diff options
author | Brian C. Young <bcyoung@google.com> | 2017-04-05 09:47:34 -0700 |
---|---|---|
committer | gitbuildkicker <android-build@google.com> | 2017-04-17 16:24:08 -0700 |
commit | 308396a55280f69ad4112d4f9892f4cbeff042aa (patch) | |
tree | 9ee6e4521bc314b383519de537439cd53431df82 | |
parent | 51e0cb2e5ec18eaf6fb331bc573ff27b743898f4 (diff) | |
download | android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.tar.gz android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.tar.bz2 android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.zip |
DO NOT MERGE: Add validation for eternal enities
https://bugzilla.gnome.org/show_bug.cgi?id=780691
Bug: 36556310
Change-Id: I9450743e167c3c73af5e4071f3fc85e81d061648
(cherry picked from commit bef9af3d89d241bcb518c20cba6da2a2fd9ba049)
-rw-r--r-- | parser.c | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -8130,6 +8130,14 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt) if (xmlPushInput(ctxt, input) < 0) return; } else { + if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && + ((ctxt->options & XML_PARSE_NOENT) == 0) && + ((ctxt->options & XML_PARSE_DTDVALID) == 0) && + ((ctxt->options & XML_PARSE_DTDLOAD) == 0) && + ((ctxt->options & XML_PARSE_DTDATTR) == 0) && + (ctxt->replaceEntities == 0) && + (ctxt->validate == 0)) + return; /* * TODO !!! * handle the extra spaces added before and after |