php/archived-php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2026-03-24 00:02:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'PHP-8.3' into PHP-8.4

Browse Source 
* PHP-8.3:
  ext/libxml: Fixed custom external entity loader returning an invalid resource leading to a confusing TypeError message
This commit is contained in:
Gina Peter Banyard
2025-04-07 12:59:31 +01:00
parent fed948dbd4 61f704f269
commit 1e9e397122
3 changed files with 17 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@@ -17,6 +17,10 @@ PHP NEWS
. Fixed GH-18243 imagettftext() overflow/underflow on font size value.
(David Carlier)
- libxml:
. Fixed custom external entity loader returning an invalid resource leading
to a confusing TypeError message. (Girgias)
- OpenSSL:
. Fix memory leak in openssl_sign() when passing invalid algorithm.
(nielsdos)

19
ext/libxml/libxml.c
View File

@@ -769,13 +769,18 @@ static xmlParserInputPtr _php_libxml_external_entity_loader(const char *URL,
is_string:
resource = Z_STRVAL(retval);
} else if (Z_TYPE(retval) == IS_RESOURCE) {
php_stream *stream;
php_stream_from_zval_no_verify(stream, &retval);
if (stream == NULL) {
php_libxml_ctx_error(context,
"The user entity loader callback '%s' has returned a "
"resource, but it is not a stream",
ZSTR_VAL(LIBXML(entity_loader_callback).function_handler->common.function_name));
php_stream *stream = (php_stream*)zend_fetch_resource2_ex(&retval, NULL, php_file_le_stream(), php_file_le_pstream());
if (UNEXPECTED(stream == NULL)) {
zval callable;
zend_get_callable_zval_from_fcc(&LIBXML(entity_loader_callback), &callable);
zend_string *callable_name = zend_get_callable_name(&callable);
zend_string *func_name = get_active_function_or_method_name();
zend_type_error(
"%s(): The user entity loader callback \"%s\" has returned a resource, but it is not a stream",
ZSTR_VAL(func_name), ZSTR_VAL(callable_name));
zend_string_release(func_name);
zend_string_release(callable_name);
zval_ptr_dtor(&callable);
} else {
/* TODO: allow storing the encoding in the stream context? */
xmlCharEncoding enc = XML_CHAR_ENCODING_NONE;

2
ext/libxml/tests/libxml_get_external_entity_loader_error_callback_name.phpt
View File

@@ -37,4 +37,4 @@ try {
?>
--EXPECT--
string(73) "DOMDocument::validate(): supplied resource is not a valid stream resource"
string(122) "DOMDocument::validate(): The user entity loader callback "Handler::handle" has returned a resource, but it is not a stream"