GopherProxy

	improve XML entity conversion - xmlparser - XML parser
	git clone git://git.codemadness.org/xmlparser
	Log
	Files
	Refs
	README
	LICENSE
	---
	commit c37fc4290e718628f2aeeffcae135861948ff831
	parent d397ee643b3cfbb99aa18fc345407a1182a62cad
	Author: Hiltjo Posthuma <[email protected]>
	Date: Sun, 19 Jan 2020 16:18:42 +0100

	improve XML entity conversion

	- return -1 for invalid XML entities.
	- separate between NUL () and invalid entities: although both are
	usually unwanted.
	- validate the number range more strictly and don't wrap to unsigned.
	entities like: "&#-1;" are handled as invalid now. "&#;" is also invalid
	instead of the same as "".

	Diffstat:
	M xml.c \| 16 ++++++++--------

	1 file changed, 8 insertions(+), 8 deletions(-)
	---
	diff --git a/xml.c b/xml.c
	@@ -269,7 +269,7 @@ namedentitytostr(const char e, char buf, size_t bufsiz)
	return 1;
	}
	}
	- return 0;
	+ return -1;
	}

	static int
	@@ -286,12 +286,12 @@ numericentitytostr(const char e, char buf, size_t bufsi…
	errno = 0;
	/* hex (16) or decimal (10) */
	if (*e == 'x')
	- l = strtoul(e + 1, &end, 16);
	+ l = strtol(++e, &end, 16);
	else
	- l = strtoul(e, &end, 10);
	- /* invalid value or not a well-formed entity or too high codepoint */
	- if (errno \|\| *end != ';' \|\| l > 0x10FFFF)
	- return 0;
	+ l = strtol(e, &end, 10);
	+ /* invalid value or not a well-formed entity or invalid codepoint */
	+ if (errno \|\| e == end \|\| *end != ';' \|\| l < 0 \|\| l > 0x10ffff)
	+ return -1;
	len = codepointtoutf8(l, buf);
	buf[len] = '\0';

	@@ -299,13 +299,13 @@ numericentitytostr(const char e, char buf, size_t bufsi…
	}

	/* convert named- or numeric entity string to buffer string
	- * returns byte-length of string. */
	+ * returns byte-length of string or -1 on failure. */
	int
	xml_entitytostr(const char e, char buf, size_t bufsiz)
	{
	/* doesn't start with & */
	if (e[0] != '&')
	- return 0;
	+ return -1;
	/* numeric entity */
	if (e[1] == '#')
	return numericentitytostr(e + 2, buf, bufsiz);