archive/php-src
1
0
Fork 0
mirror of https://github.com/php/php-src.git synced 2025-08-16 05:58:45 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

namespace/tagname validation fixes (Adam Trachtenberg)

Browse source 
added new test
This commit is contained in:
Rob Richards 2004-05-27 11:15:45 +00:00
parent 7f887852a6
commit edae935c26
6 changed files with 489 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

36
ext/dom/document.c
View file

@ -759,8 +759,8 @@ PHP_FUNCTION(dom_document_create_element)
DOM_GET_OBJ(docp, id, xmlDocPtr, intern);
if (name_len == 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Element name is required");
if (xmlValidateName((xmlChar *) name, 0) != 0) {
php_dom_throw_error(INVALID_CHARACTER_ERR, dom_get_strict_error(intern->document) TSRMLS_CC);
RETURN_FALSE;
}
@ -908,6 +908,11 @@ PHP_FUNCTION(dom_document_create_processing_instruction)
DOM_GET_OBJ(docp, id, xmlDocPtr, intern);
if (xmlValidateName((xmlChar *) name, 0) != 0) {
php_dom_throw_error(INVALID_CHARACTER_ERR, dom_get_strict_error(intern->document) TSRMLS_CC);
RETURN_FALSE;
}
node = xmlNewPI((xmlChar *) name, (xmlChar *) value);
if (!node) {
RETURN_FALSE;
@ -939,8 +944,8 @@ PHP_FUNCTION(dom_document_create_attribute)
DOM_GET_OBJ(docp, id, xmlDocPtr, intern);
if (name_len == 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Attribute name is required");
if (xmlValidateName((xmlChar *) name, 0) != 0) {
php_dom_throw_error(INVALID_CHARACTER_ERR, dom_get_strict_error(intern->document) TSRMLS_CC);
RETURN_FALSE;
}
@ -974,6 +979,11 @@ PHP_FUNCTION(dom_document_create_entity_reference)
DOM_GET_OBJ(docp, id, xmlDocPtr, intern);
if (xmlValidateName((xmlChar *) name, 0) != 0) {
php_dom_throw_error(INVALID_CHARACTER_ERR, dom_get_strict_error(intern->document) TSRMLS_CC);
RETURN_FALSE;
}
node = xmlNewReference(docp, name);
if (!node) {
RETURN_FALSE;
@ -1073,16 +1083,12 @@ PHP_FUNCTION(dom_document_create_element_ns)
return;
}
if (name_len == 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Element Name is required");
RETURN_FALSE;
}
DOM_GET_OBJ(docp, id, xmlDocPtr, intern);
errorcode = dom_check_qname(name, &localname, &prefix, uri_len, name_len);
if (errorcode == 0) {
if (xmlValidateName((xmlChar *) localname, 0) == 0) {
nodep = xmlNewDocNode (docp, NULL, localname, NULL);
if (nodep != NULL && uri != NULL) {
nsptr = xmlSearchNsByHref (nodep->doc, nodep, uri);
@ -1091,6 +1097,9 @@ PHP_FUNCTION(dom_document_create_element_ns)
}
xmlSetNs(nodep, nsptr);
}
} else {
errorcode = INVALID_CHARACTER_ERR;
}
}
xmlFree(localname);
@ -1138,17 +1147,13 @@ PHP_FUNCTION(dom_document_create_attribute_ns)
return;
}
if (name_len == 0) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Qualified Name is required");
RETURN_FALSE;
}
DOM_GET_OBJ(docp, id, xmlDocPtr, intern);
root = xmlDocGetRootElement(docp);
if (root != NULL) {
errorcode = dom_check_qname(name, &localname, &prefix, uri_len, name_len);
if (errorcode == 0) {
if (xmlValidateName((xmlChar *) localname, 0) == 0) {
nodep = (xmlNodePtr) xmlNewDocProp(docp, localname, NULL);
if (nodep != NULL && uri_len > 0) {
nsptr = xmlSearchNsByHref (nodep->doc, root, uri);
@ -1157,6 +1162,9 @@ PHP_FUNCTION(dom_document_create_attribute_ns)
}
xmlSetNs(nodep, nsptr);
}
} else {
errorcode = INVALID_CHARACTER_ERR;
}
}
} else {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Document Missing Root Element");

