From 8d4b41605b0bbc731dafc7bd8a9f850eaf06f552 Mon Sep 17 00:00:00 2001 From: Alexander Barkov Date: Wed, 10 Dec 2008 13:05:57 +0400 Subject: Bug#38227 EXTRACTVALUE doesn't work with DTD declarations Problem: XML syntax parser allowed to use quoted strings as attribute names, and tried to put them into parser state stack instead of identifiers. After that parser failed, if quoted string contained some slash characters. Fix: - Disallowing quoted strings in regular tags. - Allowing quoted string in DOCTYPE declararion, but don't push it into parse state stack (just skip it). --- strings/xml.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'strings') diff --git a/strings/xml.c b/strings/xml.c index 5c62a8e8603..1b697ec6b26 100644 --- a/strings/xml.c +++ b/strings/xml.c @@ -328,7 +328,7 @@ int my_xml_parse(MY_XML_PARSER *p,const char *str, size_t len) } while ((MY_XML_IDENT == (lex=my_xml_scan(p,&a))) || - (MY_XML_STRING == lex)) + ((MY_XML_STRING == lex && exclam))) { MY_XML_ATTR b; if (MY_XML_EQ == (lex=my_xml_scan(p,&b))) @@ -349,13 +349,22 @@ int my_xml_parse(MY_XML_PARSER *p,const char *str, size_t len) return MY_XML_ERROR; } } - else if ((MY_XML_STRING == lex) || (MY_XML_IDENT == lex)) + else if (MY_XML_IDENT == lex) { p->current_node_type= MY_XML_NODE_ATTR; if ((MY_XML_OK != my_xml_enter(p,a.beg,(size_t) (a.end-a.beg))) || (MY_XML_OK != my_xml_leave(p,a.beg,(size_t) (a.end-a.beg)))) return MY_XML_ERROR; } + else if ((MY_XML_STRING == lex) && exclam) + { + /* + We are in , e.g. + + + Just skip "SystemLiteral" and "PublicidLiteral" + */ + } else break; } -- cgit v1.2.1