Index: subversion/libsvn_ra_serf/util.c =================================================================== --- subversion/libsvn_ra_serf/util.c (revision 1768982) +++ subversion/libsvn_ra_serf/util.c (working copy) @@ -2694,7 +2694,31 @@ #endif } +#ifdef EXPAT_HAS_STOPPARSER +static void +expat_entity_declaration(void *userData, + const XML_Char *entityName, + int is_parameter_entity, + const XML_Char *value, + int value_length, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId, + const XML_Char *notationName) +{ + struct expat_ctx_t *ectx = userData; + /* Stop the parser if an entity declaration is hit. */ + XML_StopParser(ectx->parser, 0 /* resumable */); +} +#else +/* A noop default_handler. */ +static void +expat_default_handler(void *userData, const XML_Char *s, int len) +{ +} +#endif + /* Implements svn_ra_serf__response_handler_t */ static svn_error_t * expat_response_handler(serf_request_t *request, @@ -2712,6 +2736,12 @@ XML_SetUserData(ectx->parser, ectx); XML_SetElementHandler(ectx->parser, expat_start, expat_end); XML_SetCharacterDataHandler(ectx->parser, expat_cdata); + +#ifdef EXPAT_HAS_STOPPARSER + XML_SetEntityDeclHandler(ectx->parser, expat_entity_declaration); +#else + XML_SetDefaultHandler(ectx->parser, expat_default_handler); +#endif } /* ### TODO: sline.code < 200 should really be handled by the core */ Index: subversion/libsvn_subr/xml.c =================================================================== --- subversion/libsvn_subr/xml.c (revision 1768982) +++ subversion/libsvn_subr/xml.c (working copy) @@ -259,6 +259,14 @@ } +#ifndef XML_VERSION_AT_LEAST +#define XML_VERSION_AT_LEAST(major,minor,patch) \ +(((major) < XML_MAJOR_VERSION) \ + || ((major) == XML_MAJOR_VERSION && (minor) < XML_MINOR_VERSION) \ + || ((major) == XML_MAJOR_VERSION && (minor) == XML_MINOR_VERSION && \ + (patch) <= XML_MICRO_VERSION)) +#endif /* XML_VERSION_AT_LEAST */ + const char * svn_xml_fuzzy_escape(const char *string, apr_pool_t *pool) { @@ -338,6 +346,28 @@ (*svn_parser->data_handler)(svn_parser->baton, s, (apr_size_t)len); } +#if XML_VERSION_AT_LEAST(1, 95, 8) +static void expat_entity_declaration(void *userData, + const XML_Char *entityName, + int is_parameter_entity, + const XML_Char *value, + int value_length, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId, + const XML_Char *notationName) +{ + svn_xml_parser_t *svn_parser = userData; + + /* Stop the parser if an entity declaration is hit. */ + XML_StopParser(svn_parser->parser, 0 /* resumable */); +} +#else +/* A noop default_handler. */ +static void expat_default_handler(void *userData, const XML_Char *s, int len) +{ +} +#endif /*** Making a parser. ***/ @@ -359,6 +389,12 @@ XML_SetCharacterDataHandler(parser, data_handler ? expat_data_handler : NULL); +#if XML_VERSION_AT_LEAST(1, 95, 8) + XML_SetEntityDeclHandler(parser, expat_entity_declaration); +#else + XML_SetDefaultHandler(parser, expat_default_handler); +#endif + /* ### we probably don't want this pool; or at least we should pass it ### to the callbacks and clear it periodically. */ subpool = svn_pool_create(pool); @@ -440,6 +476,9 @@ /* This will cause the current XML_Parse() call to finish quickly! */ XML_SetElementHandler(svn_parser->parser, NULL, NULL); XML_SetCharacterDataHandler(svn_parser->parser, NULL); +#if XML_VERSION_AT_LEAST(1, 95, 8) + XML_SetEntityDeclHandler(svn_parser->parser, NULL); +#endif /* Once outside of XML_Parse(), the existence of this field will cause svn_delta_parse()'s main read-loop to return error. */ Index: tools/server-side/mod_dontdothat/mod_dontdothat.c =================================================================== --- tools/server-side/mod_dontdothat/mod_dontdothat.c (revision 1768982) +++ tools/server-side/mod_dontdothat/mod_dontdothat.c (working copy) @@ -42,6 +42,14 @@ module AP_MODULE_DECLARE_DATA dontdothat_module; +#ifndef XML_VERSION_AT_LEAST +#define XML_VERSION_AT_LEAST(major,minor,patch) \ +(((major) < XML_MAJOR_VERSION) \ + || ((major) == XML_MAJOR_VERSION && (minor) < XML_MINOR_VERSION) \ + || ((major) == XML_MAJOR_VERSION && (minor) == XML_MINOR_VERSION && \ + (patch) <= XML_MICRO_VERSION)) +#endif /* XML_VERSION_AT_LEAST */ + typedef struct dontdothat_config_rec { const char *config_file; const char *base_path; @@ -551,6 +559,31 @@ } } +#if XML_VERSION_AT_LEAST(1, 95, 8) +static void +expat_entity_declaration(void *userData, + const XML_Char *entityName, + int is_parameter_entity, + const XML_Char *value, + int value_length, + const XML_Char *base, + const XML_Char *systemId, + const XML_Char *publicId, + const XML_Char *notationName) +{ + dontdothat_filter_ctx *ctx = userData; + + /* Stop the parser if an entity declaration is hit. */ + XML_StopParser(ctx->xmlp, 0 /* resumable */); +} +#else +/* A noop default_handler. */ +static void +expat_default_handler(void *userData, const XML_Char *s, int len) +{ +} +#endif + static svn_boolean_t is_valid_wildcard(const char *wc) { @@ -696,6 +729,12 @@ XML_SetElementHandler(ctx->xmlp, start_element, end_element); XML_SetCharacterDataHandler(ctx->xmlp, cdata); +#if XML_VERSION_AT_LEAST(1, 95, 8) + XML_SetEntityDeclHandler(ctx->xmlp, expat_entity_declaration); +#else + XML_SetDefaultHandler(ctx->xmlp, expat_default_handler); +#endif + ap_add_input_filter("DONTDOTHAT_FILTER", ctx, r, r->connection); } }