mirror of
https://github.com/php/php-src.git
synced 2024-09-21 09:57:23 +00:00
Fix NULL pointer dereference with NULL content in legacy nodes (#15546)
This commit is contained in:
parent
d6c06edaec
commit
793f6321e7
@ -42,7 +42,9 @@ static zend_result dom_html5_serialize_doctype(dom_html5_serialize_context *ctx,
|
||||
static zend_result dom_html5_serialize_comment(dom_html5_serialize_context *ctx, const xmlNode *node)
|
||||
{
|
||||
TRY(ctx->write_string_len(ctx->application_data, "<!--", strlen("<!--")));
|
||||
TRY(ctx->write_string(ctx->application_data, (const char *) node->content));
|
||||
if (node->content) {
|
||||
TRY(ctx->write_string(ctx->application_data, (const char*) node->content));
|
||||
}
|
||||
return ctx->write_string_len(ctx->application_data, "-->", strlen("-->"));
|
||||
}
|
||||
|
||||
@ -131,6 +133,10 @@ static zend_result dom_html5_escape_string(dom_html5_serialize_context *ctx, con
|
||||
|
||||
static zend_result dom_html5_serialize_text_node(dom_html5_serialize_context *ctx, const xmlNode *node)
|
||||
{
|
||||
if (!node->content) {
|
||||
return SUCCESS;
|
||||
}
|
||||
|
||||
if (node->parent->type == XML_ELEMENT_NODE && php_dom_ns_is_fast(node->parent, php_dom_ns_is_html_magic_token)) {
|
||||
const xmlNode *parent = node->parent;
|
||||
size_t name_length = strlen((const char *) parent->name);
|
||||
|
@ -0,0 +1,20 @@
|
||||
--TEST--
|
||||
Serialize legacy nodes with NULL content
|
||||
--EXTENSIONS--
|
||||
dom
|
||||
--FILE--
|
||||
<?php
|
||||
$dom = Dom\HTMLDocument::createEmpty();
|
||||
$root = $dom->appendChild($dom->createElement('html'));
|
||||
|
||||
$root->appendChild($dom->importLegacyNode(new DOMText));
|
||||
$root->appendChild($dom->importLegacyNode(new DOMComment));
|
||||
$root->appendChild($dom->importLegacyNode(new DOMProcessingInstruction('target')));
|
||||
$root->appendChild($dom->importLegacyNode(new DOMCdataSection('')));
|
||||
|
||||
echo $dom->saveHTML(), "\n";
|
||||
echo $dom->documentElement->innerHTML, "\n";
|
||||
?>
|
||||
--EXPECT--
|
||||
<html><!----><?target ></html>
|
||||
<!----><?target >
|
Loading…
Reference in New Issue
Block a user