commit 41b0d17368565b56677455be61b2c892bd665a27 Author: Daniel Veillard Date: Wed Jun 11 16:54:32 2014 +0800 Fix regressions introduced by CVE-2014-0191 patch A number of issues have been raised after the fix, and this patch tries to correct all of them, though most were related to postvalidation. https://bugzilla.gnome.org/show_bug.cgi?id=730290 and other reports on list, off-list and on Red Hat bugzilla diff --git a/parser.c b/parser.c index 32f1475..b58c2f0 100644 --- a/parser.c +++ b/parser.c @@ -2622,8 +2622,8 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) { xmlCharEncoding enc; /* - * Note: external parsed entities will not be loaded, it is - * not required for a non-validating parser, unless the + * Note: external parameter entities will not be loaded, it + * is not required for a non-validating parser, unless the * option of validating, or substituting entities were * given. Doing so is far more secure as the parser will * only process data coming from the document entity by @@ -2632,6 +2632,9 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) { if ((entity->etype == XML_EXTERNAL_PARAMETER_ENTITY) && ((ctxt->options & XML_PARSE_NOENT) == 0) && ((ctxt->options & XML_PARSE_DTDVALID) == 0) && + ((ctxt->options & XML_PARSE_DTDLOAD) == 0) && + ((ctxt->options & XML_PARSE_DTDATTR) == 0) && + (ctxt->replaceEntities == 0) && (ctxt->validate == 0)) return; @@ -12643,6 +12646,9 @@ xmlIOParseDTD(xmlSAXHandlerPtr sax, xmlParserInputBufferPtr input, return(NULL); } + /* We are loading a DTD */ + ctxt->options |= XML_PARSE_DTDLOAD; + /* * Set-up the SAX context */ @@ -12770,6 +12776,9 @@ xmlSAXParseDTD(xmlSAXHandlerPtr sax, const xmlChar *ExternalID, return(NULL); } + /* We are loading a DTD */ + ctxt->options |= XML_PARSE_DTDLOAD; + /* * Set-up the SAX context */