From 84105bfcdb2a2e1fd0e60fbcefcea7c3853dee72 Mon Sep 17 00:00:00 2001 From: Mike Dalessio Date: Sun, 28 Jan 2018 12:28:05 -0500 Subject: [PATCH] ensure EntityReferences ignore malformed children libxml2 will cause EntityReferences to have a malformed child node for predefined entities. because any use of that child is likely to cause a segfault, we shall pretend that it doesn't exist. [fixes #1238] --- Manifest.txt | 5 +++-- lib/nokogiri/xml.rb | 1 + lib/nokogiri/xml/entity_reference.rb | 18 ++++++++++++++++++ test/xml/test_entity_reference.rb | 11 +++++++++++ 4 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 lib/nokogiri/xml/entity_reference.rb diff --git a/Manifest.txt b/Manifest.txt index f5483fcfb9d..5c7f4f0aa3c 100644 --- a/Manifest.txt +++ b/Manifest.txt @@ -217,6 +217,7 @@ lib/nokogiri/xml/dtd.rb lib/nokogiri/xml/element_content.rb lib/nokogiri/xml/element_decl.rb lib/nokogiri/xml/entity_decl.rb +lib/nokogiri/xml/entity_reference.rb lib/nokogiri/xml/namespace.rb lib/nokogiri/xml/node.rb lib/nokogiri/xml/node/save_options.rb @@ -297,8 +298,8 @@ test/files/xinclude.xml test/helper.rb test/html/sax/test_parser.rb test/html/sax/test_parser_context.rb -test/html/sax/test_push_parser.rb test/html/sax/test_parser_text.rb +test/html/sax/test_push_parser.rb test/html/test_builder.rb test/html/test_document.rb test/html/test_document_encoding.rb @@ -325,8 +326,8 @@ test/xml/node/test_save_options.rb test/xml/node/test_subclass.rb test/xml/sax/test_parser.rb test/xml/sax/test_parser_context.rb -test/xml/sax/test_push_parser.rb test/xml/sax/test_parser_text.rb +test/xml/sax/test_push_parser.rb test/xml/test_attr.rb test/xml/test_attribute_decl.rb test/xml/test_builder.rb diff --git a/lib/nokogiri/xml.rb b/lib/nokogiri/xml.rb index a298e74601a..bbb8c81b883 100644 --- a/lib/nokogiri/xml.rb +++ b/lib/nokogiri/xml.rb @@ -23,6 +23,7 @@ require 'nokogiri/xml/reader' require 'nokogiri/xml/notation' require 'nokogiri/xml/entity_decl' +require 'nokogiri/xml/entity_reference' require 'nokogiri/xml/schema' require 'nokogiri/xml/relax_ng' diff --git a/lib/nokogiri/xml/entity_reference.rb b/lib/nokogiri/xml/entity_reference.rb new file mode 100644 index 00000000000..56edffd42db --- /dev/null +++ b/lib/nokogiri/xml/entity_reference.rb @@ -0,0 +1,18 @@ +module Nokogiri + module XML + class EntityReference < Nokogiri::XML::Node + def children + # libxml2 will create a malformed child node for predefined + # entities. because any use of that child is likely to cause a + # segfault, we shall pretend that it doesn't exist. + # + # see https://github.com/sparklemotion/nokogiri/issues/1238 for details + NodeSet.new(document) + end + + def inspect_attributes + [:name] + end + end + end +end diff --git a/test/xml/test_entity_reference.rb b/test/xml/test_entity_reference.rb index aae98753c2f..ea67c32f000 100644 --- a/test/xml/test_entity_reference.rb +++ b/test/xml/test_entity_reference.rb @@ -28,6 +28,17 @@ def test_newline_node doc.xpath('/item').first.add_child(lf_node) assert_match(/ /, doc.to_xml) end + + def test_children_should_always_be_empty + # https://github.com/sparklemotion/nokogiri/issues/1238 + # + # libxml2 will create a malformed child node for predefined + # entities. because any use of that child is likely to cause a + # segfault, we shall pretend that it doesn't exist. + entity = Nokogiri::XML::EntityReference.new(@xml, "amp") + assert_equal 0, entity.children.length + entity.inspect # should not segfault + end end module Common