Make tests compatible with libxml2 2.9.12

This version of libxml introduced quite a few changes. Most of them are differences in error reporting, while some also change behavior, e.g. null bytes are no longer supported and xinclude recursion is limited. Closes GH-7030. Closes GH-7046. Co-authored-by: Nikita Popov <nikic@php.net>
php · May 26, 2021 · f3d1e9e · f3d1e9e
1 parent ee9e075
commit f3d1e9e
Show file tree

Hide file tree

Showing 9 changed files with 150 additions and 7 deletions.
diff --git a/ext/dom/tests/DOMDocument_loadXML_error1.phpt b/ext/dom/tests/DOMDocument_loadXML_error1.phpt
@@ -21,6 +21,6 @@ domdocumentloadxml_test_method.inc
 --EXPECTF--
 Warning: DOMDocument::load%r(XML){0,1}%r(): Opening and ending tag mismatch: title line 5 and book %s
 
-Warning: DOMDocument::load%r(XML){0,1}%r(): %rexpected '>'|Opening and ending tag mismatch: book line 5 and books%r %s
+Warning: DOMDocument::load%r(XML){0,1}%r(): %rexpected '>'|Opening and ending tag mismatch: book line (4|5) and books%r %s
 
 Warning: DOMDocument::load%r(XML){0,1}%r(): %rPremature end of data in tag books|EndTag: '<\/' not found in Entity, line: 13%r %s
diff --git a/ext/dom/tests/DOMDocument_load_error1.phpt b/ext/dom/tests/DOMDocument_load_error1.phpt
@@ -21,6 +21,6 @@ domdocumentload_test_method.inc
 --EXPECTF--
 Warning: DOMDocument::load%r(XML){0,1}%r(): Opening and ending tag mismatch: title line 5 and book %s
 
-Warning: DOMDocument::load%r(XML){0,1}%r(): %rexpected '>'|Opening and ending tag mismatch: book line 5 and books%r %s
+Warning: DOMDocument::load%r(XML){0,1}%r(): %rexpected '>'|Opening and ending tag mismatch: book line (4|5) and books%r %s
 
 Warning: DOMDocument::load%r(XML){0,1}%r(): %rPremature end of data in tag books|EndTag: '<\/' not found%r %s
diff --git a/ext/dom/tests/bug43364.phpt b/ext/dom/tests/bug43364.phpt
@@ -36,7 +36,7 @@ $doc->xinclude();
 
 $count = loopElements(array($doc->documentElement));
 
-var_dump($count);
+var_dump($count == 13 || $count == 11);
 ?>
 --EXPECT--
-int(13)
+bool(true)
diff --git a/ext/dom/tests/bug80268.phpt b/ext/dom/tests/bug80268.phpt
@@ -1,7 +1,10 @@
 --TEST--
 Bug #80268 (loadHTML() truncates at NUL bytes)
 --SKIPIF--
-<?php require_once('skipif.inc'); ?>
+<?php
+require_once('skipif.inc');
+if (LIBXML_VERSION >= 20912) die('skip For libxml2 < 2.9.12 only');
+?>
 --FILE--
 <?php
 $doc = new DOMDocument;

diff --git a/ext/dom/tests/bug80268_2.phpt b/ext/dom/tests/bug80268_2.phpt
@@ -0,0 +1,30 @@
+--TEST--
+Bug #80268 (loadHTML() truncates at NUL bytes)
+--SKIPIF--
+<?php
+require_once('skipif.inc');
+if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only');
+?>
+--FILE--
+<?php
+$doc = new DOMDocument;
+$doc->loadHTML("<p>foo\0bar</p>");
+$html = $doc->saveHTML();
+var_dump(strpos($html, '<p>foo</p>') !== false);
+
+file_put_contents(__DIR__ . '/80268.html', "<p>foo\0bar</p>");
+$doc = new DOMDocument;
+$doc->loadHTMLFile(__DIR__ . '/80268.html');
+$html = $doc->saveHTML();
+var_dump(strpos($html, '<p>foo</p>') !== false);
+?>
+--CLEAN--
+<?php
+unlink(__DIR__ . '/80268.html');
+?>
+--EXPECTF--
+Warning: DOMDocument::loadHTML(): Char 0x0 out of allowed range in Entity, line: 1 in %s on line %d
+bool(false)
+
+Warning: DOMDocument::loadHTMLFile(): Char 0x0 out of allowed range in %s on line %d
+bool(false)
diff --git a/ext/libxml/tests/bug61367-read.phpt b/ext/libxml/tests/bug61367-read.phpt
@@ -1,7 +1,10 @@
 --TEST--
 Bug #61367: open_basedir bypass in libxml RSHUTDOWN: read test
 --SKIPIF--
-<?php if(!extension_loaded('dom')) echo 'skip'; ?>
+<?php
+if(!extension_loaded('dom')) echo 'skip dom extension not available';
+if (LIBXML_VERSION >= 20912) die('skip For libxml2 < 2.9.12 only');
+?>
 --INI--
 open_basedir=.
 error_reporting=E_ALL & ~E_NOTICE

