+                 attributes[j+3][k+2] == '3' &&
+                 attributes[j+3][k+3] == '8' &&
+                 attributes[j+3][k+4] == ';') {
+                 value[l] = '&';
+                 k += 5;
+             } else {
+                 value[l] = attributes[j+3][k];
+                 k++;
+             }
+         }
+         value[l] = '\0';
          /*
          * TODO: Set the node line.
          */

Follow-Ups:
- Re: [xml] [PATCH] Fix attribute decoding during XML schema validation
  - From: Alex Henrie

References:
- [xml] [PATCH] Fix attribute decoding during XML schema validation
  - From: Alex Henrie

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]