1
0
mirror of https://gitlab.gnome.org/GNOME/libxml2.git synced 2025-10-24 13:33:01 +03:00

parser: Fix detection of ']]>' when push-parsing

Fixes #850.
This commit is contained in:
Nick Wellnhofer
2025-01-31 13:07:35 +01:00
parent 115b13f9d1
commit 9efe141422
2 changed files with 69 additions and 5 deletions

View File

@@ -4955,10 +4955,12 @@ get_more:
ctxt->input->cur = in + 1;
return;
}
if ((!partial) || (ctxt->input->end - in >= 2)) {
in++;
ctxt->input->col++;
goto get_more;
}
}
nbchar = in - ctxt->input->cur;
if (nbchar > 0) {
if ((ctxt->sax != NULL) &&
@@ -5008,6 +5010,9 @@ get_more:
if (*in == '&') {
return;
}
if ((partial) && (*in == ']') && (ctxt->input->end - in < 2)) {
return;
}
SHRINK;
GROW;
in = ctxt->input->cur;
@@ -5038,6 +5043,8 @@ xmlParseCharDataComplex(xmlParserCtxtPtr ctxt, int partial) {
cur = xmlCurrentCharRecover(ctxt, &l);
while ((cur != '<') && /* checked */
(cur != '&') &&
((!partial) || (cur != ']') ||
(ctxt->input->end - ctxt->input->cur >= 2)) &&
(IS_CHAR(cur))) {
if ((cur == ']') && (NXT(1) == ']') && (NXT(2) == '>')) {
xmlFatalErr(ctxt, XML_ERR_MISPLACED_CDATA_END, NULL);
@@ -5102,7 +5109,7 @@ xmlParseCharDataComplex(xmlParserCtxtPtr ctxt, int partial) {
"Incomplete UTF-8 sequence starting with %02X\n", CUR);
NEXTL(1);
}
} else if ((cur != '<') && (cur != '&')) {
} else if ((cur != '<') && (cur != '&') && (cur != ']')) {
/* Generate the error and skip the offending character */
xmlFatalErrMsgInt(ctxt, XML_ERR_INVALID_CHAR,
"PCDATA invalid Char value %d\n", cur);

View File

@@ -372,7 +372,63 @@ testHugeEncodedChunk(void) {
return err;
}
#endif
static int
testPushCDataEnd(void) {
int err = 0;
int k;
for (k = 0; k < 2; k++) {
xmlBufferPtr buf;
xmlChar *chunk;
xmlParserCtxtPtr ctxt;
int i;
ctxt = xmlCreatePushParserCtxt(NULL, NULL, NULL, 0, NULL);
xmlCtxtSetOptions(ctxt, XML_PARSE_NOERROR);
/*
* Push parse text data with ']]>' split across chunks.
*/
buf = xmlBufferCreate();
xmlBufferCCat(buf, "<doc>");
/*
* Also test xmlParseCharDataCopmlex
*/
if (k == 0)
xmlBufferCCat(buf, "x");
else
xmlBufferCCat(buf, "\xC3\xA4");
/*
* Create enough data to trigger a "characters" SAX callback.
* (XML_PARSER_BIG_BUFFER_SIZE = 300)
*/
for (i = 0; i < 2000; i++)
xmlBufferCCat(buf, "x");
xmlBufferCCat(buf, "]");
chunk = xmlBufferDetach(buf);
xmlBufferFree(buf);
xmlParseChunk(ctxt, (char *) chunk, xmlStrlen(chunk), 0);
xmlParseChunk(ctxt, "]>xxx</doc>", 11, 1);
if (ctxt->errNo != XML_ERR_MISPLACED_CDATA_END) {
fprintf(stderr, "xmlParseChunk failed to detect CData end: %d\n",
ctxt->errNo);
err = 1;
}
xmlFree(chunk);
xmlFreeDoc(ctxt->myDoc);
xmlFreeParserCtxt(ctxt);
}
return err;
}
#endif /* PUSH */
#ifdef LIBXML_HTML_ENABLED
static int
@@ -999,6 +1055,7 @@ main(void) {
#ifdef LIBXML_PUSH_ENABLED
err |= testHugePush();
err |= testHugeEncodedChunk();
err |= testPushCDataEnd();
#endif
#ifdef LIBXML_HTML_ENABLED
err |= testHtmlIds();