Skip to content

W
wine-cw
Commit 2dc6711f authored by Nikolay Sivov's avatar Nikolay Sivov Committed by Alexandre Julliard
Browse files
Options

msxml3: Protect content callbacks from being called on reset content handler pointer.

parent 593bd1a5
Hide whitespace changes
Inline Side-by-side
Showing with 46 additions and 50 deletions
dlls/msxml3/saxreader.c
View file @ 2dc6711f
...@@ -313,7 +313,7 @@ static BOOL is_namespaces_enabled(const saxreader *reader) ...@@ -313,7 +313,7 @@ static BOOL is_namespaces_enabled(const saxreader *reader)
return (reader->version < MSXML4) || (reader->features & Namespaces); return (reader->version < MSXML4) || (reader->features & Namespaces);
} }
static inline BOOL has_content_handler(const saxlocator *locator) static inline int has_content_handler(const saxlocator *locator)
{ {
return (locator->vbInterface && locator->saxreader->vbcontentHandler) || return (locator->vbInterface && locator->saxreader->vbcontentHandler) ||
(!locator->vbInterface && locator->saxreader->contentHandler); (!locator->vbInterface && locator->saxreader->contentHandler);
...@@ -1288,6 +1288,7 @@ static void libxmlStartElementNS( ...@@ -1288,6 +1288,7 @@ static void libxmlStartElementNS(
saxlocator *This = ctx; saxlocator *This = ctx;
element_entry *element; element_entry *element;
HRESULT hr = S_OK; HRESULT hr = S_OK;
BSTR uri;
update_position(This, TRUE); update_position(This, TRUE);
if(*(This->pParserCtxt->input->cur) == '/') if(*(This->pParserCtxt->input->cur) == '/')
...@@ -1298,63 +1299,57 @@ static void libxmlStartElementNS( ...@@ -1298,63 +1299,57 @@ static void libxmlStartElementNS(
element = alloc_element_entry(localname, prefix, nb_namespaces, namespaces); element = alloc_element_entry(localname, prefix, nb_namespaces, namespaces);
push_element_ns(This, element); push_element_ns(This, element);
if (has_content_handler(This)) if (is_namespaces_enabled(This->saxreader))
{ {
BSTR uri; int i;
if (is_namespaces_enabled(This->saxreader)) for (i = 0; i < nb_namespaces && has_content_handler(This); i++)
{ {
int i; if (This->vbInterface)
hr = IVBSAXContentHandler_startPrefixMapping(
This->saxreader->vbcontentHandler,
&element->ns[i].prefix,
&element->ns[i].uri);
else
hr = ISAXContentHandler_startPrefixMapping(
This->saxreader->contentHandler,
element->ns[i].prefix,
SysStringLen(element->ns[i].prefix),
element->ns[i].uri,
SysStringLen(element->ns[i].uri));
for (i = 0; i < nb_namespaces; i++) if (sax_callback_failed(This, hr))
{ {
if (This->vbInterface) format_error_message_from_id(This, hr);
hr = IVBSAXContentHandler_startPrefixMapping( return;
This->saxreader->vbcontentHandler,
&element->ns[i].prefix,
&element->ns[i].uri);
else
hr = ISAXContentHandler_startPrefixMapping(
This->saxreader->contentHandler,
element->ns[i].prefix,
SysStringLen(element->ns[i].prefix),
element->ns[i].uri,
SysStringLen(element->ns[i].uri));
if (sax_callback_failed(This, hr))
{
format_error_message_from_id(This, hr);
return;
}
} }
} }
}
uri = find_element_uri(This, URI); uri = find_element_uri(This, URI);
hr = SAXAttributes_populate(This, nb_namespaces, namespaces, nb_attributes, attributes);
if (hr == S_OK && has_content_handler(This))
{
BSTR local;
hr = SAXAttributes_populate(This, nb_namespaces, namespaces, nb_attributes, attributes); if (is_namespaces_enabled(This->saxreader))
if (hr == S_OK) local = element->local;
{ else
BSTR local; uri = local = NULL;
if (is_namespaces_enabled(This->saxreader)) if (This->vbInterface)
local = element->local; hr = IVBSAXContentHandler_startElement(This->saxreader->vbcontentHandler,
else &uri, &local, &element->qname, &This->IVBSAXAttributes_iface);
uri = local = NULL; else
hr = ISAXContentHandler_startElement(This->saxreader->contentHandler,
uri, SysStringLen(uri),
local, SysStringLen(local),
element->qname, SysStringLen(element->qname),
&This->ISAXAttributes_iface);
if (This->vbInterface) if (sax_callback_failed(This, hr))
hr = IVBSAXContentHandler_startElement(This->saxreader->vbcontentHandler, format_error_message_from_id(This, hr);
&uri, &local, &element->qname, &This->IVBSAXAttributes_iface);
else
hr = ISAXContentHandler_startElement(This->saxreader->contentHandler,
uri, SysStringLen(uri),
local, SysStringLen(local),
element->qname, SysStringLen(element->qname),
&This->ISAXAttributes_iface);
}
} }
if (sax_callback_failed(This, hr))
format_error_message_from_id(This, hr);
} }
static void libxmlEndElementNS( static void libxmlEndElementNS(
...@@ -1435,7 +1430,7 @@ static void libxmlEndElementNS( ...@@ -1435,7 +1430,7 @@ static void libxmlEndElementNS(
if (is_namespaces_enabled(This->saxreader)) if (is_namespaces_enabled(This->saxreader))
{ {
int i = -1; int i = -1;
while (iterate_endprefix_index(This, element, &i)) while (iterate_endprefix_index(This, element, &i) && has_content_handler(This))
{ {
if (This->vbInterface) if (This->vbInterface)
hr = IVBSAXContentHandler_endPrefixMapping( hr = IVBSAXContentHandler_endPrefixMapping(
...@@ -1447,10 +1442,10 @@ static void libxmlEndElementNS( ...@@ -1447,10 +1442,10 @@ static void libxmlEndElementNS(
if (sax_callback_failed(This, hr)) break; if (sax_callback_failed(This, hr)) break;
} }
}
if (sax_callback_failed(This, hr)) if (sax_callback_failed(This, hr))
format_error_message_from_id(This, hr); format_error_message_from_id(This, hr);
}
free_element_entry(element); free_element_entry(element);
} }
...@@ -1587,6 +1582,7 @@ static void libxmlComment(void *ctx, const xmlChar *value) ...@@ -1587,6 +1582,7 @@ static void libxmlComment(void *ctx, const xmlChar *value)
This->line--; This->line--;
p--; p--;
} }
This->column = 0; This->column = 0;
for(; p>=This->pParserCtxt->input->base && *p!='\n' && *p!='\r'; p--) for(; p>=This->pParserCtxt->input->base && *p!='\n' && *p!='\r'; p--)
This->column++; This->column++;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment