Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > by-pkgid > 56662f8135650f8f8f84b2c96c004eb0 > files > 43

php53-5.3.3-24.el5.src.rpm


http://git.php.net/?p=php-src.git;a=commitdiff;h=afe98b7829d50806559acac9b530acb8283c3bf4
http://git.php.net/?p=php-src.git;a=commitdiff;h=188c196d4da60bdde9190d2fc532650d17f7af2d
http://git.php.net/?p=php-src.git;a=commitdiff;h=8e76d0404b7f664ee6719fd98f0483f0ac4669d6
http://git.php.net/?p=php-src.git;a=commitdiff;h=fcd4b5335a6df4e0676ee32e2267ca71d70fe623

diff -up php-5.3.3/ext/libxml/libxml.c.cve1643 php-5.3.3/ext/libxml/libxml.c
--- php-5.3.3/ext/libxml/libxml.c.cve1643	2013-05-03 09:59:23.911857231 +0200
+++ php-5.3.3/ext/libxml/libxml.c	2013-05-03 10:00:12.590084029 +0200
@@ -261,6 +261,7 @@ static PHP_GINIT_FUNCTION(libxml)
 	libxml_globals->stream_context = NULL;
 	libxml_globals->error_buffer.c = NULL;
 	libxml_globals->error_list = NULL;
+	libxml_globals->entity_loader_disabled = 0;
 }
 
 /* Channel libxml file io layer through the PHP streams subsystem.
@@ -350,16 +351,15 @@ static int php_libxml_streams_IO_close(v
 }
 
 static xmlParserInputBufferPtr
-php_libxml_input_buffer_noload(const char *URI, xmlCharEncoding enc)
-{
-	return NULL;
-}
-
-static xmlParserInputBufferPtr
 php_libxml_input_buffer_create_filename(const char *URI, xmlCharEncoding enc)
 {
 	xmlParserInputBufferPtr ret;
 	void *context = NULL;
+	TSRMLS_FETCH();
+
+	if (LIBXML(entity_loader_disabled)) {
+		return NULL;
+	}
 
 	if (URI == NULL)
 		return(NULL);
@@ -835,28 +835,25 @@ static PHP_FUNCTION(libxml_clear_errors)
 }
 /* }}} */
 
+PHP_LIBXML_API zend_bool php_libxml_disable_entity_loader(zend_bool disable TSRMLS_DC)
+{
+	zend_bool old = LIBXML(entity_loader_disabled);
+
+	LIBXML(entity_loader_disabled) = disable;
+	return old;
+}
+
 /* {{{ proto bool libxml_disable_entity_loader([boolean disable]) 
    Disable/Enable ability to load external entities */
 static PHP_FUNCTION(libxml_disable_entity_loader)
 {
 	zend_bool disable = 1;
-	xmlParserInputBufferCreateFilenameFunc old;
 
 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|b", &disable) == FAILURE) {
 		return;
 	}
 
-	if (disable == 0) {
-		old = xmlParserInputBufferCreateFilenameDefault(php_libxml_input_buffer_create_filename);
-	} else {
-		old = xmlParserInputBufferCreateFilenameDefault(php_libxml_input_buffer_noload);
-	}
-
-	if (old == php_libxml_input_buffer_noload) {
-		RETURN_TRUE;
-	}
-
-	RETURN_FALSE;
+	RETURN_BOOL(php_libxml_disable_entity_loader(disable TSRMLS_CC));
 }
 /* }}} */
 
diff -up php-5.3.3/ext/libxml/php_libxml.h.cve1643 php-5.3.3/ext/libxml/php_libxml.h
--- php-5.3.3/ext/libxml/php_libxml.h.cve1643	2013-05-03 09:59:37.253919660 +0200
+++ php-5.3.3/ext/libxml/php_libxml.h	2013-05-03 10:00:12.590084029 +0200
@@ -43,6 +43,7 @@ ZEND_BEGIN_MODULE_GLOBALS(libxml)
 	zval *stream_context;
 	smart_str error_buffer;
 	zend_llist *error_list;
+	zend_bool entity_loader_disabled;
 ZEND_END_MODULE_GLOBALS(libxml)
 
 typedef struct _libxml_doc_props {
@@ -93,6 +94,7 @@ PHP_LIBXML_API void php_libxml_ctx_error
 PHP_LIBXML_API int php_libxml_xmlCheckUTF8(const unsigned char *s);
 PHP_LIBXML_API zval *php_libxml_switch_context(zval *context TSRMLS_DC);
 PHP_LIBXML_API void php_libxml_issue_error(int level, const char *msg TSRMLS_DC);
+PHP_LIBXML_API zend_bool php_libxml_disable_entity_loader(zend_bool disable TSRMLS_DC);
 
 /* Init/shutdown functions*/
 PHP_LIBXML_API void php_libxml_initialize(void);
diff -up php-5.3.3/ext/soap/php_xml.c.cve1643 php-5.3.3/ext/soap/php_xml.c
--- php-5.3.3/ext/soap/php_xml.c.cve1643	2013-05-03 09:59:13.706809313 +0200
+++ php-5.3.3/ext/soap/php_xml.c	2013-05-03 10:00:15.483097420 +0200
@@ -20,6 +20,7 @@
 /* $Id: php_xml.c 293036 2010-01-03 09:23:27Z sebastian $ */
 
 #include "php_soap.h"
+#include "ext/libxml/php_libxml.h"
 #include "libxml/parser.h"
 #include "libxml/parserInternals.h"
 
@@ -91,13 +92,17 @@ xmlDocPtr soap_xmlParseFile(const char *
 	ctxt = xmlCreateFileParserCtxt(filename);
 	PG(allow_url_fopen) = old_allow_url_fopen;
 	if (ctxt) {
+		zend_bool old;
+
 		ctxt->keepBlanks = 0;
 		ctxt->sax->ignorableWhitespace = soap_ignorableWhitespace;
 		ctxt->sax->comment = soap_Comment;
 		ctxt->sax->warning = NULL;
 		ctxt->sax->error = NULL;
 		/*ctxt->sax->fatalError = NULL;*/
+		old = php_libxml_disable_entity_loader(1 TSRMLS_CC);
 		xmlParseDocument(ctxt);
+		php_libxml_disable_entity_loader(old TSRMLS_CC);
 		if (ctxt->wellFormed) {
 			ret = ctxt->myDoc;
 			if (ret->URL == NULL && ctxt->directory != NULL) {
@@ -128,11 +133,15 @@ xmlDocPtr soap_xmlParseMemory(const void
 	xmlParserCtxtPtr ctxt = NULL;
 	xmlDocPtr ret;
 
+	TSRMLS_FETCH();
+
 /*
 	xmlInitParser();
 */
 	ctxt = xmlCreateMemoryParserCtxt(buf, buf_size);
 	if (ctxt) {
+		zend_bool old;
+
 		ctxt->sax->ignorableWhitespace = soap_ignorableWhitespace;
 		ctxt->sax->comment = soap_Comment;
 		ctxt->sax->warning = NULL;
@@ -141,7 +150,9 @@ xmlDocPtr soap_xmlParseMemory(const void
 #if LIBXML_VERSION >= 20703
 		ctxt->options |= XML_PARSE_HUGE;
 #endif
+		old = php_libxml_disable_entity_loader(1 TSRMLS_CC);
 		xmlParseDocument(ctxt);
+		php_libxml_disable_entity_loader(old TSRMLS_CC);
 		if (ctxt->wellFormed) {
 			ret = ctxt->myDoc;
 			if (ret->URL == NULL && ctxt->directory != NULL) {

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional