diff options
| author | Peter Eisentraut <peter_e@gmx.net> | 2007-11-09 15:52:51 +0000 |
|---|---|---|
| committer | Peter Eisentraut <peter_e@gmx.net> | 2007-11-09 15:52:51 +0000 |
| commit | 8db43db01efb6c6dd13c1e1101af269a2f3e32f5 (patch) | |
| tree | d9885ee9da99682cf8d23abdf37feefa5b33d2ff /src/backend/utils/adt/xml.c | |
| parent | 3991c3fb2beb7164fc3a1461928e06d52e680dfd (diff) | |
| download | postgresql-8db43db01efb6c6dd13c1e1101af269a2f3e32f5.tar.gz postgresql-8db43db01efb6c6dd13c1e1101af269a2f3e32f5.zip | |
Allow XML processing instructions starting with "xml" while prohibiting
those being exactly "xml". Bug #3735 from Ben Leslie
Diffstat (limited to 'src/backend/utils/adt/xml.c')
| -rw-r--r-- | src/backend/utils/adt/xml.c | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c index a1a619dd7a2..1747d9e4bde 100644 --- a/src/backend/utils/adt/xml.c +++ b/src/backend/utils/adt/xml.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1996-2007, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/backend/utils/adt/xml.c,v 1.53 2007/11/08 15:16:45 petere Exp $ + * $PostgreSQL: pgsql/src/backend/utils/adt/xml.c,v 1.54 2007/11/09 15:52:51 petere Exp $ * *------------------------------------------------------------------------- */ @@ -676,11 +676,11 @@ xmlpi(char *target, text *arg, bool arg_is_null, bool *result_is_null) xmltype *result; StringInfoData buf; - if (pg_strncasecmp(target, "xml", 3) == 0) + if (pg_strcasecmp(target, "xml") == 0) ereport(ERROR, (errcode(ERRCODE_SYNTAX_ERROR), /* really */ errmsg("invalid XML processing instruction"), - errdetail("XML processing instruction target name cannot start with \"xml\"."))); + errdetail("XML processing instruction target name cannot be \"%s\".", target))); /* * Following the SQL standard, the null check comes after the @@ -997,6 +997,14 @@ xml_init(void) #define SKIP_XML_SPACE(p) \ while (xmlIsBlank_ch(*(p))) (p)++ +/* Letter | Digit | '.' | '-' | '_' | ':' | CombiningChar | Extender */ +#define pg_xmlIsNameChar(c) \ + (xmlIsBaseChar_ch(c) || xmlIsIdeographicQ(c) \ + || xmlIsDigit_ch(c) \ + || c == '.' || c == '-' || c == '_' || c == ':' \ + || xmlIsCombiningQ(c) \ + || xmlIsExtender_ch(c)) + static int parse_xml_decl(const xmlChar *str,size_t *lenp, xmlChar **version, xmlChar **encoding, int *standalone) @@ -1004,6 +1012,7 @@ parse_xml_decl(const xmlChar *str,size_t *lenp, const xmlChar *p; const xmlChar *save_p; size_t len; + int utf8len; xml_init(); @@ -1019,6 +1028,10 @@ parse_xml_decl(const xmlChar *str,size_t *lenp, if (xmlStrncmp(p, (xmlChar *)"<?xml", 5) != 0) goto finished; + /* This means it's a PI like <?xml-stylesheet ...?>. */ + if (pg_xmlIsNameChar(xmlGetUTF8Char(&p[5], &utf8len))) + goto finished; + p += 5; /* version */ |