Implement DOMDocument::adoptNode()

For the past 20 years this threw a "not yet implemented" exception. But
the function was actually there (albeit not documented) and could be called...

Implement DOMDocument::adoptNode()

For the past 20 years this threw a "not yet implemented" exception. But
the function was actually there (albeit not documented) and could be called...

Closes GH-11333.

show more ...

Remove redundant assignment on nodep->ns

It's already set by xmlSetNs().

Use uint32_t for the number of nodes (#11371)

Implement iteration cache, item cache and length cache for node list iteration (#11330)

* Implement iteration cache, item cache and length cache for node list iteration

The current

Implement iteration cache, item cache and length cache for node list iteration (#11330)

* Implement iteration cache, item cache and length cache for node list iteration

The current implementation follows the spec requirement that the list
must be "live". This means that changes in the document must be
reflected in the existing node lists without requiring the user to
refetch the node list.
The consequence is that getting any item, or the length of the list,
always starts searching from the root element of the node list. This
results in O(n) time to get any item or the length. If there's a for
loop over the node list, this means the iterations will take O(n²) time
in total. This causes real-world performance issues with potential for
downtime (see GH-11308 and its references for details).

We fix this by introducing a caching strategy. We cache the last
iterated object in the iterator, the last requested item in the node
list, and the last length computation. To invalidate the cache, we
simply count the number of modifications made to the containing
document. If the modification number does not match what the number was
during caching, we know the document has been modified and the cache is
invalid. If this ever overflows, we saturate the modification number and
don't do any caching anymore. Note that we don't check for overflow on
64-bit systems because it would take hundreds of years to overflow.

Fixes GH-11308.

show more ...

Implement dom_get_doc_props_read_only()

I was surprised to see that getting the stricterror property showed in
in the Callgrind profile of some tests. Turns out we sometimes allocate

Implement dom_get_doc_props_read_only()

I was surprised to see that getting the stricterror property showed in
in the Callgrind profile of some tests. Turns out we sometimes allocate
them. Fix this by returning the default in case no changes were made yet.

Closes GH-11345.

show more ...

Fix GH-12702: libxml2 2.12.0 issue building from src

Fixes GH-12702.

Co-authored-by: nono303 <github@nono303.net>

Fix null pointer dereferences in case of allocation failure

Closes GH-12506.

Fix registerNodeClass with abstract class crashing

This always results in a segfault when trying to instantiate, so this never
worked. At least throw an error instead of segfaulting to p

Fix registerNodeClass with abstract class crashing

This always results in a segfault when trying to instantiate, so this never
worked. At least throw an error instead of segfaulting to prevent developers
from being confused.

Closes GH-12420.

show more ...

Fix memory leak when setting an invalid DOMDocument encoding

Because the failure path did not release the string, there was a memory
leak.
As the only valid types for this function a

Fix memory leak when setting an invalid DOMDocument encoding

Because the failure path did not release the string, there was a memory
leak.
As the only valid types for this function are IS_NULL and IS_STRING, we
and IS_NULL is always rejected in practice, solve the issue by not using
a function that increments the refcount in the first place.

Closes GH-12002.

show more ...

Fix manually calling __construct() on DOM classes

Closes GH-11894.

Sanitize libxml2 globals before parsing

Fixes GHSA-3qrf-m4j2-pcrr.

To parse a document with libxml2, you first need to create a parsing context.
The parsing context contains par

Sanitize libxml2 globals before parsing

Fixes GHSA-3qrf-m4j2-pcrr.

To parse a document with libxml2, you first need to create a parsing context.
The parsing context contains parsing options (e.g. XML_NOENT to substitute
entities) that the application (in this case PHP) can set.
Unfortunately, libxml2 also supports providing default set options.
For example, if you call xmlSubstituteEntitiesDefault(1) then the XML_NOENT
option will be added to the parsing options every time you create a parsing
context **even if the application never requested XML_NOENT**.

Third party extensions can override these globals, in particular the
substitute entity global. This causes entity substitution to be
unexpectedly active.

Fix it by setting the parsing options to a sane known value.
For API calls that depend on global state we introduce
PHP_LIBXML_SANITIZE_GLOBALS() and PHP_LIBXML_RESTORE_GLOBALS().
For other APIs that work directly with a context we introduce
php_libxml_sanitize_parse_ctxt_options().

show more ...

Fix GH-11791: Wrong default value of DOMDocument::xmlStandalone

At one point this was changed from a bool to an int in libxml2, with
negative values meaning it is unspecified. Because it

Fix GH-11791: Wrong default value of DOMDocument::xmlStandalone

At one point this was changed from a bool to an int in libxml2, with
negative values meaning it is unspecified. Because it is cast to a bool
this therefore returned true instead of the expected false.

Closes GH-11793.

show more ...

Fix empty argument cases for DOMParentNode methods

Closes GH-11768.