diff --git a/ext/libxml/tests/bug61367-read_2.phpt b/ext/libxml/tests/bug61367-read_2.phpt
@@ -0,0 +1,60 @@
+--TEST--
+Bug #61367: open_basedir bypass in libxml RSHUTDOWN: read test
+--SKIPIF--
+<?php
+if(!extension_loaded('dom')) echo 'skip dom extension not available';
+if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only');
+?>
+--INI--
+open_basedir=.
+--FILE--
+<?php
+/*
+ * Note: Using error_reporting=E_ALL & ~E_NOTICE to suppress "Trying to get property of non-object" notices.
+ */
+class StreamExploiter {
+    public function stream_close (  ) {
+        $doc = new DOMDocument;
+        $doc->resolveExternals = true;
+        $doc->substituteEntities = true;
+        $dir = htmlspecialchars(dirname(getcwd()));
+        $dir = str_replace('\\', '/', $dir); // fix for windows
+        $doc->loadXML( <<<XML
+<!DOCTYPE doc [
+    <!ENTITY file SYSTEM "file:///$dir/bad">
+]>
+<doc>&file;</doc>
+XML
+        );
+        print $doc->documentElement->firstChild->nodeValue;
+    }
+
+    public function stream_open (  $path ,  $mode ,  $options ,  &$opened_path ) {
+        return true;
+    }
+}
+
+var_dump(mkdir('test_bug_61367-read'));
+var_dump(mkdir('test_bug_61367-read/base'));
+var_dump(file_put_contents('test_bug_61367-read/bad', 'blah'));
+var_dump(chdir('test_bug_61367-read/base'));
+
+stream_wrapper_register( 'exploit', 'StreamExploiter' );
+$s = fopen( 'exploit://', 'r' );
+
+?>
+--CLEAN--
+<?php
+unlink('test_bug_61367-read/bad');
+rmdir('test_bug_61367-read/base');
+rmdir('test_bug_61367-read');
+?>
+--EXPECTF--
+bool(true)
+bool(true)
+int(4)
+bool(true)
+
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "file:///%s/test_bug_61367-read/bad" in %s on line %d
+
+Warning: Attempt to read property "nodeValue" on null in %s on line %d
diff --git a/ext/libxml/tests/libxml_disable_entity_loader.phpt b/ext/libxml/tests/libxml_disable_entity_loader.phpt
@@ -1,7 +1,11 @@
 --TEST--
 libxml_disable_entity_loader()
 --SKIPIF--
-<?php if (!extension_loaded('libxml') || !extension_loaded('dom')) die('skip'); ?>
+<?php
+if (!extension_loaded('libxml')) die('skip libxml extension not available');
+if (!extension_loaded('dom')) die('skip dom extension not available');
+if (LIBXML_VERSION >= 20912) die('skip For libxml2 < 2.9.12 only');
+?>
 --FILE--
 <?php
 

diff --git a/ext/libxml/tests/libxml_disable_entity_loader_2.phpt b/ext/libxml/tests/libxml_disable_entity_loader_2.phpt
@@ -0,0 +1,43 @@
+--TEST--
+libxml_disable_entity_loader()
+--SKIPIF--
+<?php
+if (!extension_loaded('libxml')) die('skip libxml extension not available');
+if (!extension_loaded('dom')) die('skip dom extension not available');
+if (LIBXML_VERSION < 20912) die('skip For libxml2 >= 2.9.12 only');
+--FILE--
+<?php
+
+$xml = <<<EOT
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE test [<!ENTITY xxe SYSTEM "XXE_URI">]>
+<foo>&xxe;</foo>
+EOT;
+
+$dir = str_replace('\\', '/', __DIR__);
+$xml = str_replace('XXE_URI', $dir . '/libxml_disable_entity_loader_payload.txt', $xml);
+
+function parseXML($xml) {
+  $doc = new DOMDocument();
+  $doc->resolveExternals = true;
+  $doc->substituteEntities = true;
+  $doc->validateOnParse = false;
+  $doc->loadXML($xml, 0);
+  return $doc->saveXML();
+}
+
+var_dump(strpos(parseXML($xml), 'SECRET_DATA') !== false);
+var_dump(libxml_disable_entity_loader(true));
+var_dump(strpos(parseXML($xml), 'SECRET_DATA') === false);
+
+echo "Done\n";
+?>
+--EXPECTF--
+bool(true)
+
+Deprecated: Function libxml_disable_entity_loader() is deprecated in %s on line %d
+bool(false)
+
+Warning: DOMDocument::loadXML(): I/O warning : failed to load external entity "%s" in %s on line %d
+bool(true)
+Done