10000 Fix namespace handling of WSDL and XML schema in SOAP · php/php-src@6399012 · GitHub
[go: up one dir, main page]
Skip to content

Commit 6399012

Browse files
nielsdosnielsdos
committed
Fix namespace handling of WSDL and XML schema in SOAP
`attr_is_equal_ex` makes no sense: attributes never inherit the namespace of their element. Yet this is wrongly used as a combo for checking both the node namespace and attribute namespace. Furthermore, not all nodes have the proper namespace check. Fix all of this by reworking the helpers and auditing the calls to the namespace helpers. Closes GH-16320. Closes bug #68576. Closes GH-18697.
1 parent 2b22ea9 commit 6399012

File tree

13 files changed

+256
-177
lines changed

13 files changed

+256
-177
lines changed

NEWS

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -184,6 +184,8 @@ PHP NEWS
184184
- SOAP:
185185
. Fixed bug #49169 (SoapServer calls wrong function, although "SOAP action"
186186
header is correct). (nielsdos)
187+
. Fix namespace handling of WSDL and XML schema in SOAP,
188+
fixing at least GH-16320 and bug #68576. (nielsdos)
187189

188190
- Sockets:
189191
. Added IPPROTO_ICMP/IPPROTO_ICMPV6 to create raw socket for ICMP usage.

ext/soap/php_encoding.c

Lines changed: 33 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -104,7 +104,7 @@ static void set_ns_and_type(xmlNodePtr node, encodeTypePtr type);
104104
return zval; \
105105
} \
106106
if (xml->properties) { \
107-
null = get_attribute(xml->properties, "nil"); \
107+
null = get_attribute_ex(xml->properties, "nil", XSI_NAMESPACE); \
108108
if (null) { \
109109
ZVAL_NULL(zval); \
110110
return zval; \
@@ -287,13 +287,7 @@ static bool soap_check_zval_ref(zval *data, xmlNodePtr node) {
287287
return 0;
288288
}
289289
if (SOAP_GLOBAL(soap_version) == SOAP_1_1) {
290-
while (1) {
291-
attr = get_attribute(attr, "id");
292-
if (attr == NULL || attr->ns == NULL) {
293-
break;
294-
}
295-
attr = attr->next;
296-
}
290+
attr = get_attribute(attr, "id");
297291
if (attr) {
298292
id = (char*)attr->children->content;
299293
smart_str_appendc(&prefix, '#');
@@ -1530,7 +1524,7 @@ static zval *to_zval_object_ex(zval *ret, encodeTypePtr type, xmlNodePtr data, z
15301524

15311525
ZEND_HASH_FOREACH_PTR(sdlType->attributes, attr) {
15321526
if (attr->name) {
1533-
xmlAttrPtr val = get_attribute(data->properties, attr->name);
1527+
xmlAttrPtr val = get_attribute_any_ns(data->properties, attr->name);
15341528
char *str_val = NULL;
15351529

15361530
if (val && val->children && val->children->content) {
@@ -2485,6 +2479,26 @@ static xmlNodePtr to_xml_array(encodeTypePtr type, zval *data, int style, xmlNod
24852479
return xmlParam;
24862480
}
24872481

2482+
static xmlAttrPtr get_soap_1_1_enc_attribute(xmlAttrPtr props, const char *name)
2483+
{
2484+
return get_attribute_ex(props, name, SOAP_1_1_ENC_NAMESPACE);
2485+
}
2486+
2487+
static xmlAttrPtr get_soap_1_2_enc_attribute(xmlAttrPtr props, const char *name)
2488+
{
2489+
return get_attribute_ex(props, name, SOAP_1_2_ENC_NAMESPACE);
2490+
}
2491+
2492+
/* Be forgiving for BC */
2493+
static xmlAttrPtr get_soap_enc_attribute(xmlAttrPtr props, const char *name)
2494+
{
2495+
xmlAttrPtr res = get_soap_1_1_enc_attribute(props, name);
2496+
if (!res) {
2497+
res = get_soap_1_2_enc_attribute(props, name);
2498+
}
2499+
return res;
2500+
}
2501+
24882502
static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
24892503
{
24902504
xmlNodePtr trav;
@@ -2501,7 +2515,7 @@ static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
25012515
FIND_XML_NULL(data, ret);
25022516

25032517
if (data &&
2504-
(attr = get_attribute(data->properties,"arrayType")) &&
2518+
(attr = get_soap_enc_attribute(data->properties,"arrayType")) &&
25052519
attr->children && attr->children->content) {
25062520
const char *type;
25072521
char *end, *ns;
@@ -2521,7 +2535,7 @@ static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
25212535
}
25222536
if (ns) {efree(ns);}
25232537

2524-
} else if ((attr = get_attribute(data->properties,"itemType")) &&
2538+
} else if ((attr = get_soap_enc_attribute(data->properties,"itemType")) &&
25252539
attr->children &&
25262540
attr->children->content) {
25272541
const char *type;
@@ -2535,7 +2549,7 @@ static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
25352549
}
25362550
if (ns) {efree(ns);}
25372551

2538-
if ((attr = get_attribute(data->properties,"arraySize")) &&
2552+
if ((attr = get_soap_enc_attribute(data->properties,"arraySize")) &&
25392553
attr->children && attr->children->content) {
25402554
dimension = calc_dimension_12((char*)attr->children->content);
25412555
dims = get_position_12(dimension, (char*)attr->children->content);
@@ -2544,7 +2558,7 @@ static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
25442558
*dims = 0;
25452559
}
25462560

2547-
} else if ((attr = get_attribute(data->properties,"arraySize")) &&
2561+
} else if ((attr = get_soap_enc_attribute(data->properties,"arraySize")) &&
25482562
attr->children && attr->children->content) {
25492563

25502564
dimension = calc_dimension_12((char*)attr->children->content);
@@ -2623,7 +2637,7 @@ static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
26232637
pos = safe_emalloc(sizeof(int), dimension, 0);
26242638
memset(pos,0,sizeof(int)*dimension);
26252639
if (data &&
2626-
(attr = get_attribute(data->properties,"offset")) &&
2640+
(attr = get_soap_enc_attribute(data->properties,"offset")) &&
26272641
attr->children && attr->children->content) {
26282642
char* tmp = strrchr((char*)attr->children->content,'[');
26292643

@@ -2639,7 +2653,7 @@ static zval *to_zval_array(zval *ret, encodeTypePtr type, xmlNodePtr data)
26392653
if (trav->type == XML_ELEMENT_NODE) {
26402654
int i;
26412655
zval tmpVal, *ar;
2642-
xmlAttrPtr position = get_attribute(trav->properties,"position");
2656+
xmlAttrPtr position = get_soap_enc_attribute(trav->properties,"position");
26432657

26442658
ZVAL_NULL(&tmpVal);
26452659
master_to_zval(&tmpVal, enc, trav);
@@ -2854,9 +2868,9 @@ static zval *guess_zval_convert(zval *ret, encodeTypePtr type, xmlNodePtr data)
28542868
/* Logic: has children = IS_OBJECT else IS_STRING */
28552869
xmlNodePtr trav;
28562870

2857-
if (get_attribute(data->properties, "arrayType") ||
2858-
get_attribute(data->properties, "itemType") ||
2859-
get_attribute(data->properties, "arraySize")) {
2871+
if (get_soap_enc_attribute(data->properties, "arrayType") ||
2872+
get_soap_enc_attribute(data->properties, "itemType") ||
2873+
get_soap_enc_attribute(data->properties, "arraySize")) {
28602874
enc = get_conversion(SOAP_ENC_ARRAY);
28612875
} else {
28622876
enc = get_conversion(XSD_STRING);
@@ -3340,14 +3354,7 @@ xmlNodePtr sdl_guess_convert_xml(encodeTypePtr enc, zval *data, int style, xmlNo
33403354
static xmlNodePtr check_and_resolve_href(xmlNodePtr data)
33413355
{
33423356
if (data && data->properties) {
3343-
xmlAttrPtr href;
3344-
3345-
href = data->properties;
3346-
while (1) {
3347-
href = get_attribute(href, "href");
3348-
if (href == NULL || href->ns == NULL) {break;}
3349-
href = href->next;
3350-
}
3357+
xmlAttrPtr href = get_attribute(data->properties, "href");
33513358
if (href) {
33523359
/* Internal href try and find node */
33533360
if (href->children->content[0] == '#') {

ext/soap/php_encoding.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@
3535
#define SOAP_1_2_ENC_NAMESPACE "http://www.w3.org/2003/05/soap-encoding"
3636
#define SOAP_1_2_ENC_NS_PREFIX "enc"
3737

38-
#define SCHEMA_NAMESPACE "http://www.w3.org/2001/XMLSchema"
38+
#define XSD_DRAFT_2000_NAMESPACE "http://www.w3.org/2000/10/XMLSchema"
3939
#define XSD_NAMESPACE "http://www.w3.org/2001/XMLSchema"
4040
#define XSD_NS_PREFIX "xsd"
4141
#define XSI_NAMESPACE "http://www.w3.org/2001/XMLSchema-instance"

0 commit comments

Comments
 (0)
0