DO NOT MERGE: Add validation for eternal enities

https://bugzilla.gnome.org/show_bug.cgi?id=780691 Bug: 36556310 Change-Id: I9450743e167c3c73af5e4071f3fc85e81d061648 (cherry picked from commit bef9af3d89d241bcb518c20cba6da2a2fd9ba049)
author: Brian C. Young <bcyoung@google.com> 2017-04-05 09:47:34 -0700
committer: gitbuildkicker <android-build@google.com> 2017-04-17 16:24:08 -0700
commit: 308396a55280f69ad4112d4f9892f4cbeff042aa (patch)
tree: 9ee6e4521bc314b383519de537439cd53431df82
parent: 51e0cb2e5ec18eaf6fb331bc573ff27b743898f4 (diff)
download: android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.tar.gz
android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.tar.bz2
android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/parser.c b/parser.c
index 669cd57f..63ae15f0 100644
--- a/parser.c
+++ b/parser.c
@@ -8130,6 +8130,14 @@ xmlParsePEReference(xmlParserCtxtPtr ctxt)
 	    if (xmlPushInput(ctxt, input) < 0)
 		return;
 	} else {
+	    if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) &&
+	        ((ctxt->options & XML_PARSE_NOENT) == 0) &&
+	        ((ctxt->options & XML_PARSE_DTDVALID) == 0) &&
+	        ((ctxt->options & XML_PARSE_DTDLOAD) == 0) &&
+	        ((ctxt->options & XML_PARSE_DTDATTR) == 0) &&
+	        (ctxt->replaceEntities == 0) &&
+	        (ctxt->validate == 0))
+	        return;
 	    /*
 	     * TODO !!!
 	     * handle the extra spaces added before and after
author	Brian C. Young <bcyoung@google.com>	2017-04-05 09:47:34 -0700
committer	gitbuildkicker <android-build@google.com>	2017-04-17 16:24:08 -0700
commit	308396a55280f69ad4112d4f9892f4cbeff042aa (patch)
tree	9ee6e4521bc314b383519de537439cd53431df82
parent	51e0cb2e5ec18eaf6fb331bc573ff27b743898f4 (diff)
download	android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.tar.gz android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.tar.bz2 android_external_libxml2-308396a55280f69ad4112d4f9892f4cbeff042aa.zip