Close the stream for disallowed XML features

According to RFC 6120 if any disallowed XML feature is encountered, we should close the stream with a <restricted-xml/>. The following features of XML are prohibited in XMPP: - processing instructions - internal or external DTD subsets - internal or external entity references - comments Test-information: Unit tests pass on Windows 10 and Ubuntu 18.04.1 LTS Change-Id: I475920c91b7f9da51ab37c106a4783a52f6e3cae
author: Joanna Hulboj <joanna.hulboj@isode.com> 2019-09-12 08:54:19 (GMT)
committer: Joanna Hulboj <joanna.hulboj@isode.com> 2019-09-16 08:17:07 (GMT)
commit: 181ac4a83ba4a82be683fb0a6f08393d3c91320c (patch)
tree: 76e41aac0cda8be5582137d34cb0c9f5683c9dc2 /Swiften/Parser/ExpatParser.cpp
parent: 415870c04a7e6cabf13e6acf3a94bb0f68732907 (diff)
download: swift-181ac4a83ba4a82be683fb0a6f08393d3c91320c.zip
swift-181ac4a83ba4a82be683fb0a6f08393d3c91320c.tar.bz2
1 files changed, 17 insertions, 1 deletions
diff --git a/Swiften/Parser/ExpatParser.cpp b/Swiften/Parser/ExpatParser.cpp
index a50949b..640d561 100644
--- a/Swiften/Parser/ExpatParser.cpp
+++ b/Swiften/Parser/ExpatParser.cpp
@@ -72,8 +72,21 @@ static void handleEntityDeclaration(void* parser, const XML_Char*, int, const XM
     static_cast<ExpatParser*>(parser)->stopParser();
 }
 
+static void handleComment(void* parser, const XML_Char* /*data*/) {
+    if (!static_cast<ExpatParser*>(parser)->allowsComments()) {
+        static_cast<ExpatParser*>(parser)->stopParser();
+    }
+}
+
+static void handleProcessingInstruction(void* parser, const XML_Char* /*target*/, const XML_Char* /*data*/) {
+    static_cast<ExpatParser*>(parser)->stopParser();
+}
+
+static void handleDoctypeDeclaration(void* parser, const XML_Char* /*doctypeName*/, const XML_Char* /*sysid*/, const XML_Char* /*pubid*/, int /*has_internal_subset*/) {
+    static_cast<ExpatParser*>(parser)->stopParser();
+}
 
-ExpatParser::ExpatParser(XMLParserClient* client) : XMLParser(client), p(new Private()) {
+ExpatParser::ExpatParser(XMLParserClient* client, bool allowComments) : XMLParser(client, allowComments), p(new Private()) {
     p->parser_ = XML_ParserCreateNS("UTF-8", NAMESPACE_SEPARATOR);
     XML_SetUserData(p->parser_, this);
     XML_SetElementHandler(p->parser_, handleStartElement, handleEndElement);
@@ -81,6 +94,9 @@ ExpatParser::ExpatParser(XMLParserClient* client) : XMLParser(client), p(new Pri
     XML_SetXmlDeclHandler(p->parser_, handleXMLDeclaration);
     XML_SetEntityDeclHandler(p->parser_, handleEntityDeclaration);
     XML_SetNamespaceDeclHandler(p->parser_, handleNamespaceDeclaration, nullptr);
+    XML_SetCommentHandler(p->parser_, handleComment);
+    XML_SetProcessingInstructionHandler(p->parser_, handleProcessingInstruction);
+    XML_SetDoctypeDeclHandler(p->parser_, handleDoctypeDeclaration, nullptr);
 }
 
 ExpatParser::~ExpatParser() {
author	Joanna Hulboj <joanna.hulboj@isode.com>	2019-09-12 08:54:19 (GMT)
committer	Joanna Hulboj <joanna.hulboj@isode.com>	2019-09-16 08:17:07 (GMT)
commit	181ac4a83ba4a82be683fb0a6f08393d3c91320c (patch)
tree	76e41aac0cda8be5582137d34cb0c9f5683c9dc2 /Swiften/Parser/ExpatParser.cpp
parent	415870c04a7e6cabf13e6acf3a94bb0f68732907 (diff)
download	swift-181ac4a83ba4a82be683fb0a6f08393d3c91320c.zip swift-181ac4a83ba4a82be683fb0a6f08393d3c91320c.tar.bz2