Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This wasn't calling requestInit and setting the libxml handler no null. So the first time an error came along it would reset the handler from no-op to reading again. This is a much better fix, we set our custom handler in requestInit and when libxml_disable_entity_loader we store that state as a member bool ensuring requestInit is always called to set our own handler. If the handler isn't inserted then the behavious is as before. The only time this could go pear shaped is say we wanted to make the default be off. In that case we'd need a global requestInit that is always called since there are libxml references everywhere. Reviewed By: @jdelong Differential Revision: D1116686
- Loading branch information
Showing
5 changed files
with
49 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 25 additions & 0 deletions
25
hphp/test/zend/good/ext/libxml/tests/libxml_disable_entity_loader.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<?php | ||
|
||
$xml = <<<EOT | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<!DOCTYPE test [<!ENTITY xxe SYSTEM "XXE_URI">]> | ||
<foo>&xxe;</foo> | ||
EOT; | ||
|
||
$xml = str_replace('XXE_URI', __DIR__ . '/libxml_disable_entity_loader_payload.txt', $xml); | ||
|
||
function parseXML($xml) { | ||
$doc = new DOMDocument(); | ||
$doc->resolveExternals = true; | ||
$doc->substituteEntities = true; | ||
$doc->validateOnParse = false; | ||
$doc->loadXML($xml, 0); | ||
return $doc->saveXML(); | ||
} | ||
|
||
var_dump(strpos(parseXML($xml), 'SECRET_DATA') !== false); | ||
var_dump(libxml_disable_entity_loader(true)); | ||
var_dump(strpos(parseXML($xml), 'SECRET_DATA') === false); | ||
|
||
echo "Done\n"; | ||
?> |
7 changes: 7 additions & 0 deletions
7
hphp/test/zend/good/ext/libxml/tests/libxml_disable_entity_loader.php.expectf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
bool(true) | ||
bool(false) | ||
I/O warning : failed to load external entity "%s" | ||
HipHop Warning: %s | ||
HipHop Warning: %s | ||
bool(true) | ||
Done |
1 change: 1 addition & 0 deletions
1
hphp/test/zend/good/ext/libxml/tests/libxml_disable_entity_loader.php.skipif
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
<?php if (!extension_loaded('simplexml') || !extension_loaded('dom') || defined('PHP_WINDOWS_VERSION_MAJOR')) die('skip'); ?> |
1 change: 1 addition & 0 deletions
1
hphp/test/zend/good/ext/libxml/tests/libxml_disable_entity_loader_payload.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
SECRET_DATA |