mike Tue Oct 25 14:05:03 2005 EDT
Added files: (Branch: PHP_5_1)
/php-src/ext/tidy/tests 018.phpt
Modified files:
/php-src/ext/tidy tidy.c
/php-src NEWS
Log:
fix bug #34965 tidy is not binary safe
http://cvs.php.net/diff.php/php-src/ext/tidy/tidy.c?r1=1.66.2.1&r2=1.66.2.2&ty=u
Index: php-src/ext/tidy/tidy.c
diff -u php-src/ext/tidy/tidy.c:1.66.2.1 php-src/ext/tidy/tidy.c:1.66.2.2
--- php-src/ext/tidy/tidy.c:1.66.2.1 Wed Oct 12 10:29:26 2005
+++ php-src/ext/tidy/tidy.c Tue Oct 25 14:04:58 2005
@@ -16,7 +16,7 @@
+----------------------------------------------------------------------+
*/
-/* $Id: tidy.c,v 1.66.2.1 2005/10/12 14:29:26 tony2001 Exp $ */
+/* $Id: tidy.c,v 1.66.2.2 2005/10/25 18:04:58 mike Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -127,6 +127,18 @@
zend_hash_update(_table, #_key, sizeof(#_key), (void *)&tmp,
sizeof(zval *), NULL); \
}
+#define ADD_PROPERTY_STRINGL(_table, _key, _string, _len) \
+ { \
+ zval *tmp; \
+ MAKE_STD_ZVAL(tmp); \
+ if (_string) { \
+ ZVAL_STRINGL(tmp, (char *)_string, _len, 1); \
+ } else { \
+ ZVAL_EMPTY_STRING(tmp); \
+ } \
+ zend_hash_update(_table, #_key, sizeof(#_key), (void *)&tmp,
sizeof(zval *), NULL); \
+ }
+
#define ADD_PROPERTY_LONG(_table, _key, _long) \
{ \
zval *tmp; \
@@ -198,7 +210,7 @@
/* {{{ ext/tidy prototypes
*/
-static char *php_tidy_file_to_mem(char *, zend_bool TSRMLS_DC);
+static char *php_tidy_file_to_mem(char *, zend_bool, int * TSRMLS_DC);
static void tidy_object_free_storage(void * TSRMLS_DC);
static zend_object_value tidy_object_new_node(zend_class_entry * TSRMLS_DC);
static zend_object_value tidy_object_new_doc(zend_class_entry * TSRMLS_DC);
@@ -405,7 +417,7 @@
static void php_tidy_quick_repair(INTERNAL_FUNCTION_PARAMETERS, zend_bool
is_file)
{
char *data=NULL, *arg1, *enc = NULL;
- int arg1_len, enc_len = 0;
+ int arg1_len, enc_len = 0, data_len = 0;
zend_bool use_include_path = 0;
TidyDoc doc;
TidyBuffer *errbuf;
@@ -418,11 +430,12 @@
}
if (is_file) {
- if (!(data = php_tidy_file_to_mem(arg1, use_include_path
TSRMLS_CC))) {
+ if (!(data = php_tidy_file_to_mem(arg1, use_include_path,
&data_len TSRMLS_CC))) {
RETURN_FALSE;
}
} else {
data = arg1;
+ data_len = arg1_len;
}
doc = tidyCreate();
@@ -464,7 +477,12 @@
}
if (data) {
- if (tidyParseString(doc, data) < 0) {
+ TidyBuffer buf = {0};
+
+ tidyBufInit(&buf);
+ tidyBufAppend(&buf, data, data_len);
+
+ if (tidyParseBuffer(doc, &buf) < 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s",
errbuf->bp);
RETVAL_FALSE;
} else {
@@ -472,12 +490,14 @@
TidyBuffer output = {0};
tidySaveBuffer (doc, &output);
- RETVAL_STRING(output.bp, 1);
+ RETVAL_STRINGL(output.bp, output.size-1, 1);
tidyBufFree(&output);
} else {
RETVAL_FALSE;
}
}
+
+ tidyBufFree(&buf);
}
if (is_file) {
@@ -489,17 +509,17 @@
tidyRelease(doc);
}
-static char *php_tidy_file_to_mem(char *filename, zend_bool use_include_path
TSRMLS_DC)
+static char *php_tidy_file_to_mem(char *filename, zend_bool use_include_path,
int *len TSRMLS_DC)
{
php_stream *stream;
- int len;
char *data = NULL;
if (!(stream = php_stream_open_wrapper(filename, "rb",
(use_include_path ? USE_PATH : 0) | ENFORCE_SAFE_MODE, NULL))) {
return NULL;
}
- if ((len = php_stream_copy_to_mem(stream, &data, PHP_STREAM_COPY_ALL,
0)) == 0) {
+ if ((*len = (int) php_stream_copy_to_mem(stream, &data,
PHP_STREAM_COPY_ALL, 0)) == 0) {
data = estrdup("");
+ *len = 0;
}
php_stream_close(stream);
@@ -647,7 +667,7 @@
case IS_STRING:
obj = (PHPTidyObj *)zend_object_store_get_object(in
TSRMLS_CC);
tidySaveBuffer (obj->ptdoc->doc, &output);
- ZVAL_STRINGL(out, output.bp, output.size, TRUE);
+ ZVAL_STRINGL(out, output.bp, output.size-1, TRUE);
tidyBufFree(&output);
break;
@@ -679,7 +699,7 @@
case IS_STRING:
obj = (PHPTidyObj *)zend_object_store_get_object(in
TSRMLS_CC);
tidyNodeGetText(obj->ptdoc->doc, obj->node, &buf);
- ZVAL_STRINGL(out, buf.bp, buf.size, TRUE);
+ ZVAL_STRINGL(out, buf.bp, buf.size-1, TRUE);
tidyBufFree(&buf);
break;
@@ -700,7 +720,7 @@
if (output.size) {
MAKE_STD_ZVAL(temp);
- ZVAL_STRINGL(temp, output.bp, output.size, TRUE);
+ ZVAL_STRINGL(temp, output.bp, output.size-1, TRUE);
zend_hash_update(obj->std.properties, "value", sizeof("value"),
(void *)&temp, sizeof(zval *), NULL);
}
@@ -708,7 +728,7 @@
if (obj->ptdoc->errbuf->size) {
MAKE_STD_ZVAL(temp);
- ZVAL_STRINGL(temp, obj->ptdoc->errbuf->bp,
obj->ptdoc->errbuf->size, TRUE);
+ ZVAL_STRINGL(temp, obj->ptdoc->errbuf->bp,
obj->ptdoc->errbuf->size-1, TRUE);
zend_hash_update(obj->std.properties, "errorBuffer",
sizeof("errorBuffer"), (void *)&temp, sizeof(zval *), NULL);
}
}
@@ -728,8 +748,7 @@
memset(&buf, 0, sizeof(buf));
tidyNodeGetText(obj->ptdoc->doc, obj->node, &buf);
- buf.bp[buf.size-1] = '\0';
- ADD_PROPERTY_STRING(obj->std.properties, value, buf.bp);
+ ADD_PROPERTY_STRINGL(obj->std.properties, value,
buf.bp, buf.size-1);
tidyBufFree(&buf);
ADD_PROPERTY_STRING(obj->std.properties, name,
tidyNodeGetName(obj->node));
@@ -891,8 +910,10 @@
return SUCCESS;
}
-static int php_tidy_parse_string(PHPTidyObj *obj, char *string, char *enc
TSRMLS_DC)
-{
+static int php_tidy_parse_string(PHPTidyObj *obj, char *string, int len, char
*enc TSRMLS_DC)
+{
+ TidyBuffer buf = {0};
+
if(enc) {
if (tidySetCharEncoding(obj->ptdoc->doc, enc) < 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Could not
set encoding '%s'", enc);
@@ -900,18 +921,18 @@
}
}
- if (tidyParseString(obj->ptdoc->doc, string) < 0) {
+ tidyBufInit(&buf);
+ tidyBufAppend(&buf, string, len);
+ if (tidyParseBuffer(obj->ptdoc->doc, &buf) < 0) {
+ tidyBufFree(&buf);
php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s",
obj->ptdoc->errbuf->bp);
return FAILURE;
- } else {
- tidy_doc_update_properties(obj TSRMLS_CC);
-
- return SUCCESS;
}
-
+ tidyBufFree(&buf);
tidy_doc_update_properties(obj TSRMLS_CC);
-
+
+ return SUCCESS;
}
static void tidy_globals_ctor(void *global TSRMLS_DC)
@@ -962,7 +983,7 @@
php_info_print_table_start();
php_info_print_table_header(2, "Tidy support", "enabled");
php_info_print_table_row(2, "libTidy Release", (char
*)tidyReleaseDate());
- php_info_print_table_row(2, "Extension Version",
PHP_TIDY_MODULE_VERSION " ($Id: tidy.c,v 1.66.2.1 2005/10/12 14:29:26 tony2001
Exp $)");
+ php_info_print_table_row(2, "Extension Version",
PHP_TIDY_MODULE_VERSION " ($Id: tidy.c,v 1.66.2.2 2005/10/25 18:04:58 mike Exp
$)");
php_info_print_table_end();
DISPLAY_INI_ENTRIES();
@@ -996,7 +1017,12 @@
TIDY_SET_DEFAULT_CONFIG(doc);
if (input_len > 1) {
- if (tidyParseString(doc, input) < 0 || tidyCleanAndRepair(doc)
< 0) {
+ TidyBuffer buf = {0};
+
+ tidyBufInit(&buf);
+ tidyBufAppend(&buf, input, input_len);
+
+ if (tidyParseBuffer(doc, &buf) < 0 || tidyCleanAndRepair(doc) <
0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "%s",
errbuf.bp);
RETVAL_NULL();
} else {
@@ -1004,10 +1030,12 @@
tidyBufInit(&output);
tidySaveBuffer(doc, &output);
- RETVAL_STRING(output.bp, 1);
+ RETVAL_STRINGL(output.bp, output.size-1, 1);
tidyBufFree(&output);
}
+
+ tidyBufFree(&buf);
} else {
RETVAL_NULL();
}
@@ -1037,7 +1065,7 @@
TIDY_APPLY_CONFIG_ZVAL(obj->ptdoc->doc, options);
- if(php_tidy_parse_string(obj, input, enc TSRMLS_CC) == FAILURE) {
+ if(php_tidy_parse_string(obj, input, input_len, enc TSRMLS_CC) ==
FAILURE) {
zval_dtor(return_value);
INIT_ZVAL(*return_value);
RETURN_FALSE;
@@ -1053,7 +1081,7 @@
TIDY_FETCH_OBJECT;
if (obj->ptdoc->errbuf && obj->ptdoc->errbuf->bp) {
- RETURN_STRING(obj->ptdoc->errbuf->bp, 1);
+ RETURN_STRINGL(obj->ptdoc->errbuf->bp,
obj->ptdoc->errbuf->size-1, 1);
} else {
RETURN_FALSE;
}
@@ -1069,7 +1097,7 @@
tidySaveBuffer(obj->ptdoc->doc, &output);
- RETVAL_STRING(output.bp, 1);
+ RETVAL_STRINGL(output.bp, output.size-1, 1);
tidyBufFree(&output);
}
@@ -1080,7 +1108,7 @@
PHP_FUNCTION(tidy_parse_file)
{
char *inputfile, *enc = NULL;
- int input_len, enc_len = 0;
+ int input_len, contents_len, enc_len = 0;
zend_bool use_include_path = 0;
char *contents;
zval *options = NULL;
@@ -1096,14 +1124,14 @@
tidy_instanciate(tidy_ce_doc, return_value TSRMLS_CC);
obj = (PHPTidyObj *) zend_object_store_get_object(return_value
TSRMLS_CC);
- if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path
TSRMLS_CC))) {
+ if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path,
&contents_len TSRMLS_CC))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s'
into memory %s", inputfile, (use_include_path) ? "(Using include path)" : "");
RETURN_FALSE;
}
TIDY_APPLY_CONFIG_ZVAL(obj->ptdoc->doc, options);
- if(php_tidy_parse_string(obj, contents, enc TSRMLS_CC) == FAILURE) {
+ if(php_tidy_parse_string(obj, contents, contents_len, enc TSRMLS_CC) ==
FAILURE) {
zval_dtor(return_value);
INIT_ZVAL(*return_value);
RETVAL_FALSE;
@@ -1398,7 +1426,7 @@
TIDY_DOC_METHOD(__construct)
{
char *inputfile = NULL, *enc = NULL;
- int input_len = 0, enc_len = 0;
+ int input_len = 0, enc_len = 0, contents_len = 0;
zend_bool use_include_path = 0;
char *contents;
zval *options = NULL;
@@ -1414,14 +1442,14 @@
obj = (PHPTidyObj *)zend_object_store_get_object(object TSRMLS_CC);
if (inputfile) {
- if (!(contents = php_tidy_file_to_mem(inputfile,
use_include_path TSRMLS_CC))) {
+ if (!(contents = php_tidy_file_to_mem(inputfile,
use_include_path, &contents_len TSRMLS_CC))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot
Load '%s' into memory %s", inputfile, (use_include_path) ? "(Using include
path)" : "");
return;
}
TIDY_APPLY_CONFIG_ZVAL(obj->ptdoc->doc, options);
- php_tidy_parse_string(obj, contents, enc TSRMLS_CC);
+ php_tidy_parse_string(obj, contents, contents_len, enc
TSRMLS_CC);
efree(contents);
}
@@ -1430,7 +1458,7 @@
TIDY_DOC_METHOD(parseFile)
{
char *inputfile, *enc = NULL;
- int input_len, enc_len = 0;
+ int input_len, enc_len = 0, contents_len = 0;
zend_bool use_include_path = 0;
char *contents;
zval *options = NULL;
@@ -1445,14 +1473,14 @@
RETURN_FALSE;
}
- if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path
TSRMLS_CC))) {
+ if (!(contents = php_tidy_file_to_mem(inputfile, use_include_path,
&contents_len TSRMLS_CC))) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Cannot Load '%s'
into memory %s", inputfile, (use_include_path) ? "(Using include path)" : "");
RETURN_FALSE;
}
TIDY_APPLY_CONFIG_ZVAL(obj->ptdoc->doc, options);
- if(php_tidy_parse_string(obj, contents, enc TSRMLS_CC) == FAILURE) {
+ if(php_tidy_parse_string(obj, contents, contents_len, enc TSRMLS_CC) ==
FAILURE) {
RETVAL_FALSE;
} else {
RETVAL_TRUE;
@@ -1478,7 +1506,7 @@
TIDY_APPLY_CONFIG_ZVAL(obj->ptdoc->doc, options);
- if(php_tidy_parse_string(obj, input, enc TSRMLS_CC) == SUCCESS) {
+ if(php_tidy_parse_string(obj, input, input_len, enc TSRMLS_CC) ==
SUCCESS) {
RETURN_TRUE;
}
http://cvs.php.net/diff.php/php-src/NEWS?r1=1.2027.2.161&r2=1.2027.2.162&ty=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.2027.2.161 php-src/NEWS:1.2027.2.162
--- php-src/NEWS:1.2027.2.161 Tue Oct 25 11:53:06 2005
+++ php-src/NEWS Tue Oct 25 14:04:59 2005
@@ -4,6 +4,7 @@
- Fixed fgetcsv() and fputcsv() inconsistency. (Dmitry)
- Fixed bug #34968 (bz2 extension fails on to build on some win32 setups).
(Ilia)
+- Fixed bug #34965 (tidy is not binary safe). (Mike)
- Fixed bug #34957 (PHP doesn't respect ACLs for access checks). (Wez)
- Fixed bug #34950 (Unable to get WSDL through proxy). (Dmitry)
- Fixed bug #34938 (dns_get_record() doesn't resolve long hostnames and
http://cvs.php.net/co.php/php-src/ext/tidy/tests/018.phpt?r=1.1&p=1
Index: php-src/ext/tidy/tests/018.phpt
+++ php-src/ext/tidy/tests/018.phpt
--TEST--
binary safety
--SKIPIF--
<?php if (!extension_loaded("tidy")) print "skip"; ?>
--FILE--
<?php
$x = tidy_repair_string("<p>abra\0cadabra</p>",
array( 'show-body-only' => true,
'clean' => false,
'newline' => "\n")
);
var_dump($x);
?>
--EXPECT--
string(19) "<p>abracadabra</p>
"
--
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
