From f2edeaaecebfad1edef3e6504ffb772e5e4dd089 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Berkay=20Eren=20=C3=9Cr=C3=BCn?= Date: Wed, 5 Mar 2025 12:33:47 +0100 Subject: [PATCH] Delete the check that prevents reentry The early return in case of zero open internal entities and matching end/nextPtr pointers cause the parser to miss XML_ERROR_NO_ELEMENTS error. The reason is that the internalEntityProcessor does not set the m_reenter flag in such a case, which results in skipping the prologProcessor or contentProcessor depending on wheter is_param is set or not. However, this last skipped call to mentioned processors can detect the non-existence of elements when some are expected. --- expat/lib/xmlparse.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c index d5161e93..de459192 100644 --- a/expat/lib/xmlparse.c +++ b/expat/lib/xmlparse.c @@ -6034,6 +6034,8 @@ static enum XML_Error PTRCALL internalEntityProcessor(XML_Parser parser, const char *s, const char *end, const char **nextPtr) { UNUSED_P(s); + UNUSED_P(end); + UNUSED_P(nextPtr); ENTITY *entity; const char *textStart, *textEnd; const char *next; @@ -6101,14 +6103,6 @@ internalEntityProcessor(XML_Parser parser, const char *s, const char *end, if (parser->m_openInternalEntities == NULL) { parser->m_processor = entity->is_param ? prologProcessor : contentProcessor; - // internalEntityProcessor is called from callProcessor's while(1) loop, - // therefore "end" denotes callProcessor's "end", which denotes the end - // of the current buffer being parsed. Consequently, if we do not have - // any open entities left and have reached to the end, we must not - // trigger a reentry. - if (end == *nextPtr) { - return XML_ERROR_NONE; - } } triggerReenter(parser); return XML_ERROR_NONE;