From eca9bf617ab517b73598f449388b543d19c72b7d Mon Sep 17 00:00:00 2001
From: shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sat, 18 May 2013 14:55:14 +0000
Subject: [PATCH] merge revision(s) 39384,39509,39511: [Backport #7961]

	* lib/rexml/document.rb (REXML::Document.entity_expansion_text_limit):
	  new attribute to read/write entity expansion text limit.  the default
	  limit is 10Kb.

	* lib/rexml/text.rb (REXML::Text.unnormalize): check above attribute.

	* lib/rexml/document.rb: move entity_expansion_limit accessor to ...

	* lib/rexml/rexml.rb: ... here to make rexml/text independent from
	  REXML::Document. It causes circular require.

	* lib/rexml/document.rb (REXML::Document.entity_expansion_limit):
	  deprecated.

	* lib/rexml/document.rb (REXML::Document.entity_expansion_limit=):
	  deprecated.

	* lib/rexml/text.rb: add missing require "rexml/rexml" for
	  REXML.entity_expansion_limit.
	  Reported by Robert Ulejczyk. Thanks!!! [ruby-core:52895] [Bug #7961]

	* lib/rexml/document.rb: move entity_expansion_text_limit accessor to ...

	* lib/rexml/document.rb (REXML::Document.entity_expansion_text_limit):

	* lib/rexml/document.rb (REXML::Document.entity_expansion_text_limit=):
	  REXML.entity_expansion_text_limit.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@40812 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog             | 21 +++++++++++++++++
 lib/rexml/document.rb | 14 +++++++++++
 lib/rexml/rexml.rb    | 12 ++++++++++
 lib/rexml/text.rb     | 55 +++++++++++++++++++++----------------------
 version.h             | 12 +++++-----
 5 files changed, 80 insertions(+), 34 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index e2e1059b5f..c80774fd4c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,24 @@
+Sat May 18 23:34:50 2013  Kouhei Sutou  <kou@cozmixng.org>
+
+	* lib/rexml/document.rb: move entity_expansion_text_limit accessor to ...
+	* lib/rexml/rexml.rb: ... here to make rexml/text independent from
+	  REXML::Document. It causes circular require.
+	* lib/rexml/document.rb (REXML::Document.entity_expansion_text_limit):
+	  deprecated.
+	* lib/rexml/document.rb (REXML::Document.entity_expansion_text_limit=):
+	  deprecated.
+	* lib/rexml/text.rb: add missing require "rexml/rexml" for
+	  REXML.entity_expansion_text_limit.
+	  Reported by Robert Ulejczyk. Thanks!!! [ruby-core:52895] [Bug #7961]
+
+Sat May 18 23:34:50 2013  Aaron Patterson <aaron@tenderlovemaking.com>
+
+	* lib/rexml/document.rb (REXML::Document.entity_expansion_text_limit):
+	  new attribute to read/write entity expansion text limit.  the default
+	  limit is 10Kb.
+
+	* lib/rexml/text.rb (REXML::Text.unnormalize): check above attribute.
+
 Fri Oct 12 12:25:15 2012  URABE Shyouhei  <shyouhei@ruby-lang.org>
 
 	* error.c (name_err_to_s): we need not infect msg.
diff --git a/lib/rexml/document.rb b/lib/rexml/document.rb
index 3d1300a06b..16a2c77281 100644
--- a/lib/rexml/document.rb
+++ b/lib/rexml/document.rb
@@ -213,6 +213,20 @@ module REXML
       return @@entity_expansion_limit
     end
 
+    # Set the entity expansion limit. By default the limit is set to 10240.
+    #
+    # Deprecated. Use REXML.entity_expansion_text_limit= instead.
+    def Document::entity_expansion_text_limit=( val )
+      REXML.entity_expansion_text_limit = val
+    end
+
+    # Get the entity expansion limit. By default the limit is set to 10000.
+    #
+    # Deprecated. Use REXML.entity_expansion_text_limit instead.
+    def Document::entity_expansion_text_limit
+      return REXML.entity_expansion_text_limit
+    end
+
     attr_reader :entity_expansion_count
     
     def record_entity_expansion
diff --git a/lib/rexml/rexml.rb b/lib/rexml/rexml.rb
index 95bc2a7f6d..8845300176 100644
--- a/lib/rexml/rexml.rb
+++ b/lib/rexml/rexml.rb
@@ -29,4 +29,16 @@ module REXML
 
