Commit d054bfaa authored by Dries's avatar Dries
Browse files

- Patch #265973 by Damien Tournoud, mr.baileys, dixon_, clemens.tolboom:...

- Patch #265973 by Damien Tournoud, mr.baileys, dixon_, clemens.tolboom: XML-RPC chokes with long server response.
parent 108011af
......@@ -150,7 +150,7 @@ function xmlrpc_message($message) {
}
/**
* Parse an XML-RPC message.
* Parses an XML-RPC message.
*
* If parsing fails, the faultCode and faultString will be added to the message
* object.
......@@ -161,11 +161,6 @@ function xmlrpc_message($message) {
* TRUE if parsing succeeded; FALSE otherwise
*/
function xmlrpc_message_parse($xmlrpc_message) {
// First remove the XML declaration
$xmlrpc_message->message = preg_replace('/<\?xml(.*)?\?' . '>/', '', $xmlrpc_message->message);
if (trim($xmlrpc_message->message) == '') {
return FALSE;
}
$xmlrpc_message->_parser = xml_parser_create();
// Set XML parser to take the case of tags into account.
xml_parser_set_option($xmlrpc_message->_parser, XML_OPTION_CASE_FOLDING, FALSE);
......@@ -177,9 +172,13 @@ function xmlrpc_message_parse($xmlrpc_message) {
return FALSE;
}
xml_parser_free($xmlrpc_message->_parser);
// Grab the error messages, if any
// Grab the error messages, if any.
$xmlrpc_message = xmlrpc_message_get();
if ($xmlrpc_message->messagetype == 'fault') {
if (!isset($xmlrpc_message->messagetype)) {
return FALSE;
}
elseif ($xmlrpc_message->messagetype == 'fault') {
$xmlrpc_message->fault_code = $xmlrpc_message->params[0]['faultCode'];
$xmlrpc_message->fault_string = $xmlrpc_message->params[0]['faultString'];
}
......
......@@ -41,6 +41,34 @@ class XMLRPCBasicTestCase extends DrupalWebTestCase {
$this->assertEqual($count, count($minimum), 'system.listMethods returned at least the minimum listing');
}
/**
* Ensure that XML-RPC correctly handles invalid messages when parsing.
*/
protected function testInvalidMessageParsing() {
$invalid_messages = array(
array(
'message' => xmlrpc_message(''),
'assertion' => t('Empty message correctly rejected during parsing.'),
),
array(
'message' => xmlrpc_message('<?xml version="1.0" encoding="ISO-8859-1"?>'),
'assertion' => t('Empty message with XML declaration correctly rejected during parsing.'),
),
array(
'message' => xmlrpc_message('<?xml version="1.0"?><params><param><value><string>value</string></value></param></params>'),
'assertion' => t('Non-empty message without a valid message type is rejected during parsing.'),
),
array(
'message' => xmlrpc_message('<methodResponse><params><param><value><string>value</string></value></param></methodResponse>'),
'assertion' => t('Non-empty malformed message is rejected during parsing.'),
),
);
foreach ($invalid_messages as $assertion) {
$this->assertFalse(xmlrpc_message_parse($assertion['message']), $assertion['assertion']);
}
}
}
class XMLRPCValidator1IncTestCase extends DrupalWebTestCase {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment