diff options
author | Chris Young <chris@unsatisfactorysoftware.co.uk> | 2016-08-23 18:26:04 +0100 |
---|---|---|
committer | Chris Young <chris@unsatisfactorysoftware.co.uk> | 2016-08-23 18:26:04 +0100 |
commit | 389f74b11d3f6cd54c32ffcf423cee1c9b07f845 (patch) | |
tree | ad0a37868143c5b1b3ce8d330318263df48d4e92 /bindings | |
parent | 54c4309526e18a26a7b5b1fb4fdd5b7b7f1d304d (diff) | |
download | libdom-389f74b11d3f6cd54c32ffcf423cee1c9b07f845.tar.gz libdom-389f74b11d3f6cd54c32ffcf423cee1c9b07f845.tar.bz2 |
Don't attempt to fetch external entity references blindly with fopen
The system_id is a URI, either absolute or relative to 'base', it needs to be fetched using network calls, fopen won't work.
I've put a half-working POC in chris/fetch-x-ent-ref but it needs fixing up and testing.
Removing this non-working code fixes #2313 for now, but fetching of external entities will still need to be added.
Diffstat (limited to 'bindings')
-rw-r--r-- | bindings/xml/expat_xmlparser.c | 38 |
1 files changed, 3 insertions, 35 deletions
diff --git a/bindings/xml/expat_xmlparser.c b/bindings/xml/expat_xmlparser.c index e1c22ad..53c3093 100644 --- a/bindings/xml/expat_xmlparser.c +++ b/bindings/xml/expat_xmlparser.c @@ -292,44 +292,12 @@ expat_xmlparser_external_entity_ref_handler(XML_Parser parser, const XML_Char *system_id, const XML_Char *public_id) { - FILE *fh; - XML_Parser subparser; - unsigned char data[1024]; - size_t len; - enum XML_Status status; - + UNUSED(parser); + UNUSED(context); UNUSED(base); + UNUSED(system_id); UNUSED(public_id); - if (system_id == NULL) - return XML_STATUS_OK; - - fh = fopen(system_id, "r"); - - if (fh == NULL) - return XML_STATUS_OK; - - subparser = XML_ExternalEntityParserCreate(parser, - context, - NULL); - - if (subparser == NULL) { - fclose(fh); - return XML_STATUS_OK; - } - - /* Parse the file bit by bit */ - while ((len = fread(data, 1, 1024, fh)) > 0) { - status = XML_Parse(subparser, (const char *)data, len, 0); - if (status != XML_STATUS_OK) { - XML_ParserFree(subparser); - fclose(fh); - return XML_STATUS_OK; - } - } - XML_Parse(subparser, "", 0, 1); - XML_ParserFree(subparser); - fclose(fh); return XML_STATUS_OK; } |