10
ext/dom/element.c
View file

@ -58,7 +58,7 @@ zend_function_entry php_dom_element_class_functions[] = {
{NULL, NULL, NULL}
};
/* {{{ proto void DomElement::__construct(string name, [string value]); */
/* {{{ proto void DomElement::__construct(string name, [string value], [string uri]); */
PHP_METHOD(domelement, __construct)
{
@ -106,6 +106,14 @@ PHP_METHOD(domelement, __construct)
RETURN_FALSE;
}
} else {
/* If you don't pass a namespace uri, then you can't set a prefix */
localname = xmlSplitQName2(name, (xmlChar **) &prefix);
if (prefix != NULL) {
xmlFree(localname);
xmlFree(prefix);
php_dom_throw_error(NAMESPACE_ERR, 1 TSRMLS_CC);
RETURN_FALSE;
}
nodep = xmlNewNode(NULL, (xmlChar *) name);
}

6
ext/dom/entityreference.c
View file

@ -48,7 +48,7 @@ PHP_METHOD(domentityreference, __construct)
xmlNodePtr oldnode = NULL;
dom_object *intern;
char *name;
int name_len;
int name_len, name_valid;
php_set_error_handling(EH_THROW, dom_domexception_class_entry TSRMLS_CC);
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os", &id, dom_entityreference_class_entry, &name, &name_len) == FAILURE) {
@ -57,7 +57,9 @@ PHP_METHOD(domentityreference, __construct)
}
php_std_error_handling();
if (name_len == 0) {
name_valid = xmlValidateName((xmlChar *) name, 0);
if (name_valid != 0) {
php_dom_throw_error(INVALID_CHARACTER_ERR, 1 TSRMLS_CC);
RETURN_FALSE;
}

52
ext/dom/php_dom.c
View file

@ -1229,34 +1229,62 @@ void dom_set_old_ns(xmlDoc *doc, xmlNs *ns) {
}
/* }}} end dom_set_old_ns */
int dom_check_qname(char *qname, char **localname, char **prefix, int uri_len, int name_len) {
int errorcode = 0;
/*
http://www.w3.org/TR/2004/REC-DOM-Level-3-Core-20040407/core.html#ID-DocCrElNS
NAMESPACE_ERR: Raised if
1. the qualifiedName is a malformed qualified name
2. the qualifiedName has a prefix and the namespaceURI is null
*/
/* {{{ int dom_check_qname(char *qname, char **localname, char **prefix, int uri_len, int name_len) */
int dom_check_qname(char *qname, char **localname, char **prefix, int uri_len, int name_len) {
if (name_len == 0) {
return NAMESPACE_ERR;
}
if (name_len > 0) {
*localname = xmlSplitQName2(qname, (xmlChar **) prefix);
if (*localname == NULL) {
*localname = xmlStrdup(qname);
if (*prefix == NULL && uri_len == 0) {
return errorcode;
return 0;
}
}
if (uri_len == 0 || *localname == NULL || (xmlStrchr(*localname, (xmlChar) ':') != NULL)) {
errorcode = NAMESPACE_ERR;
}
} else {
errorcode = NAMESPACE_ERR;
}
return errorcode;
/* 1 */
if (xmlValidateQName((xmlChar *) qname, 0) != 0) {
return NAMESPACE_ERR;
}
/* 2 */
if (*prefix != NULL && uri_len == 0) {
return NAMESPACE_ERR;
}
return 0;
}
/*
http://www.w3.org/TR/2004/REC-DOM-Level-3-Core-20040407/core.html#ID-DocCrElNS
NAMESPACE_ERR: Raised if
3. the qualifiedName has a prefix that is "xml" and the namespaceURI is different from "http://www.w3.org/XML/1998/namespace" [XML Namespaces]
4. the qualifiedName or its prefix is "xmlns" and the namespaceURI is different from "http://www.w3.org/2000/xmlns/"
5. the namespaceURI is "http://www.w3.org/2000/xmlns/" and neither the qualifiedName nor its prefix is "xmlns".
*/
/* {{{ xmlNsPtr dom_get_ns(xmlNodePtr nodep, char *uri, int *errorcode, char *prefix) */
xmlNsPtr dom_get_ns(xmlNodePtr nodep, char *uri, int *errorcode, char *prefix) {
xmlNsPtr nsptr = NULL;
*errorcode = 0;
if (! (prefix && !strcmp (prefix, "xml") && strcmp(uri, XML_XML_NAMESPACE))) {
if (! ((prefix && !strcmp (prefix, "xml" ) && strcmp(uri, XML_XML_NAMESPACE)) ||
(prefix && !strcmp (prefix, "xmlns") && strcmp(uri, DOM_XMLNS_NAMESPACE)) ||
(prefix && !strcmp(uri, DOM_XMLNS_NAMESPACE) && strcmp (prefix, "xmlns")))) {
nsptr = xmlNewNs(nodep, uri, prefix);
}

