hirokawa Sat, 24 Sep 2011 02:11:18 +0000 Revision: http://svn.php.net/viewvc?view=revision&revision=317229
Log: fixed #40685: removed '&' in mb_decode_numericentity(). Bug: https://bugs.php.net/40685 (Bogus) '&&&' => '&&' at mb_decode_numericentity Changed paths: U php/php-src/trunk/ext/mbstring/libmbfl/mbfl/mbfilter.c Modified: php/php-src/trunk/ext/mbstring/libmbfl/mbfl/mbfilter.c =================================================================== --- php/php-src/trunk/ext/mbstring/libmbfl/mbfl/mbfilter.c 2011-09-24 01:34:46 UTC (rev 317228) +++ php/php-src/trunk/ext/mbstring/libmbfl/mbfl/mbfilter.c 2011-09-24 02:11:18 UTC (rev 317229) @@ -2954,6 +2954,80 @@ return c; } +int mbfl_filt_decode_htmlnumericentity_flush(mbfl_convert_filter *filter) +{ + struct collector_htmlnumericentity_data *pc = (struct collector_htmlnumericentity_data *)filter; + int n, s, r, d; + + if (pc->status) { + switch (pc->status) { + case 1: /* '&' */ + (*pc->decoder->filter_function)(0x26, pc->decoder); /* '&' */ + break; + case 2: /* '#' */ + (*pc->decoder->filter_function)(0x26, pc->decoder); /* '&' */ + (*pc->decoder->filter_function)(0x23, pc->decoder); /* '#' */ + break; + case 3: /* '0'-'9' */ + (*pc->decoder->filter_function)(0x26, pc->decoder); /* '&' */ + (*pc->decoder->filter_function)(0x23, pc->decoder); /* '#' */ + + s = pc->cache; + r = 1; + n = pc->digit; + while (n > 0) { + r *= 10; + n--; + } + s %= r; + r /= 10; + while (r > 0) { + d = s/r; + s %= r; + r /= 10; + (*pc->decoder->filter_function)(mbfl_hexchar_table[d], pc->decoder); + } + + break; + case 4: /* 'x' */ + (*pc->decoder->filter_function)(0x26, pc->decoder); /* '&' */ + (*pc->decoder->filter_function)(0x23, pc->decoder); /* '#' */ + (*pc->decoder->filter_function)(0x78, pc->decoder); /* 'x' */ + break; + case 5: /* '0'-'9','a'-'f' */ + (*pc->decoder->filter_function)(0x26, pc->decoder); /* '&' */ + (*pc->decoder->filter_function)(0x23, pc->decoder); /* '#' */ + (*pc->decoder->filter_function)(0x78, pc->decoder); /* 'x' */ + + s = pc->cache; + r = 1; + n = pc->digit; + while (n > 0) { + r *= 16; + n--; + } + s %= r; + r /= 16; + while (r > 0) { + d = s/r; + s %= r; + r /= 16; + (*pc->decoder->filter_function)(mbfl_hexchar_table[d], pc->decoder); + } + break; + default: + break; + } + } + + pc->status = 0; + pc->cache = 0; + pc->digit = 0; + + return 0; +} + + mbfl_string * mbfl_html_numeric_entity( mbfl_string *string, @@ -2996,7 +3070,8 @@ encoder = mbfl_convert_filter_new( string->no_encoding, mbfl_no_encoding_wchar, - collector_decode_htmlnumericentity, 0, &pc); + collector_decode_htmlnumericentity, + (int (*)(void*))mbfl_filt_decode_htmlnumericentity_flush, &pc); } if (pc.decoder == NULL || encoder == NULL) { mbfl_convert_filter_delete(encoder);
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
