From 4a5d80aded1da94cd55294e7207109712201b75b Mon Sep 17 00:00:00 2001 From: Daniel Veillard Date: Fri, 18 Sep 2015 15:06:46 +0800 Subject: [PATCH] Fix a bug in CData error handling in the push parser For https://bugzilla.gnome.org/show_bug.cgi?id=754947 The checking function was returning incorrect args in some cases Adds the test to teh reg suite and fix one of the existing test output --- parser.c | 6 +++--- result/errors/754947.xml | 0 result/errors/754947.xml.err | 7 +++++++ result/errors/754947.xml.str | 5 +++++ result/errors/cdata.xml.str | 4 ++-- test/errors/754947.xml | 1 + 6 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 result/errors/754947.xml create mode 100644 result/errors/754947.xml.err create mode 100644 result/errors/754947.xml.str create mode 100644 test/errors/754947.xml diff --git a/parser.c b/parser.c index fd29a39..f1724a9 100644 --- a/parser.c +++ b/parser.c @@ -11192,7 +11192,7 @@ xmlCheckCdataPush(const xmlChar *utf, int len) { else return(-ix); } else if ((c & 0xe0) == 0xc0) {/* 2-byte code, starts with 110 */ - if (ix + 2 > len) return(ix); + if (ix + 2 > len) return(-ix); if ((utf[ix+1] & 0xc0 ) != 0x80) return(-ix); codepoint = (utf[ix] & 0x1f) << 6; @@ -11201,7 +11201,7 @@ xmlCheckCdataPush(const xmlChar *utf, int len) { return(-ix); ix += 2; } else if ((c & 0xf0) == 0xe0) {/* 3-byte code, starts with 1110 */ - if (ix + 3 > len) return(ix); + if (ix + 3 > len) return(-ix); if (((utf[ix+1] & 0xc0) != 0x80) || ((utf[ix+2] & 0xc0) != 0x80)) return(-ix); @@ -11212,7 +11212,7 @@ xmlCheckCdataPush(const xmlChar *utf, int len) { return(-ix); ix += 3; } else if ((c & 0xf8) == 0xf0) {/* 4-byte code, starts with 11110 */ - if (ix + 4 > len) return(ix); + if (ix + 4 > len) return(-ix); if (((utf[ix+1] & 0xc0) != 0x80) || ((utf[ix+2] & 0xc0) != 0x80) || ((utf[ix+3] & 0xc0) != 0x80)) diff --git a/result/errors/754947.xml b/result/errors/754947.xml new file mode 100644 index 0000000..e69de29 diff --git a/result/errors/754947.xml.err b/result/errors/754947.xml.err new file mode 100644 index 0000000..f45cb5a --- /dev/null +++ b/result/errors/754947.xml.err @@ -0,0 +1,7 @@ +./test/errors/754947.xml:1: parser error : Input is not proper UTF-8, indicate encoding ! +Bytes: 0xEE 0x5D 0x5D 0x3E + + ^ +./test/errors/754947.xml:1: parser error : Premature end of data in tag d line 1 + + ^ diff --git a/result/errors/754947.xml.str b/result/errors/754947.xml.str new file mode 100644 index 0000000..4d2f52e --- /dev/null +++ b/result/errors/754947.xml.str @@ -0,0 +1,5 @@ +./test/errors/754947.xml:1: parser error : Input is not proper UTF-8, indicate encoding ! +Bytes: 0xEE 0x5D 0x5D 0x3E + + ^ +./test/errors/754947.xml : failed to parse diff --git a/result/errors/cdata.xml.str b/result/errors/cdata.xml.str index e043441..cf83d2b 100644 --- a/result/errors/cdata.xml.str +++ b/result/errors/cdata.xml.str @@ -1,5 +1,5 @@ ./test/errors/cdata.xml:2: parser error : Input is not proper UTF-8, indicate encoding ! -Bytes: 0x5B 0x43 0xE1 0x72 +Bytes: 0xE1 0x72 0x5D 0x5D - ^ + ^ ./test/errors/cdata.xml : failed to parse diff --git a/test/errors/754947.xml b/test/errors/754947.xml new file mode 100644 index 0000000..bd9997e --- /dev/null +++ b/test/errors/754947.xml @@ -0,0 +1 @@ + \ No newline at end of file -- 2.6.3