From: mark at kimsal dot com
Operating system: Linux
PHP version: 5.0.4
PHP Bug Type: DOM XML related
Bug description: getAttribute() incorrectly de-references entities
Description:
------------
When using getAttribute to get the value of an attribute
that contains an XML entity (eg. ®) the returned value
is neither the actual character that is being represented
nor the characters that make up the entity '&' '#' '1' '7'
'4'. Instead there are two characters that are returned, A
circumflex (Â) and, in this example, the registered
trademark symbol (®).
'./configure' '--prefix=/opt/php5' '--with-mysql'
'--with-apxs2=/usr/sbin/apxs2' '--with-zlib' '--with-expat'
'--enable-sigchild' '--with-openssl' '--enable-shared'
'--enable-soap' '--with-gd' '--enable-mbstring'
'--with-pgsql' '--with-imap=shared,/usr/lib'
'--with-imap-ssl=no' '--with-gd'
'--with-jpeg-dir=/usr/include' '--with-ldap' '--with-xsl'
'--enable-memory-limit' '--enable-debug'
'--with-libxml-dir=/usr'
Reproduce code:
---------------
ent.php:
$dom = new DomDocument();
$dom->substituteEntities = true;
$dom->resolveExternals = true;
$dom->load('ent.xml');
$dom->substituteEntities = true;
$dom->resolveExternals = true;
echo $dom->saveXml();
$list = $dom->getElementsByTagName('bar');
$node = $list->item(0);
echo "\n===\n Attribute 'test' of node 'bar': ";
echo $node->getAttribute("test");
echo "\n===\n Attribute 'test' of node 'bar' with htmlentities:
";
echo htmlentities($node->getAttribute("test"));
echo "\n===\n";
ent.xml:
<?xml version="1.0"?>
<!DOCTYPE foo [
<!ENTITY reg "®">
]>
<foo>
<bar test="®">®</bar>
</foo>
Expected result:
----------------
<?xml version="1.0"?>
<!DOCTYPE foo [
<!ENTITY reg "®">
]>
<foo>
<bar test="®">®</bar>
</foo>
===
Attribute 'test' of node 'bar': ®
===
Attribute 'test' of node 'bar' with htmlentities:
&#174;
===
Actual result:
--------------
<?xml version="1.0"?>
<!DOCTYPE foo [
<!ENTITY reg "®">
]>
<foo>
<bar test="®">®</bar>
</foo>
===
Attribute 'test' of node 'bar': ®
===
Attribute 'test' of node 'bar' with htmlentities:
®
===
--
Edit bug report at http://bugs.php.net/?id=33020&edit=1
--
Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=33020&r=trysnapshot4
Try a CVS snapshot (php5.0):
http://bugs.php.net/fix.php?id=33020&r=trysnapshot50
Try a CVS snapshot (php5.1):
http://bugs.php.net/fix.php?id=33020&r=trysnapshot51
Fixed in CVS: http://bugs.php.net/fix.php?id=33020&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=33020&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=33020&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=33020&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=33020&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=33020&r=support
Expected behavior: http://bugs.php.net/fix.php?id=33020&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=33020&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=33020&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=33020&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=33020&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=33020&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=33020&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=33020&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=33020&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=33020&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=33020&r=mysqlcfg
