From: tstarling at wikimedia dot org Operating system: Linux PHP version: 5.2.8 PHP Bug Type: XML related Bug description: Entity reference parsing broken since libxml 2.5.x
Description: ------------ The xml extension (xml_parser_create() etc) has totally broken entity reference parsing when compiled with a modern libxml2 library. This appears to be due to some clueless code inserted in compat.c 1.37 (November 2004) http://cvs.php.net/viewvc.cgi/php-src/ext/xml/compat.c?r1=1.36&r2=1.37&pathrev=PHP_5_2 parser->parser->wellFormed = 0; parser->wellFormed is set to 1 by libxml's xmlInitParserCtxt(), and then to 0 by all the error cases that make the document not well-formed. Setting wellFormed=0, before parsing even begins, means that all input is unconditionally considered to be not well formed. This probably causes all sorts of bugs, but the present one is an interaction with libxml2 r1177: http://svn.gnome.org/viewvc/libxml2/trunk/parser.c?r1=1176&r2=1177&; At line 5174 on the right, entities such as "<" encountered while wellFormed==0 are ignored. Simply removing the quoted line from compat.c fixes the bug, without breaking any unit tests. Reported to Wikimedia at https://bugzilla.wikimedia.org/show_bug.cgi?id=16554 Reproduce code: --------------- Compile libxml2 from source, version 2.5 or later, and link it to PHP with --with-libxml-dir. <?php function ping($parser, $s) { echo "$s\n"; } $parser = xml_parser_create(); xml_set_character_data_handler($parser,'ping'); xml_parse($parser,'<a>a<b</a>'); ?> Expected result: ---------------- a < b Actual result: -------------- a b -- Edit bug report at http://bugs.php.net/?id=47066&edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=47066&r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=47066&r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=47066&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=47066&r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=47066&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=47066&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=47066&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=47066&r=needscript Try newer version: http://bugs.php.net/fix.php?id=47066&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=47066&r=support Expected behavior: http://bugs.php.net/fix.php?id=47066&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=47066&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=47066&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=47066&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47066&r=php4 Daylight Savings: http://bugs.php.net/fix.php?id=47066&r=dst IIS Stability: http://bugs.php.net/fix.php?id=47066&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=47066&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=47066&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=47066&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=47066&r=mysqlcfg