   Copyright = COPYRIGHT
   Version = VERSION
+
+  @@entity_expansion_text_limit = 10_240
+
+  # Set the entity expansion limit. By default the limit is set to 10240.
+  def self.entity_expansion_text_limit=( val )
+    @@entity_expansion_text_limit = val
+  end
+
+  # Get the entity expansion limit. By default the limit is set to 10240.
+  def self.entity_expansion_text_limit
+    return @@entity_expansion_text_limit
+  end
 end
diff --git a/lib/rexml/text.rb b/lib/rexml/text.rb
index a4a30b6d54..b6dbf45bc9 100644
--- a/lib/rexml/text.rb
+++ b/lib/rexml/text.rb
@@ -1,3 +1,4 @@
+require 'rexml/rexml'
 require 'rexml/entity'
 require 'rexml/doctype'
 require 'rexml/child'
@@ -308,37 +309,35 @@ module REXML
 
     # Unescapes all possible entities
     def Text::unnormalize( string, doctype=nil, filter=nil, illegal=nil )
-      rv = string.clone
-      rv.gsub!( /\r\n?/, "\n" )
-      matches = rv.scan( REFERENCE )
-      return rv if matches.size == 0
-      rv.gsub!( NUMERICENTITY ) {|m|
-        m=$1
-        m = "0#{m}" if m[0] == ?x
-        [Integer(m)].pack('U*')
-      }
-      matches.collect!{|x|x[0]}.compact!
-      if matches.size > 0
-        if doctype
-          matches.each do |entity_reference|
-            unless filter and filter.include?(entity_reference)
-              entity_value = doctype.entity( entity_reference )
-              re = /&#{entity_reference};/
-              rv.gsub!( re, entity_value ) if entity_value
-            end
-          end
+      sum = 0
+      string.gsub( /\r\n?/, "\n" ).gsub( REFERENCE ) {
+        s = Text.expand($&, doctype, filter)
+        if sum + s.bytesize > REXML.entity_expansion_text_limit
+          raise "entity expansion has grown too large"
         else
-          matches.each do |entity_reference|
-            unless filter and filter.include?(entity_reference)
-              entity_value = DocType::DEFAULT_ENTITIES[ entity_reference ]
-              re = /&#{entity_reference};/
-              rv.gsub!( re, entity_value.value ) if entity_value
-            end
-          end
+          sum += s.bytesize
         end
-        rv.gsub!( /&amp;/, '&' )
+        s
+      }
+    end
+
+    def Text.expand(ref, doctype, filter)
+      if ref[1] == ?#
+        if ref[2] == ?x
+          [ref[3...-1].to_i(16)].pack('U*')
+        else
+          [ref[2...-1].to_i].pack('U*')
+        end
+      elsif ref == '&amp;'
+        '&'
+      elsif filter and filter.include?( ref[1...-1] )
+        ref
+      elsif doctype
+        doctype.entity( ref[1...-1] ) or ref
+      else
+        entity_value = DocType::DEFAULT_ENTITIES[ ref[1...-1] ]
+        entity_value ? entity_value.value : ref
       end
-      rv
     end
   end
 end
diff --git a/version.h b/version.h
index e509ed2eeb..2158647b70 100644
--- a/version.h
+++ b/version.h
@@ -1,15 +1,15 @@
 #define RUBY_VERSION "1.8.7"
-#define RUBY_RELEASE_DATE "2012-10-12"
+#define RUBY_RELEASE_DATE "2013-05-18"
 #define RUBY_VERSION_CODE 187
-#define RUBY_RELEASE_CODE 20121012
-#define RUBY_PATCHLEVEL 371
+#define RUBY_RELEASE_CODE 20130518
+#define RUBY_PATCHLEVEL 372
 
 #define RUBY_VERSION_MAJOR 1
 #define RUBY_VERSION_MINOR 8
 #define RUBY_VERSION_TEENY 7
-#define RUBY_RELEASE_YEAR 2012
-#define RUBY_RELEASE_MONTH 10
-#define RUBY_RELEASE_DAY 12
+#define RUBY_RELEASE_YEAR 2013
+#define RUBY_RELEASE_MONTH 5
+#define RUBY_RELEASE_DAY 18
 
 #ifdef RUBY_EXTERN
 RUBY_EXTERN const char ruby_version[];