6
ext/dom/processinginstruction.c
View file

@ -48,7 +48,7 @@ PHP_METHOD(domprocessinginstruction, __construct)
xmlNodePtr nodep = NULL, oldnode = NULL;
dom_object *intern;
char *name, *value = NULL;
int name_len, value_len;
int name_len, value_len, name_valid;
php_set_error_handling(EH_THROW, dom_domexception_class_entry TSRMLS_CC);
if (zend_parse_method_parameters(ZEND_NUM_ARGS() TSRMLS_CC, getThis(), "Os|s", &id, dom_processinginstruction_class_entry, &name, &name_len, &value, &value_len) == FAILURE) {
@ -57,7 +57,9 @@ PHP_METHOD(domprocessinginstruction, __construct)
}
php_std_error_handling();
if (name_len == 0) {
name_valid = xmlValidateName((xmlChar *) name, 0);
if (name_valid != 0) {
php_dom_throw_error(INVALID_CHARACTER_ERR, 1 TSRMLS_CC);
RETURN_FALSE;
}

394
ext/dom/tests/dom_create_element.phpt Normal file
View file

@ -0,0 +1,394 @@
--TEST--
Test 1: Creating Elements with and without Namespaces
--SKIPIF--
<?php require_once('skipif.inc'); ?>
--FILE--
<?php
print " 1 DOMDocument::createElement('valid')\n";
try {
$dom = new domDocument;
$dom->createElement('valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 2 DOMDocument::createElement('-invalid')\n";
try {
$dom = new domDocument;
$dom->createElement('-invalid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 3 DOMDocument::createElement(' ')\n";
try {
$dom = new domDocument;
$dom->createElement(' ');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 4 DOMDocument::createElement('prefix:valid')\n";
try {
$dom = new domDocument;
$dom->createElement('prefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 5 DOMDocument::createElementNS('http://valid.com', 'valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://valid.com', 'valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 6 DOMDocument::createElementNS('http://valid.com', 'prefix:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://valid.com', 'prefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 7 DOMDocument::createElementNS('http://valid.com', '-invalid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://valid.com', '-invalid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 8 DOMDocument::createElementNS('http://valid.com', 'prefix:-invalid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://valid.com', 'prefix:-invalid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print " 9 DOMDocument::createElementNS('', 'prefix:invalid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('', 'prefix:invalid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "10 DOMDocument::createElementNS('http://valid.com', 'prefix:valid:invalid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://valid.com', 'prefix:valid:invalid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "11 DOMDocument::createElementNS('http://valid.com', '-prefix:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://valid.com', '-prefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "12 DOMDocument::createElementNS('-', 'prefix:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('-', 'prefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "13 DOMElement::__construct('valid')\n";
try {
$element = new DomElement('valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "14 DOMElement::__construct('-invalid')\n";
try {
$element = new DomElement('-invalid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "15 DOMElement::__construct(' ')\n";
try {
$element = new DomElement(' ');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "16 DOMElement::__construct('prefix:valid')\n";
try {
