mirror of
https://github.com/php/php-src.git
synced 2026-03-24 16:22:37 +01:00
fa83a8e15e
While fuzzing the new mb_decode_numericentity implementation, I discovered
that the fast conversion filter for 'HTML-ENTITIES' did not correctly
handle an empty named entity ('&;'), nor did it correctly handle
invalid named entities whose names were a prefix of a valid entity.
Also, it did not correctly handle the case where a named entity is
truncated and another named entity starts abruptly.
69 lines
2.7 KiB
PHP
69 lines
2.7 KiB
PHP
--TEST--
|
|
Temporary test of mbstring's HTML-ENTITIES 'encoding'
|
|
--EXTENSIONS--
|
|
mbstring
|
|
--FILE--
|
|
<?php
|
|
|
|
/* Using mbstring to convert strings to and from HTML entities has already been deprecated
|
|
* So this test should be removed when the HTML-ENTITIES 'encoding' is */
|
|
|
|
function convertToEntities($raw, $htmlent) {
|
|
$converted = mb_convert_encoding($raw, 'HTML-ENTITIES', 'UTF-8');
|
|
if ($converted !== $htmlent)
|
|
die('Expected ' . bin2hex($raw) . ' to convert to "' . $htmlent . '"; actually got "' . $converted . '"');
|
|
}
|
|
|
|
function convertFromEntities($raw, $htmlent) {
|
|
$converted = mb_convert_encoding($htmlent, 'UTF-8', 'HTML-ENTITIES');
|
|
if ($converted !== $raw)
|
|
die('Expected "' . $htmlent . '" to convert to ' . bin2hex($raw) . '; actually got ' . bin2hex($converted));
|
|
}
|
|
|
|
function testConversion($raw, $htmlent) {
|
|
convertToEntities($raw, $htmlent);
|
|
convertFromEntities($raw, $htmlent);
|
|
}
|
|
|
|
testConversion('', '');
|
|
testConversion('abc', 'abc');
|
|
testConversion('&<>', '&<>');
|
|
|
|
convertFromEntities('"', '"');
|
|
convertFromEntities("\xC3\xAC", 'ì');
|
|
|
|
convertFromEntities('あ', 'あ');
|
|
testConversion('あ', 'あ');
|
|
testConversion('abcあxyz', 'abcあxyz');
|
|
|
|
convertFromEntities('&#x;', '&#x;');
|
|
convertFromEntities('&#;', '&#;');
|
|
convertFromEntities('&#', '&#');
|
|
convertFromEntities('&', '&');
|
|
|
|
convertFromEntities("\x00", '�');
|
|
|
|
testConversion(str_repeat('あ', 100), str_repeat('あ', 100));
|
|
|
|
convertFromEntities("&;", "&;");
|
|
convertFromEntities("&f;", "&f;");
|
|
|
|
convertFromEntities("&A", "&A");
|
|
convertFromEntities("&A", "&A");
|
|
|
|
echo "Done!\n";
|
|
?>
|
|
--EXPECTF--
|
|
Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in %s
|
|
|
|
Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in %s
|
|
|
|
Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in %s
|
|
|
|
Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in %s
|
|
|
|
Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in %s
|
|
|
|
Deprecated: mb_convert_encoding(): Handling HTML entities via mbstring is deprecated; use htmlspecialchars, htmlentities, or mb_encode_numericentity/mb_decode_numericentity instead in %s
|
|
Done!
|