Merge pull request #3736 from annando/more-tolerant-xml

Diaspora: XML parsing is more tolerant now
This commit is contained in:
Tobias Diekershoff 2017-09-26 06:09:52 +02:00 committed by GitHub
commit 4d4072cf2b
2 changed files with 10 additions and 15 deletions

View file

@ -118,7 +118,7 @@ class Diaspora {
*/ */
private static function verify_magic_envelope($envelope) { private static function verify_magic_envelope($envelope) {
$basedom = parse_xml_string($envelope, false); $basedom = parse_xml_string($envelope);
if (!is_object($basedom)) { if (!is_object($basedom)) {
logger("Envelope is no XML file"); logger("Envelope is no XML file");
@ -309,7 +309,7 @@ class Diaspora {
$decrypted = self::aes_decrypt($outer_key, $outer_iv, $ciphertext); $decrypted = self::aes_decrypt($outer_key, $outer_iv, $ciphertext);
logger('decrypted: '.$decrypted, LOGGER_DEBUG); logger('decrypted: '.$decrypted, LOGGER_DEBUG);
$idom = parse_xml_string($decrypted,false); $idom = parse_xml_string($decrypted);
$inner_iv = base64_decode($idom->iv); $inner_iv = base64_decode($idom->iv);
$inner_aes_key = base64_decode($idom->aes_key); $inner_aes_key = base64_decode($idom->aes_key);
@ -556,7 +556,7 @@ class Diaspora {
*/ */
private static function valid_posting($msg) { private static function valid_posting($msg) {
$data = parse_xml_string($msg["message"], false); $data = parse_xml_string($msg["message"]);
if (!is_object($data)) { if (!is_object($data)) {
logger("No valid XML ".$msg["message"], LOGGER_DEBUG); logger("No valid XML ".$msg["message"], LOGGER_DEBUG);
@ -1153,7 +1153,7 @@ class Diaspora {
return false; return false;
} }
$source_xml = parse_xml_string($x, false); $source_xml = parse_xml_string($x);
if (!is_object($source_xml)) if (!is_object($source_xml))
return false; return false;

View file

@ -620,20 +620,15 @@ function avatar_img($email) {
} }
function parse_xml_string($s,$strict = true) { function parse_xml_string($s, $strict = true) {
// the "strict" parameter is deactivated
/// @todo Move this function to the xml class /// @todo Move this function to the xml class
if ($strict) {
if (! strstr($s,'<?xml'))
return false;
$s2 = substr($s,strpos($s,'<?xml'));
}
else
$s2 = $s;
libxml_use_internal_errors(true); libxml_use_internal_errors(true);
$x = @simplexml_load_string($s2); $x = @simplexml_load_string($s);
if (! $x) { if (!$x) {
logger('libxml: parse: error: ' . $s2, LOGGER_DATA); logger('libxml: parse: error: ' . $s, LOGGER_DATA);
foreach (libxml_get_errors() as $err) { foreach (libxml_get_errors() as $err) {
logger('libxml: parse: ' . $err->code." at ".$err->line.":".$err->column." : ".$err->message, LOGGER_DATA); logger('libxml: parse: ' . $err->code." at ".$err->line.":".$err->column." : ".$err->message, LOGGER_DATA);
} }