$element = new DomElement('prefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "17 DOMElement::__construct('valid', '', 'http://valid.com')\n";
try {
$element = new DomElement('valid', '', 'http://valid.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "18 DOMElement::__construct('prefix:valid', '', 'http://valid.com')\n";
try {
$element = new DomElement('prefix:valid', '', 'http://valid.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "19 DOMElement::__construct('-invalid', '', 'http://valid.com')\n";
try {
$element = new DomElement('-invalid', '', 'http://valid.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "20 DOMElement::__construct('prefix:-invalid', '', 'http://valid.com')\n";
try {
$element = new DomElement('prefix:-invalid', '', 'http://valid.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "21 DOMElement::__construct('prefix:invalid', '', '')\n";
try {
$element = new DomElement('prefix:invalid', '', '');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "22 DOMElement::__construct('prefix:valid:invalid', '', 'http://valid.com')\n";
try {
$element = new DomElement('prefix:valid:invalid', '', 'http://valid.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "23 DOMElement::__construct('-prefix:valid', '', 'http://valid.com')\n";
try {
$element = new DomElement('-prefix:valid', '', 'http://valid.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "24 DOMElement::__construct('prefix:valid', '', '-')\n";
try {
$element = new DomElement('prefix:valid', '', '-');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
/* the qualifiedName has a prefix and the namespaceURI is null */
print "25 DOMDocument::createElementNS('', 'prefix:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('', 'prefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
/* the qualifiedName has a prefix that is "xml" and the namespaceURI
is different from "http://www.w3.org/XML/1998/namespace" [XML Namespaces] */
print "26 DOMDocument::createElementNS('http://wrong.namespaceURI.com', 'xml:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://wrong.namespaceURI.com', 'xml:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "27 DOMElement::__construct('xml:valid', '', 'http://wrong.namespaceURI.com')\n";
try {
$element = new DomElement('xml:valid', '', 'http://wrong.namespaceURI.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
/* This is okay because we reuse the xml namespace from the document */
print "28 DOMDocument::createElementNS('http://www.w3.org/XML/1998/namespace', 'xml:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://www.w3.org/XML/1998/namespace', 'xml:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
/* This isn't because the xml namespace isn't there and we can't create it */
print "29 DOMElement::__construct('xml:valid', '', 'http://www.w3.org/XML/1998/namespace')\n";
try {
$element = new DomElement('xml:valid', '', 'http://www.w3.org/XML/1998/namespace');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
/* the qualifiedName or its prefix is "xmlns" and the namespaceURI is
different from "http://www.w3.org/2000/xmlns/" */
print "30 DOMDocument::createElementNS('http://wrong.namespaceURI.com', 'xmlns:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://wrong.namespaceURI.com', 'xmlns:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "31 DOMElement::__construct('xmlns:valid', '', 'http://wrong.namespaceURI.com')\n";
try {
$element = new DomElement('xmlns:valid', '', 'http://wrong.namespaceURI.com');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "32 DOMDocument::createElementNS('http://www.w3.org/2000/xmlns/', 'xmlns:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://www.w3.org/2000/xmlns/', 'xmlns:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "33 DOMElement::__construct('xmlns:valid', '', 'http://www.w3.org/2000/xmlns/')\n";
try {
$element = new DomElement('xmlns:valid', '', 'http://www.w3.org/2000/xmlns/');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
/* the namespaceURI is "http://www.w3.org/2000/xmlns/" and neither the
qualifiedName nor its prefix is "xmlns". */
print "34 DOMDocument::createElementNS('http://www.w3.org/2000/xmlns/', 'wrongprefix:valid')\n";
try {
$dom = new domDocument;
$dom->createElementNS('http://www.w3.org/2000/xmlns/', 'wrongprefix:valid');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
print "35 DOMElement::__construct('wrongprefix:valid', '', 'http://www.w3.org/2000/xmlns/')\n";
try {
$element = new DomElement('wrongprefix:valid', '', 'http://www.w3.org/2000/xmlns/');
print "valid\n";
} catch (Exception $e) {
print $e->getMessage() . "\n";
}
?>
--EXPECT--
1 DOMDocument::createElement('valid')
valid
2 DOMDocument::createElement('-invalid')
Invalid Character Error
3 DOMDocument::createElement(' ')
Invalid Character Error
4 DOMDocument::createElement('prefix:valid')
valid
5 DOMDocument::createElementNS('http://valid.com', 'valid')
valid
6 DOMDocument::createElementNS('http://valid.com', 'prefix:valid')
valid
7 DOMDocument::createElementNS('http://valid.com', '-invalid')
Namespace Error
8 DOMDocument::createElementNS('http://valid.com', 'prefix:-invalid')
Namespace Error
9 DOMDocument::createElementNS('', 'prefix:invalid')
Namespace Error
10 DOMDocument::createElementNS('http://valid.com', 'prefix:valid:invalid')
Namespace Error
11 DOMDocument::createElementNS('http://valid.com', '-prefix:valid')
Namespace Error
12 DOMDocument::createElementNS('-', 'prefix:valid')
valid
13 DOMElement::__construct('valid')
valid
14 DOMElement::__construct('-invalid')
Invalid Character Error
15 DOMElement::__construct(' ')
Invalid Character Error
16 DOMElement::__construct('prefix:valid')
Namespace Error
17 DOMElement::__construct('valid', '', 'http://valid.com')
valid
18 DOMElement::__construct('prefix:valid', '', 'http://valid.com')
valid
19 DOMElement::__construct('-invalid', '', 'http://valid.com')
Invalid Character Error
20 DOMElement::__construct('prefix:-invalid', '', 'http://valid.com')
Namespace Error
21 DOMElement::__construct('prefix:invalid', '', '')
Namespace Error
22 DOMElement::__construct('prefix:valid:invalid', '', 'http://valid.com')
Namespace Error
23 DOMElement::__construct('-prefix:valid', '', 'http://valid.com')
Invalid Character Error
24 DOMElement::__construct('prefix:valid', '', '-')
valid
25 DOMDocument::createElementNS('', 'prefix:valid')
Namespace Error
26 DOMDocument::createElementNS('http://wrong.namespaceURI.com', 'xml:valid')
Namespace Error
27 DOMElement::__construct('xml:valid', '', 'http://wrong.namespaceURI.com')
Namespace Error
28 DOMDocument::createElementNS('http://www.w3.org/XML/1998/namespace', 'xml:valid')
valid
29 DOMElement::__construct('xml:valid', '', 'http://www.w3.org/XML/1998/namespace')
Namespace Error
30 DOMDocument::createElementNS('http://wrong.namespaceURI.com', 'xmlns:valid')
Namespace Error
31 DOMElement::__construct('xmlns:valid', '', 'http://wrong.namespaceURI.com')
Namespace Error
32 DOMDocument::createElementNS('http://www.w3.org/2000/xmlns/', 'xmlns:valid')
valid
33 DOMElement::__construct('xmlns:valid', '', 'http://www.w3.org/2000/xmlns/')
valid
34 DOMDocument::createElementNS('http://www.w3.org/2000/xmlns/', 'wrongprefix:valid')
Namespace Error
35 DOMElement::__construct('wrongprefix:valid', '', 'http://www.w3.org/2000/xmlns/')
Namespace Error