Revert "Fix GH-11404: DOMDocument::savexml and friends ommit xmlns="" declaration for null namespace, creating incorrect xml representation of the DOM"

This reverts commit 7eb3e9cd173fbdd39e

Revert "Fix GH-11404: DOMDocument::savexml and friends ommit xmlns="" declaration for null namespace, creating incorrect xml representation of the DOM"

This reverts commit 7eb3e9cd173fbdd39eefa791aab610858e76399d.

Although the fix follows the spec, it causes issues because a lot of old
code assumes the incorrect behaviour PHP had since a long time.
We cannot do this yet, especially not in a stable release.
We revert this for the time being.
See GH-11428.

show more ...

Fix GH-11404: DOMDocument::savexml and friends ommit xmlns="" declaration for null namespace, creating incorrect xml representation of the DOM

The NULL namespace is only correct when there i

Fix GH-11404: DOMDocument::savexml and friends ommit xmlns="" declaration for null namespace, creating incorrect xml representation of the DOM

The NULL namespace is only correct when there is no default namespace
override. When there is, we need to manually set it to the empty string
namespace.

Closes GH-11428.

show more ...

Fix bug #77686: Removed elements are still returned by getElementById

From the moment an ID is created, libxml2's behaviour is to cache that element,
even if that element is not yet atta

Fix bug #77686: Removed elements are still returned by getElementById

From the moment an ID is created, libxml2's behaviour is to cache that element,
even if that element is not yet attached to the document. Similarly, only upon
destruction of the element the ID is actually removed by libxml2.
Since libxml2 has such behaviour deeply ingrained in the library, and uses the
cache for various purposes, it seems like a bad idea and lost cause to fight it.
Instead, we'll simply walk the tree upwards to check if the node is attached to
the document.

Closes GH-11369.

show more ...

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is
limited to the maximum path length, there will always be place to ap

Fix array overrun when appending slash to paths

Fix it by extending the array sizes by one character. As the input is
limited to the maximum path length, there will always be place to append
the slash. As the php_check_specific_open_basedir() simply uses the
strings to compare against each other, no new failures related to too
long paths are introduced.
We'll let the DOM and XML case handle a potentially too long path in the
library code.

show more ...

Throw DomException for DOM out-of-memory error conditions

A number of error conditions in DOM can only occur if libxml2 runs
out of memory, at least as far as I can see. In such cases we

Throw DomException for DOM out-of-memory error conditions

A number of error conditions in DOM can only occur if libxml2 runs
out of memory, at least as far as I can see. In such cases we
currently do a silent "return false", which violates the DOM spec,
and which code is very unlikely to handle sensibly.

Switch these to throw a DomException with INVALID_STATE_ERR type.
This error type is chosen because we use for similar checks
elsewhere, for example:
https://github.com/php/php-src/blob/a733b1ada7895f6fa5e349755a878cae9189e3f5/ext/dom/documentfragment.c#L45-L48

This changes some of the more obvious cases I spotted, but there are probably more.

Closes GH-7049.

show more ...

Fixed some spaces used instead of tabs

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as

Update http->https in license (#6945)

1. Update: http://www.php.net/license/3_01.txt to https, as there is anyway server header "Location:" to https.
2. Update few license 3.0 to 3.01 as 3.0 states "php 5.1.1, 4.1.1, and earlier".
3. In some license comments is "at through the world-wide-web" while most is without "at", so deleted.
4. fixed indentation in some files before |

show more ...

Promote DOM invalid state errors during property access

Closes GH-6780

Make getElementsByTagNameNS $namespace nullable

According to the DOM specification, this argument is supposed to
be nullable.

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool

Replace zend_bool uses with bool

We're starting to see a mix between uses of zend_bool and bool.
Replace all usages with the standard bool type everywhere.

Of course, zend_bool is retained as an alias.

show more ...

Fix #80268: loadHTML() truncates at NUL bytes

libxml2 has no particular issues parsing HTML strings with NUL bytes;
these just cause truncation of the current text content, but parsing

Fix #80268: loadHTML() truncates at NUL bytes

libxml2 has no particular issues parsing HTML strings with NUL bytes;
these just cause truncation of the current text content, but parsing
continues generally. Since `::loadHTMLFile()` already supports NUL
bytes, `::loadHTML()` should as well.

Note that this is different from XML, which does not allow any NUL
bytes.

Closes GH-6368.

show more ...

Make handling of NULL bytes in file paths more consistent (WIP)

Not all extensions consistently throw exceptions when the user passes
a path name containing null bytes. Also, some extens

Make handling of NULL bytes in file paths more consistent (WIP)

Not all extensions consistently throw exceptions when the user passes
a path name containing null bytes. Also, some extensions would throw
a ValueError while others would throw a TypeError. Error messages
also varied.

Now a ValueError is thrown after all failed path checks, at least for
as far as these occur in functions that are exposed to userland.

Closes GH-6216.

show more ...